Re: [Snort-devel] Trying to develop a systemd snort script, running into errors removing/creating pid files

[waldo kitty <wkitty42 () windstream net>]

On 10/23/2014 3:31 PM, Josh Rosenbaum (jrosenba) wrote:
> Hi Tony,
>
> The pid file is created before Snort drops its permission to the level provided
> by the ‘-u’ option.   So, in this case, the pid file is created with superuser
> permissions.  Then, snort drops its permission level to the ‘snort’ user.
>   Finally, when exiting, Snort does not elevate its permissions back to the
> superuser.  So, the ‘snort’ user attempts to delete the pid file created and
> owned by superuser.  The result is the error that you mentioned.

FWIW: we have been seeing this in our product for quite a while... there was a 
patch for it at one time but i don't know what happened with it when we finally 
moved from manually updated source code to automated source code updating 
procedures so as to keep up with the way that snort handles its releases...

> I have created a bug in our system for this problem.

thank you, sir... i'm sure it will be appreciated by many ;)

-- 
  NOTE: No off-list assistance is given without prior approval.
        Please *keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!