Suricata installation difference between Rocky Linux 9 and 10

kevin_emo · March 30, 2026, 11:15am

Hello,

I’m looking for information as to why I’m able to execute dnf install suricata on Rocky Linux 9 and obtain the 7.X version, whereas Rocky Linux 10 can’t resolve the package.

I’ve installed the following basic repositories on both versions :

dnf install epel-release
/usr/bin/crb enable
dnf install https://rpms.remirepo.net/enterprise/remi-release-10.rpm

On Rocky Linux 9, the package is resolved properly and currently installs the 7.0.13 Suricata version, while on Rocky Linux 10, it isn’t able to resolve it.

ish · March 31, 2026, 2:37pm

I’m not sure what’s going on with EPEL and the RHEL 10 rebuilds these days, but Suricata releases its own RPMs which should work:

Suricata 8.0: https://copr.fedorainfracloud.org/coprs/g/oisf/suricata-8.0/
Suricata 7.0: https://copr.fedorainfracloud.org/coprs/g/oisf/suricata-7.0/

kevin_emo · March 31, 2026, 3:16pm

So, you would not recommend using EPEL’s repository to install Suricata ?

Last time I tried installing it that way on a clean Rocky Linux 10 instance, it errored out with multiple unresolved dependencies.

ish · March 31, 2026, 3:32pm

Given Suricata isn’t in the EPEL 10 repos, our RPMs are the best way.

Just need to be sure to use the correct chroot, for example on Alma or Rocky Linux 10:

dnf copr enable @oisf/suricata-8.0 rhel+epel-10-$(arch)

The default COPR EPEL10 chroots are for CentOS Stream and often use newer packages, causing unresolved dependencies. This was not the case for 8 and 9, so a bit annoying and still figuring out the best way to relay this to users.