Re: Bug Roundup--Chroot Broken?

[Chris Green <cmg () uab edu>]

Erek Adams <erek () theadamsfamily net> writes:

> chrooting seems a bit muddled.
>
> /local/home/snort is where I'm chroot'ing it at.  Since that's going to become
> the root, I've added dev, etc, var, usr, usr/local, local/home/snort and so on
> into it.  Snort starts, runs, logs, does it all....  Until I send it a SIGHUP.
> At that point, it would bail with the following:
>
> Received SIGHUP. Restarting

> Now, I'm guessing here--But is snort recursively chroot'ing itself?  Or am I
> not getting how chroot'ing should work?

You understand it.  The problem is that HUP basically tells snort to
restart itself by exec() and it reparses its own command line and
config file.

> Is anyone using snort as a chroot'ed user?  Or am I the only one who's this
> nutty?

Nope. It's been done by a few other nuts :>  You just have to live
with a full restart than an HUP. 
-- 
Chris Green <cmg () uab edu>
Laugh and the world laughs with you, snore and you sleep alone.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users