Snort mailing list archives
Re: HUP causes wierd msgs in snort-1.8.1-beta6
From: Jason Haar <Jason.Haar () trimble co nz>
Date: Wed, 8 Aug 2001 10:08:52 +1200
On Tue, Aug 07, 2001 at 02:56:22PM -0700, Erek Adams wrote:
But the short answer is this: Due to the way the execv(2) call works, it "Restarts" snort from scratch. This has the odd side effect of making HUPS to a chrooted snort become recursive. For example, chroot to /snort. It now sees /snort as / . Now HUP snort. Snort now expects to have /snort/snort as / . In other words, you have to re-create your directories for your jail inside it. 4 HUPS and you will be in /snort/snort/snort/snort . *bleh*
I don't think this applies to me. I'm not running "snort -t", I'm running: chroot dir /usr/sbin/snort -u snort ..... i.e. *I* set up the jail - not snort. So snort should be self-contained. HUP should work as normal. On our DMZ hosts, I make a habit of "manually" chroot'ing any network app I can - HUP works as expected on squid,sockd,apache and mysql, so I can't understand why snort has difficulties. -- Cheers Jason Haar Unix/Special Projects, Trimble NZ Phone: +64 3 9635 377 Fax: +64 3 9635 417 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- HUP causes wierd msgs in snort-1.8.1-beta6 Jason Haar (Aug 07)
- Re: HUP causes wierd msgs in snort-1.8.1-beta6 Erek Adams (Aug 07)
- Re: HUP causes wierd msgs in snort-1.8.1-beta6 Jason Haar (Aug 07)
- Re: HUP causes wierd msgs in snort-1.8.1-beta6 Erek Adams (Aug 08)
- Re: HUP causes wierd msgs in snort-1.8.1-beta6 Jason Haar (Aug 07)
- Re: HUP causes wierd msgs in snort-1.8.1-beta6 Erek Adams (Aug 07)