Snort mailing list archives
RE: Snort user -u/-g and permissions docs?
From: Erek Adams <erek () snort org>
Date: Mon, 25 Aug 2003 12:06:23 -0400 (EDT)
On Sat, 23 Aug 2003, Gordon Cunningham wrote:
Sanitized for posting... Works with root: /<path to snort>/snort -d -D -u root -g root -c /<path to conf>/snort-eth0.conf -i eth0 Doesn't work with a non-su user in place of "root" above. User has permissions in the paths above, plus log path and pid file path.
Right. Makes perfect sense. Rule #1 of working on a problem with Snort that you can't figure out: Remove the "-D" switch. Rule #2 of working on a problem with Snort that you can't figure out: Remove the "-D" switch. Now that that is clear.... :) If you remove the -D you'll see Snort actually report an error. Try it. :) It's telling you that the user 'fred' (or whoever) doesn't have permissions to read the /dev/eth0 or /dev/bpf device. Solution, open up the perms on the device to the group that 'fred' is in, or use a chroot jail with the appropriate devices. Hrm... I wonder if you could duplicate the device with a mknod, then chown it to 'fred'? Looks like I'll need to test that. :) Cheers! ----- Erek Adams "When things get weird, the weird turn pro." H.S. Thompson ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort user -u/-g and permissions docs? Gordon Cunningham (Aug 22)
- Re: Snort user -u/-g and permissions docs? cc (Aug 22)
- RE: Snort user -u/-g and permissions docs? Gordon Cunningham (Aug 23)
- RE: Snort user -u/-g and permissions docs? Erek Adams (Aug 25)
- RE: Snort user -u/-g and permissions docs? Gordon Cunningham (Aug 23)
- Re: Snort user -u/-g and permissions docs? cc (Aug 22)