[Snort-users] Log file owned by root problem

sgt_b sgt_b at ...11733...
Thu May 6 12:09:02 EDT 2004

Hi Dan,

While the -u and -g switches tell snort to drop to those privileges, it 
does not do anything for the permissions on the logging directory. Keep 
in mind that only root can write to the default logging dir 
/var/log/snort. I'm not sure if this will work, but you might want to 
try changing the logging directory to one that user snort has 
permissions to write to (ie `snort -c /etc/snort/snort_eth0/snort.conf 
-i eth0 -u snort -g -l /path/to/dir').

bitless at ...1364... wrote:

>Snort seems to start fine but the problem is when the log 
>files are written the uid/gid is root/root I need them to be 
>snort/snort. My startup line is as follows,
>snort -c /etc/snort/snort_eth0/snort.conf -i eth0 -u snort -g 
>Shouldn't this output a log file with uid/gid snort/snort.
>All dirs and files are uid/gid snort/snort and anything else 
>I could think of.
>If anyone has any suggestion I would greatly appreciate them.
>This SF.Net email is sponsored by Sleepycat Software
>Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to 
>deliver higher performing products faster, at low TCO.
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>Snort-users list archive:

More information about the Snort-users mailing list