Snort mailing list archives
Re: @barnyard2 error
From: waldo kitty <wkitty42 () windstream net>
Date: Thu, 11 Jul 2013 04:50:47 -0400
On 7/11/2013 04:19, anagha b wrote:
Hi all At the time of install i installed snort for user anagha. If i run snort as root then snort starts packet processing but if i try to run snort other than root [as anagh]i get following error anagha@ubuntu~$ snort -c /srv/cloud/one/snort-2.9.4.6/etc/snort.conf -i eth0 Initializing Output Plugins! pcap DAQ configured to passive. Acquiring network traffic from "eth0". ERROR: Can't start DAQ (-1) - socket: Operation not permitted! Fatal Error, Quitting..
why can't you start snort as root and let it switch users? IIRC -u and -g ie: snort -c /etc/snort.conf -D -u snort -g snort -d -e -A Full -i eth0 the above runs snort as user snort and group snort...
I tried to start barnyard when*snort is running with root* but i configured databases access for specific user[I set this user for snort already] for barnyard i am getting error for barnyard when i run snort as root.
the user that snort runs as has nothing to do with the user that barnyard2 runs as... as long as barnyard2 can access the snort unified2 output file(s) and the database, then barnyard2 should be able to do its job...
barnyard2 -c /srv/cloud/one/barnyard2-2-1.13/etc/barnyard2.conf -f snort.u2 -w /var/log/snort/barnyard2.waldo error:Barnyard2 spooler: Event cache size set to [2048] Log directory = /var/log/snort/ INFO database: Defaulting Reconnect/Transaction Error limit to 10 INFO database: Defaulting Reconnect sleep time to 5 second database mysql_error: Access denied for user 'root'@'localhost' (using password: YES) Barnyard2 exiting database: Closing connection to database "db"
have you given that user the rights to access the database? -- NOTE: No off-list assistance is given without prior approval. Please keep mailing list traffic on the list unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- @barnyard2 error anagha b (Jul 11)
- Re: @barnyard2 error waldo kitty (Jul 11)