Snort mailing list archives
RE: Fatal Error OpenLogFile
From: "Scott" <scottr () vdot net>
Date: Wed, 25 Jul 2001 22:32:34 -0400
I have tried to get snort to run as owner/group of snort, but it won't. I'm using snort 1.8 build 43. It will only run as root and only write logs for root/root. Any suggestions as to how I would go about making snort run and log as owner/group snort? BTW here is how I'm starting snort daemon /usr/sbin/snort -u root -g root -s -d -D \ -i eth1 -l /var/log/snort -c /etc/snort/snort.conf touch /var/lock/subsys/snort I have tried changing the -u and -g to snort which is a group in my groups files and I've changed the /var/log/snort to owner/group of snort. When owner/group is snort and /var/log/snort is also group/owner snort I still get the OpenLogFile error. TIA Scotty
-----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of J. C. Woods Sent: Wednesday, July 25, 2001 4:49 PM To: Chris Owen Cc: 'Scott'; 'snort-users () lists sourceforge net' Subject: Re: [Snort-users] Fatal Error OpenLogFile Hmmm, Are you sure you want to do this? For security reason, I would start the snort daemon to be owned by snort, and have "/var/log/snort" owned by snort too. At least this method works well for me.... drjung Chris Owen wrote:If the directory doesn't exist, create it with mkdir -p /var/log/snort If you're running snort as root try root:root and 700. chown -R root /var/log/snort chgrp -R root /var/log/snort chmod 700 /var/log/snort If you're running snort as a different user (with the -u switch when starting snort) then you will need to have the directory ownedby that user.Chris. -----Original Message----- From: Scott [mailto:scottr () vdot net] Sent: Wednesday, July 25, 2001 12:39 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Fatal Error OpenLogFile What should the permissions and owner/group of the/var/log/snort directory?If keep getting FATAL ERROR: ERROR: OpenLogFile() => mkdir(/var/log/snort/xx.xxx.xxx.xx) log directory: Permission denied and then snort dies. TIA Scotty _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Fatal Error OpenLogFile Chris Owen (Jul 25)
- RE: Fatal Error OpenLogFile Scott (Jul 25)
- Re: Fatal Error OpenLogFile J. C. Woods (Jul 25)
- RE: Fatal Error OpenLogFile Scott (Jul 25)
- RE: Fatal Error OpenLogFile Erek Adams (Jul 25)
- RE: Fatal Error OpenLogFile Scott (Jul 25)
- RE: Fatal Error OpenLogFile Scott (Jul 25)
- RE: Fatal Error OpenLogFile Erek Adams (Jul 26)
- Individual rule msg definitions Scott (Jul 26)
- Re: Individual rule msg definitions Dragos Ruiu (Jul 27)
- RE: Individual rule msg definitions Scott (Jul 27)
- Re: Individual rule msg definitions Chris Green (Jul 27)
- RE: Fatal Error OpenLogFile Scott (Jul 25)
- <Possible follow-ups>
- RE: Fatal Error OpenLogFile Klimarchuk John (Jul 25)