[Snort-devel] "config chroot" bug etc

Andreas Östling andreaso at ...387...
Thu Jan 1 06:21:09 EST 2004


According to the manual, "config chroot: <dir>" is valid, but that 
feature was removed from parser.c in rev 1.77.

# echo "config chroot: /tmp" > test.conf
# snort -c test.conf -l /tmp 2>&1 | grep ERROR
ERROR: Unknown config directive: config chroot: /tmp

I believe that the following patch against HEAD would work, by setting 
pv.chroot_dir so that SetChroot() is run later. If this feature was 
removed on purpose, maybe the manual should be updated instead.

--- parser.c.org        Wed Dec 31 15:03:18 2003
+++ parser.c    Wed Dec 31 15:05:26 2003
@@ -3594,6 +3594,17 @@
+    else if(!strcasecmp(config, "chroot"))
+    {
+        LogMessage("Found chroot config directive (%s)\n", args);
+        if(!(pv.chroot_dir = strdup(args)))
+            FatalError("Out of memory setting chroot dir from config file\n");
+        DEBUG_WRAP(DebugMessage(DEBUG_INIT, "Chroot directory = %s\n",
+                    pv.chroot_dir););
+        mSplitFree(&rule_toks,num_rule_toks);
+        mSplitFree(&config_decl,num_config_decl_toks);
+        return;
+    }
     else if(!strcasecmp(config, "umask"))
         char *p;

Btw, serveral config directives in the snort config file seem to have no 
effect since the pv.<foo> args are processed before the config file 
has even been read and set them, for example "config daemon" and "config 
bpf_file: ..." (maybe there are more). And pv.log_dir (if not set on 
command line) is set to DEFAULT_LOG_DIR before SanityChecks() is called, 
and before reading a possible "config logdir: ..." from the config file, 
so the sanity check will check the wrong dir. According to comments in the 
source, these things are not exactly unknown but it would still be nice 
if it was fixed.


More information about the Snort-devel mailing list