Reoccurence of NSS shared library not found in Suricata after firmware upgrade
-
After a recent firmware upgrade on Netgate SG-3100 (to 2.4.3-RELEASE-p1 (arm) built on Thu May 10 15:59:52 CDT 2018 FreeBSD 11.1-RELEASE-p10), Suricata service failed to start. Appears to be issue reported here back at beginning of year:
https://forum.pfsense.org/index.php?topic=143146.0;all
I see this:
$ ldd /usr/local/bin/suricata |grep 'not found' libnss3.so => not found (0) libsmime3.so => not found (0) libssl3.so => not found (0) libnssutil3.so => not found (0)$ cat /usr/local/libdata/ldconfig/nss /usr/local/lib/nss$ ls -l /usr/local/lib/nss total 3004 -rw-r--r-- 1 root wheel 86022 Mar 16 13:39 libcrmf.a -rw-r--r-- 1 root wheel 5560 Mar 16 13:39 libfreebl3.so -rw-r--r-- 1 root wheel 433652 Mar 16 13:39 libfreeblpriv3.so -rw-r--r-- 1 root wheel 1105524 Mar 16 13:39 libnss3.so -rw-r--r-- 1 root wheel 387600 Mar 16 13:39 libnssckbi.so -rw-r--r-- 1 root wheel 125628 Mar 16 13:39 libnssdbm3.so -rw-r--r-- 1 root wheel 150180 Mar 16 13:39 libnssutil3.so -rw-r--r-- 1 root wheel 142668 Mar 16 13:39 libsmime3.so -rw-r--r-- 1 root wheel 249696 Mar 16 13:39 libsoftokn3.so -rw-r--r-- 1 root wheel 275100 Mar 16 13:39 libssl3.so$ ldconfig -r | fgrep /usr/local/lib/nss $Like in the other thread, I ran /etc/rc.d/ldconfig start and success:
$ ldd /usr/local/bin/suricata | grep '/usr/local/lib/nss' libnss3.so => /usr/local/lib/nss/libnss3.so (0x20500000) libsmime3.so => /usr/local/lib/nss/libsmime3.so (0x20617000) libssl3.so => /usr/local/lib/nss/libssl3.so (0x20642000) libnssutil3.so => /usr/local/lib/nss/libnssutil3.so (0x2068e000)$ suricata -V This is Suricata version 4.0.4 RELEASEAny ideas for a fix to this behavior?
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.