Closed xusheng6 closed 11 months ago
We use very basic yara features just to do signature scanning, so it's fine to link any version if it's compatible with go-yara. I did attempt to statically link, though if you're seeing issues I guess i've done it wrong:
We use very basic yara features just to do signature scanning, so it's fine to link any version if it's compatible with go-yara. I did attempt to statically link, though if you're seeing issues I guess i've done it wrong:
Yeah, the libyara is not statically linked
Do you have any suggestions on how to correctly statically link the library?
Maybe related to this https://github.com/hillu/go-yara/issues/40
When I tried to run it on Ubuntu 22.04, I get an error message that
libyara.so.10
is missing. I installed thelibyara-dev
with apt, but it did not fix the problem, since the one that comes islibyara.so.8
. Manually building the libyara following this guide https://yara.readthedocs.io/en/stable/gettingstarted.html generates alibyara.so.10
and it works fine.Does GoReSym actually require the latest features of yara? Could it be built with an earlier version of it so that it runs out of the box on Ubuntu? Or, since yara comes with a quite permissive license (https://github.com/VirusTotal/yara/blob/master/COPYING), could GoReSym statically link with libyara.so.10?