broctl cron locks all bro processes

Hi all,

Recently, I have installed bro 2.1 in a FreeBSD 9.1 amd64 host (compiled from source). All work as expected except for “broctl cron” job … I have configured this job to run every 5 min (like Bro’s documentation says), but every time locks all bro processes:

41561 ?? I 0:00.01 bash /opt/bro/share/broctl/scripts/run-bro -i em4 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto
41572 ?? R 215:33.48 /opt/bro/bin/bro -i em4 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto
41590 ?? SN 0:48.43 /opt/bro/bin/bro -i em4 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto
41695 ?? I 0:00.00 cron: running job (cron)
41699 ?? Is 0:00.22 /usr/local/bin/python /usr/local/bin/broctl cron (python2.7)
41731 ?? Is 0:00.01 sh
41745 ?? I 0:00.00 cron: running job (cron)
41748 ?? Is 0:00.17 /usr/local/bin/python /usr/local/bin/broctl cron (python2.7)
41774 ?? Is 0:00.01 /usr/sbin/sendmail -FCronDaemon -odi -oem -oi -t
41775 ?? Is 0:00.01 sh
41777 ?? I 0:00.00 cron: running job (cron)
41780 ?? Is 0:00.20 /usr/local/bin/python /usr/local/bin/broctl cron (python2.7)
41813 ?? Is 0:00.01 /usr/sbin/sendmail -FCronDaemon -odi -oem -oi -t
41814 ?? Is 0:00.01 sh
41828 ?? I 0:00.00 cron: running job (cron)
41831 ?? Is 0:00.19 /usr/local/bin/python /usr/local/bin/broctl cron (python2.7)
41857 ?? Is 0:00.01 /usr/sbin/sendmail -FCronDaemon -odi -oem -oi -t
41858 ?? Is 0:00.01 sh
41862 ?? I 0:00.00 cron: running job (cron)
41866 ?? Is 0:00.19 /usr/local/bin/python /usr/local/bin/broctl cron (python2.7)
41898 ?? Is 0:00.01 /usr/sbin/sendmail -FCronDaemon -odi -oem -oi -t
41899 ?? Is 0:00.01 sh
41901 ?? I 0:00.00 cron: running job (cron)
41905 ?? Is 0:00.19 /usr/local/bin/python /usr/local/bin/broctl cron (python2.7)
41942 ?? Is 0:00.01 /usr/sbin/sendmail -FCronDaemon -odi -oem -oi -t
41943 ?? Is 0:00.01 sh
42935 ?? I 0:00.00 cron: running job (cron)
42939 ?? Is 0:00.15 /usr/local/bin/python /usr/local/bin/broctl cron (python2.7)
43003 ?? Is 0:00.01 /usr/sbin/sendmail -FCronDaemon -odi -oem -oi -t
43004 ?? Is 0:00.01 sh

If I try to run any broctl command:

Welcome to BroControl 1.1

Type “help” for help.

[BroControl] > status
waiting for lock …cannot get lock

How can I debug this?? Is it safe to run “kill -9” over these processes?? And how can I unlock using broctl command??

Thanks.

Did you check that your cron jobs are running as the same user
that you're using to run broctl manually?

What happens if you try to run "broctl cron" manually? (you'll
first need to kill all of the hung processes and temporarily
remove broctl from your crontab)

First of all. sorry for the later response. I have tried to run broctl cron
manually and this is the error message:

warning: cannot get list of local IP addresses

.. and I don't understand it ...

Bro process runs as a root user ...

The warning message you saw just means that a script
called "local-interfaces" failed for some reason.
Try running this script (replace <prefix> with the bro install
prefix directory that you are using):
<prefix>/share/broctl/scripts/local-interfaces

and then immediately type "echo $?"

Uhmm .. I do not know if this is correct.

root@nsm01:~# /opt/bro/share/broctl/scripts/local-interfaces
10.196.0.106
fe80::250:56ff:fe35:22bb
172.17.22.4
fe80::250:56ff:fe2c:47d
172.17.24.4
fe80::250:56ff:fe0e:6fd2
172.17.25.4
fe80::250:56ff:fe1d:a2db
fe80::250:56ff:fe1e:94f
::1
fe80::1
127.0.0.1
root@nsm01:~# echo $?
0

Please, any help??

When you built Bro did you use any particular configure options or did you leave it all at the defaults?

  .Seth

No, I use these ones:

./configure --prefix=/opt/bro --enable-perftools --disable-ruby
--conf-files-dir=/data/config/etc/bro/conf
--scriptdir=/data/config/etc/bro/scripts

Sounds like a bug then. Do you have an account in our ticket tracker?

  .Seth

Account details sent off-list.

  .Seth