[Snort-users] Verify configuration as non root
gbenjamini at ...3964...
Thu Jun 16 13:05:24 EDT 2011
After an upgrade from 2.8 to 2.9 I tried to verify my Snort configuration with "snort -T".
The verification failed with the message: "ERROR: Active response: can't open ip!"
After some digging into the code it seems like the code was trying to open a raw socket, but failing since I was not running as root.
Using "--daq dump" as a workaround seems to work.
Are root permissions really needed to verify the configuration, or is that a bug ?
Is the workaround a reasonable one, or is there a better option ?
More information about the Snort-users