Snort mailing list archives
Re: Running Snort Daemon Problem
From: Chris Green <cmg () uab edu>
Date: Tue, 29 Jan 2002 12:33:38 -0600
"Bill" <wkuhn () adelphia net> writes:
Hello, I am trying to get Snort 1.7 installed on a Linux Server
Ancient snort alert. Upgrade to stable CVS.
... I installed the snort rpm and the tarball... I had to do that because the RPM doesn't have the ability to log to postgresql database... I try to start the snortd daemon and it gives me an error: snortd: /etc/snort/snort.conf: Permission Denied Here is the Start Section of the snortd (located in /etc/rc.d/init.d): start) echo -n "Starting snort: " daemon /usr/local/bin/snort -u snort -dev -D \ -i $INTERFACE -l /var/log/snort -u snort -g snort -c /etc/snort/snort.conf -b touch /var/lock/subsys/snort echo ;;
That looks like the old chroot daemon script. Where is this RPM from?
The Snort binary is owned by root and the group is snort (was root but same error). The /etc/snort directory is owned by root and group of root, the permissions are 755 (rwxr_xr_x). The files in the /etc/snort directory are owned by root and the group is snort (this includes snort.conf) The snort.conf is in mode 640....
There is a missing \ at the end of your '-c' line daemon /usr/local/bin/snort -u snort -dev -D \ -i $INTERFACE -l /var/log/snort -u snort -g snort -c \ /etc/snort/snort.conf -b -v shouldn't be used in daemon mode If you're feeling brave, remove all the RPMs and bits of snort you currently have installed and try some testing RPMS of the current stable snapshot: ftp://helium.tucc.uab.edu/pub/snort-rpm (compiled on rh7.2) -- Chris Green <cmg () uab edu> "I'm beginning to think that my router may be confused." _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Running Snort Daemon Problem Bill (Jan 29)
- Re: Running Snort Daemon Problem Chris Green (Jan 29)
- <Possible follow-ups>
- RE: Re: Running Snort Daemon Problem Bill (Jan 30)
- Re: Running Snort Daemon Problem Chris Green (Jan 30)
- Re: Running Snort Daemon Problem Martin Roesch (Jan 31)
- Cisco IDS blade in Catalys switch Jerry A. Shenk (Jan 30)
- Re: Cisco IDS blade in Catalys switch Ryan Russell (Jan 30)
- RE: Cisco IDS blade in Catalyst switch Jerry A. Shenk (Jan 30)
- SV: Cisco IDS blade in Catalys switch Arne Opdal (Jan 30)
- Re: Cisco IDS blade in Catalys switch Jason Costomiris (Jan 30)
- Re: Running Snort Daemon Problem Chris Green (Jan 30)