Snort mailing list archives
Re: Log file owned by root problem
From: sgt_b <sgt_b () security-forums com>
Date: Thu, 06 May 2004 14:07:22 -0500
Hi Dan,While the -u and -g switches tell snort to drop to those privileges, it does not do anything for the permissions on the logging directory. Keep in mind that only root can write to the default logging dir /var/log/snort. I'm not sure if this will work, but you might want to try changing the logging directory to one that user snort has permissions to write to (ie `snort -c /etc/snort/snort_eth0/snort.conf -i eth0 -u snort -g -l /path/to/dir').
bitless () rcn com wrote:
Hi,Snort seems to start fine but the problem is when the log files are written the uid/gid is root/root I need them to be snort/snort. My startup line is as follows,snort -c /etc/snort/snort_eth0/snort.conf -i eth0 -u snort -g snortShouldn't this output a log file with uid/gid snort/snort.All dirs and files are uid/gid snort/snort and anything else I could think of.If anyone has any suggestion I would greatly appreciate them. TIA Dan ------------------------------------------------------- This SF.Net email is sponsored by Sleepycat SoftwareLearn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO.http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.Net email is sponsored by Sleepycat SoftwareLearn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Log file owned by root problem bitless (May 06)
- Re: Log file owned by root problem sgt_b (May 06)
- Re: Log file owned by root problem Matt Kettler (May 06)
- Re: Log file owned by root problem Bamm Visscher (May 06)
- <Possible follow-ups>
- Log file owned by root problem bitless (May 10)
- RE: Log file owned by root problem SRH-Lists (May 10)