Snort mailing list archives
Oinkmaster Oddity
From: "Thompson, Jimi" <JimiT () mail cox smu edu>
Date: Wed, 31 Dec 2003 14:32:15 -0600
All, I've been having a bit of a problem with Oinkmaster. I thought I'd automate my update process a bit more so I installed Oinkmaster but couldn't get it run. I finally tracked down the problem. The user that was running Oinkmaster didn't have sufficient file privileges to write to the rules. I've pasted in a sample of the Oinkmaster output below. I'm using the Oinkmaster port from FreeBSD, so this may not apply to newer versions of Oinkmaster. Fixing the write permissions on the individual rules files solved the problem. However, the error message generated by Oinkmaster is more than a bit misleading. I googled this and found several posts with no reply, but I did find a note in CVS for Oinkmaster that reports that using the move() from File::Copy produces a false error message about "Cross-device link" so for the good of all, I'm posting this to the list in hopes that this will assist someone else and generally add to the sum total of human knowledge :) Happy Oinking, Jimi ------------------------------------------------------------------------ Downloading rules archive from http://www.snort.org/dl/rules/snortrules-stable.tar.gz... 11:30:04 URL:http://www.snort.org/dl/rules/snortrules-stable.tar.gz [116732/116732] -> "/tmp/oinkmaster.67491/snortrules.tar.gz" [1] Archive successfully downloaded, unpacking... done. Disabling rules according to /usr/local/etc/oinkmaster.conf... 0 rules disabled. Comparing new files to the old ones... done. Creating backup of old rules... saved as /usr/local/share/snortold/rules-backup-20031231-1130.tar.gz. Oinkmaster: Error: could not move /tmp/oinkmaster.67491/rules//snmp.rules to snmp.rules: Cross-device link Oink, oink. Exiting... ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Oinkmaster Oddity Thompson, Jimi (Dec 31)