[Snort-users] chroot problems with Red Hat Advanced server

Chapman, Justin T JtChapma at ...8815...
Thu Apr 24 11:39:01 EDT 2003


That seems to have fixed it.  Thanks!  

It's odd, because with previous versions of snort, the log directory (-l)
and config file location (-c) were relative to the chrooted path, not to the
real root path. 

thanks again,

--justin
It's never too late to panic.

-----Original Message-----
From: Charles Philip Chan [mailto:cpchan at ...3945...] 
Sent: Wednesday, April 23, 2003 10:43 PM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] chroot problems with Red Hat Advanced server


On Wed, 23 Apr 2003 12:01:06 -0700
"Chapman, Justin T" <JtChapma at ...8815...> wrote:

I had the same problem and here is my solution.

> When I try to start snort with the above command, I get the following
> error:
> 	ERROR: log directory 'log' does not exist
> 	Fatal Error, Quitting..

You must specify the full path to the log. In your case:

/home/snort/log. The directory must also be readable and writable by the
user snort or group since that is the uid and gid you are using.

You must also make sure you are logging to mysql only. If you are
logging to syslog also, you must create a dev directory containing the
log device (just cp it from the /dev directory). In this case you must
also start syslogd with the -a /home/snort/dev/log switch.

Charles

-- 
The nice thing about Windows is - It does not just crash, it displays a
dialog box and lets you press 'OK' first.
(Arno Schaefer's .sig)




More information about the Snort-users mailing list