[Snort-users] Snort & Barnyard permission issues
mashisu_zakku at ...13464...
Wed Jul 11 22:23:10 EDT 2007
I am currently trying to setup Snort-Barnyard-SGUIL on a
gentoo machine and am running into permission problems
with the unified output files.
I am currently running snort from root with the following:
snort -u snort -i eth0 -c /etc/snort/snort.conf
It is outputting unified output logs to /var/log/snort but
they are created as root for some reason.
Therefore, unless i run barnyard as root i get "Unable to
open log spool file xxxx Permission denied" as you would
When i check with top i can confirm that snort is running
as the "snort" user so why are these files being created
I thought i had it working before creating the files as
"snort" but for some reason i can only get it to output
snort_unified.log as root.
If anyone has encountered this issue, please let me know
how you resolved it.
Easy + Joy + Powerful = Yahoo! Bookmarks x Toolbar
More information about the Snort-users