Libguestfs - Dec 2019 - Re: Libguestfs with Yara rules error

Sorry Richard. Now I will attach you debug file.

El 21/12/2019 a las 16:38, Luis Fueris escribió:
>
> Hi Richard.
>
> Few days ago, I installed libyara a libguestfs properly. But when I 
> load a yara rule and scan it via guestfs_yara_scan, my binary 
> throughts following error:
>
> libguestfs: error: deserialise_yara_detection_list: Success
>
> And function exists with NULL value. As we can see this function is on 
> lib/yara.c from libguestfs git. I think that these yara functions are 
> an integration for yara C api. All debug and trace log is in 
> libguestfs-yara.debug file.
>
>
> El 10/12/2019 a las 09:46, Richard W.M. Jones escribió:
>> On Tue, Dec 10, 2019 at 09:19:47AM +0100, Luis wrote:
>>> I am using libguestfs 1.40.2 and yara 3.11.0 but when I execute my
program
>>> it thoughts the following error:
>>>
>>> $> ./yara-guestfs
>>> libguestfs: error: yara_load: feature 'libyara' is not
available in this
>>> build of libguestfs.  Read 'AVAILABILITY' in the guestfs(3)
man page for
>>>
>>> If we check the manual, in guestfs appears guestfs_yara_load
function so
>>> libyara is installed. I installed and compiled it from tarballs.
>> This function:
>>
>>
https://github.com/libguestfs/libguestfs/blob/4aa4edf972bc8df8869cdcaa4ab4f40b63a626cf/daemon/yara.c#L308
>>
>> returns 1 if HAVE_YARA is defined.  This is defined by this
>> ./configure test:
>>
>>
https://github.com/libguestfs/libguestfs/blob/4aa4edf972bc8df8869cdcaa4ab4f40b63a626cf/m4/guestfs-daemon.m4#L128
>>
>> In other words it depends how libguestfs was configured.  Where
>> did you get libguestfs from?  How was it compiled?
>>
>> Rich.
>>

On Sat, Dec 21, 2019 at 04:39:44PM +0100, Luis Fueris
wrote:
> \x1b[2J
SeaBIOS (version 1.10.2-1ubuntu1)
> 
Booting from ROM...
> \x1b[2J[    0.000000] Linux version 5.0.0-37-generic
(buildd@lcy01-amd64-023) (gcc version 7.4.0 (Ubuntu 7.4.0-1ubuntu1~18.04.1))
#40~18.04.1-Ubuntu SMP Thu Nov 14 12:06:39 UTC 2019 (Ubuntu
5.0.0-37.40~18.04.1-generic 5.0.21)
So it's the Ubuntu version.  I guess Yara support is broken there.
You might want to try compiling from source and looking closely at the
./configure output.  Read this first:

http://libguestfs.org/guestfs-building.1.html

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top