[Snort-devel] problem with snort 1.9.0 in chroot

Krzysztof Stryjek wtp at ...1645...
Thu Oct 24 13:36:04 EDT 2002


My environment:
snort 1.9.0 (just upgraded)

my configuration:
script for daemontools '/var/service/snort_xl0/run'
-------------------- cut here --------------------

exec $snort -i xl0 -d -t $snorth -u $ug -g $ug -e -p -o -c $sncfg -l log/
-------------------- cut here --------------------

[root]$ ll /home/snort/
total 10
drwxr-xr-x  2 xten  xten   512  2 Sie  2001 dev/
drwxr-xr-x  2 xten  xten  1024 24 Paz 04:54 etc/
drwxr-xr-x  2 xten  xten   512 24 Paz 04:56 log/
drwxr-xr-x  2 xten  xten  1536 24 Paz 04:29 rules/
drwxr-xr-x  2 xten  xten   512 14 Maj 02:48 tmp/

Trying to run snort as deamontools do:

[root]$ sh /var/service/snort_xl0/run
Initializing Output Plugins!
ERROR: log directory 'log/' does not exist
Fatal Error, Quitting..

Another test:

[root]$ /usr/local/bin/snort -i xl0 -d -t /home/snort -u xten -g xten -e
-p -o -c etc/snort.conf -l /home/snort/log
Initializing Output Plugins!
Log directory = /home/snort/log

Initializing Network Interface xl0

        --== Initializing Snort ==--
Rule application order changed to Pass->Alert->Log

[!] ERROR: Can not get write access to logging directory
(directory doesn't exist or permissions are set incorrectly
or it is not a directory at all)

Fatal Error, Quitting..

So then I've tried this hint :-)

[root]$ mkdir log
[root]$ sh /var/service/snort_xl0/run
And everything is OK (snort starts without problems)

Do you have any ideas what's going on?

Well, in previous versions (till 1.8.7) I have not any problems.

For me (I didn't seek in sources) it looks, like option '-l' is checked
twice? Is this possible?

P.S. I am out of list, so fill free to write me directly.
/~\ The ASCII                  Krzysztof Stryjek
\ / Ribbon Campaign               wtp at ...1645...
 X  Against HTML              http://mud.pl/~wtp/
/ \ Email!               GG: 3608113   ICQ: 124986907

All progress is based upon a universal innate desire on the part of
every organism to live beyond its income.
		-- Samuel Butler

More information about the Snort-devel mailing list