[Snort-users] Log file owned by root problem

Bamm Visscher bamm at ...539...
Thu May 6 12:59:10 EDT 2004


All of the file descriptors or opened prior to releasing the root privs. You can run with -m 022 to at least change the umask on the files. IIRC, Chris Green went back and forth over this a few times many releases ago (when to drop privs).

Bammkkkk

On Thu, May 06, 2004 at 01:53:50PM -0400, bitless at ...1364... wrote:
> Hi,
> 
> Snort seems to start fine but the problem is when the log 
> files are written the uid/gid is root/root I need them to be 
> snort/snort. My startup line is as follows,
> 
> snort -c /etc/snort/snort_eth0/snort.conf -i eth0 -u snort -g 
> snort
> 
> Shouldn't this output a log file with uid/gid snort/snort.
> All dirs and files are uid/gid snort/snort and anything else 
> I could think of.
> 
> If anyone has any suggestion I would greatly appreciate them.
> 
> TIA
> 
> Dan




More information about the Snort-users mailing list