i setup run suricata user: suricata, group: suricata
suricata.yaml
##############################################################################
##
## Advanced settings below
##
##############################################################################
##
## Run Options
##
# Run Suricata with a specific user-id and group-id:
#run-as:
user: suricata
group: suricata
You might just need to remove the file /var/run/suricata/suricata-command.socket as it looks like it exists and it is not automatically removed when Suricata exits.