Snort mailing list archives
Re: Bug Roundup--Chroot Broken?
From: Chris Green <cmg () uab edu>
Date: 06 Jul 2001 21:18:09 -0500
Erek Adams <erek () theadamsfamily net> writes:
chrooting seems a bit muddled. /local/home/snort is where I'm chroot'ing it at. Since that's going to become the root, I've added dev, etc, var, usr, usr/local, local/home/snort and so on into it. Snort starts, runs, logs, does it all.... Until I send it a SIGHUP. At that point, it would bail with the following: Received SIGHUP. Restarting
Now, I'm guessing here--But is snort recursively chroot'ing itself? Or am I not getting how chroot'ing should work?
You understand it. The problem is that HUP basically tells snort to restart itself by exec() and it reparses its own command line and config file.
Is anyone using snort as a chroot'ed user? Or am I the only one who's this nutty?
Nope. It's been done by a few other nuts :> You just have to live with a full restart than an HUP. -- Chris Green <cmg () uab edu> Laugh and the world laughs with you, snore and you sleep alone. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Bug Roundup--Chroot Broken? Erek Adams (Jul 06)
- Re: Bug Roundup--Chroot Broken? Chris Green (Jul 06)
- Re: Bug Roundup--Chroot Broken? Erek Adams (Jul 07)
- Re: Bug Roundup--Chroot Broken? Chris Green (Jul 06)