Snort mailing list archives
Snort Reloading Conf/Rules with SIGHUP Causes Snort To Exit
From: Eoin Miller <eoin.miller () trojanedbinaries com>
Date: Fri, 06 May 2011 20:33:21 +0000
Found this in my logs when trying to troubleshoot this: ---SNIP--- May 6 15:59:21 snort: Reload via Signal HUP does not work if you aren't root or are chroot'ed. May 6 15:59:21 kernel: device eth1 left promiscuous mode May 6 15:59:21 kernel: device eth2 left promiscuous mode May 6 15:59:21 kernel: device bond0 left promiscuous mode ... May 6 15:59:23 snort: Snort exiting ---SNIP--- Could the manual be updated to let users know that they must be running as the root and not be chroot'ed? Also, is it possible that the process does not try to SIGHUP if the process is running under the context of users *other* than root? If it could just spit something out to the std_err and make a syslog entry, that would be helpful to end users as well. At least that way the process would continue to run without just exiting when you try to do a reload of the configs/rules. -- Eoin ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Reloading Conf/Rules with SIGHUP Causes Snort To Exit Eoin Miller (May 07)