[Snort-users] Snort & Barnyard permission issues

マシス・ザッカリー mashisu_zakku at ...13464...
Wed Jul 11 22:23:10 EDT 2007


I am currently trying to setup Snort-Barnyard-SGUIL on a
gentoo machine and am running into permission problems
with the unified output files.

I am currently running snort from root with the following:
snort -u snort -i eth0 -c /etc/snort/snort.conf
/var/log/snort

It is outputting unified output logs to /var/log/snort but
they are created as root for some reason.
Therefore, unless i run barnyard as root i get "Unable to
open log spool file xxxx Permission denied" as you would
expect.

When i check with top i can confirm that snort is running
as the "snort" user so why are these files being created
as root??

I thought i had it working before creating the files as
"snort" but for some reason i can only get it to output
snort_unified.log as root.

If anyone has encountered this issue, please let me know
how you resolved it.


--------------------------------------
Easy + Joy + Powerful = Yahoo! Bookmarks x Toolbar
http://pr.mail.yahoo.co.jp/toolbar/





More information about the Snort-users mailing list