Suricata-update on windows supported?

I’m trying to run suricata-update on Windows and getting this error:

7/11/2020 – 10:24:31 - < Error > – Failed to copy file: [Errno 13] Permission denied: 'C:\Users\runneradmin\AppData\Local\Temp\tmpb4uwa5d0’

From a quick look I am guessing may be related to tempfile.NamedTemporaryFile semantics on Windows, where the temp name cannot be used to open the file twice.

But before investigating further, can someone confirm if suricata-update is currently expected to work on Windows?


It is expected to work though it is not tested well. It is not included by default to the MSI packaging but would love to get some feedback to make those improvements and include it. Would be happy to provide any info from the tests systems here to cross reference.

How do you run Suricata - under a regular user or Admin ?
What is the output of suricata --build-info ?
What Windows do you run it under?

Thanks Peter. This is running under Administrator. Windows version 2019. I don’t even suricata on the path, so no --build-info. Here’s the output when I run:

C:\Users\henridf\tmp\suricata-update-master> \Python39\python.exe bin\suricata-update
[32m8/11/2020 – 16:14:34 [0m - < [38;5;208mWarning [0m> – [38;5;208mNo suricata application binary found on path. [0m
[32m8/11/2020 – 16:14:34 [0m - < [33mInfo [0m> – Using default Suricata version of 4.0.0 [0m
[32m8/11/2020 – 16:14:34 [0m - < [33mInfo [0m> – No sources configured, will use Emerging Threats Open [0m
[32m8/11/2020 – 16:14:34 [0m - < [33mInfo [0m> – Fetching [0m
[32m8/11/2020 – 16:14:36 [0m - < [1;31mError [0m> – [1;31mFailed to copy file: [Errno 13] Permission denied: ‘C:\Users\henridf\AppData\Local\Temp\tmpzz265vj7’ [0m

It looks like the error is raised here:

Based on the documentation for tempfile.NamedTemporaryFile it looks like this error is due to the only-open-once semantics of those files on Windows.

I’ve got a branch at that no longer exhibits the problem and that I’d be happy to put up as a PR.


We have 2 issues in our bug tracker for Windows support. The first is with respect to temporary files as you have seen:

Its probably more than just permissions. I think the tempfile is more about a file being open for reading and writing at the same time, which is about the extent I debugged this to at one point, probably the same issue you fixed here.

The second issue is just generic work better on Windows:

Ah thanks, I somehow missed the bug tracker.

Next issue I ran into (also fixed on the same branch) is that os.rename fails on windows when the destination file exists.