Richard W.M. Jones
2019-Dec-10 08:46 UTC
Re: [Libguestfs] Libguestfs with Yara rules error
On Tue, Dec 10, 2019 at 09:19:47AM +0100, Luis wrote:> I am using libguestfs 1.40.2 and yara 3.11.0 but when I execute my program > it thoughts the following error: > > $> ./yara-guestfs > libguestfs: error: yara_load: feature 'libyara' is not available in this > build of libguestfs. Read 'AVAILABILITY' in the guestfs(3) man page for > > If we check the manual, in guestfs appears guestfs_yara_load function so > libyara is installed. I installed and compiled it from tarballs.This function: https://github.com/libguestfs/libguestfs/blob/4aa4edf972bc8df8869cdcaa4ab4f40b63a626cf/daemon/yara.c#L308 returns 1 if HAVE_YARA is defined. This is defined by this ./configure test: https://github.com/libguestfs/libguestfs/blob/4aa4edf972bc8df8869cdcaa4ab4f40b63a626cf/m4/guestfs-daemon.m4#L128 In other words it depends how libguestfs was configured. Where did you get libguestfs from? How was it compiled? Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/
Hi Richard. Few days ago, I installed libyara a libguestfs properly. But when I load a yara rule and scan it via guestfs_yara_scan, my binary throughts following error: libguestfs: error: deserialise_yara_detection_list: Success And function exists with NULL value. As we can see this function is on lib/yara.c from libguestfs git. I think that these yara functions are an integration for yara C api. All debug and trace log is in libguestfs-yara.debug file. El 10/12/2019 a las 09:46, Richard W.M. Jones escribió:> On Tue, Dec 10, 2019 at 09:19:47AM +0100, Luis wrote: >> I am using libguestfs 1.40.2 and yara 3.11.0 but when I execute my program >> it thoughts the following error: >> >> $> ./yara-guestfs >> libguestfs: error: yara_load: feature 'libyara' is not available in this >> build of libguestfs. Read 'AVAILABILITY' in the guestfs(3) man page for >> >> If we check the manual, in guestfs appears guestfs_yara_load function so >> libyara is installed. I installed and compiled it from tarballs. > This function: > > https://github.com/libguestfs/libguestfs/blob/4aa4edf972bc8df8869cdcaa4ab4f40b63a626cf/daemon/yara.c#L308 > > returns 1 if HAVE_YARA is defined. This is defined by this > ./configure test: > > https://github.com/libguestfs/libguestfs/blob/4aa4edf972bc8df8869cdcaa4ab4f40b63a626cf/m4/guestfs-daemon.m4#L128 > > In other words it depends how libguestfs was configured. Where > did you get libguestfs from? How was it compiled? > > Rich. >
I did not send you the project I did with Libguestfs... Futhermore there is a git repo here! https://gitlab.com/luisfm/fitz-roy and a post on my blog http://acmpxyz.com/fitz_roy.html. Thanks so much for that terrific library in order to access VMs! Cheers and merry christmas! El sáb., 21 dic. 2019 a las 23:47, Luis Fueris (<luisfueris@gmail.com>) escribió:> Hi Richard. > > Few days ago, I installed libyara a libguestfs properly. But when I load > a yara rule and scan it via guestfs_yara_scan, my binary throughts > following error: > > libguestfs: error: deserialise_yara_detection_list: Success > > And function exists with NULL value. As we can see this function is on > lib/yara.c from libguestfs git. I think that these yara functions are an > integration for yara C api. All debug and trace log is in > libguestfs-yara.debug file. > > > El 10/12/2019 a las 09:46, Richard W.M. Jones escribió: > > On Tue, Dec 10, 2019 at 09:19:47AM +0100, Luis wrote: > >> I am using libguestfs 1.40.2 and yara 3.11.0 but when I execute my > program > >> it thoughts the following error: > >> > >> $> ./yara-guestfs > >> libguestfs: error: yara_load: feature 'libyara' is not available in this > >> build of libguestfs. Read 'AVAILABILITY' in the guestfs(3) man page for > >> > >> If we check the manual, in guestfs appears guestfs_yara_load function so > >> libyara is installed. I installed and compiled it from tarballs. > > This function: > > > > > https://github.com/libguestfs/libguestfs/blob/4aa4edf972bc8df8869cdcaa4ab4f40b63a626cf/daemon/yara.c#L308 > > > > returns 1 if HAVE_YARA is defined. This is defined by this > > ./configure test: > > > > > https://github.com/libguestfs/libguestfs/blob/4aa4edf972bc8df8869cdcaa4ab4f40b63a626cf/m4/guestfs-daemon.m4#L128 > > > > In other words it depends how libguestfs was configured. Where > > did you get libguestfs from? How was it compiled? > > > > Rich. > > >-- Luis Fueris PUBLIC KEY ID: B7B00196 SERVER: https://pgp.mit.edu/ SEARCH STRING: Fueris