How python subprocess can detect a negative exit code? How to force it return 0 instead?

python suricata pkill

The documentation you've linked says

A negative value -N indicates that the child was terminated by signal N (POSIX only).

This implies that the process run by subprocess.call() was killed by SIGUSR2 (since SIGUSR2 is 12).

Since you're using shell=True, there will be a process with the command line sh -c '... suricata', which will be matched by pkill -f (since -f means The pattern is normally only matched against the process name. When -f is set, the full command line is used.).

You may want to do

ret = subprocess.call([
  shutil.which("pkill"),
  "-SIGUSR2",
  "-f",
  "/usr/bin/suricata",
])

to avoid the additional shell process.

Better yet, you could use e.g. psutil to find the Suricata process and kill it.

EDIT

From the comments:

However pkill -SIGUSR2 -F /var/run/suricata.pid is enough

If you have a pidfile at hand, you don't need pkill for anything...

import os
import signal

with open("/var/run/suricata.pid", "r") as pidfile:
  pid = int(pidfile.read().strip())
  os.kill(pid, signal.SIGUSR2)

Related

Websocket connection to binance api returns error
clarity.js by Microsoft slowing overall page loads
.NET Core 3.1 - SAP Connector - Could not load type 'System.ServiceModel.Activation.VirtualPathExtension'
Pine Script: All three indicators have to confirm trend
Keep Jupyter notebook running with Macbook closed
$ KC $ spaces imply $ US $ spaces , but vise versa is false.
Möbius transformations on $D$ such that $f(D)=D$
Proving Invertibility and Eigenvalues
How to scale numbers from one range to another range?
Is this a valid proof of $f(S \cap T) \subseteq f(S) \cap f(T)$?
Zero Divisors in Direct Product of Rings [duplicate]
Polya's formula for determining the number of six-sided dice