Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 23 Oct 2002 20:22:56 -0700
From:      Kris Kennaway <kris@obsecurity.org>
To:        Krzysztof Stryjek <wtp@mud.pl>
Cc:        kris@FreeBSD.org, ports@FreeBSD.org
Subject:   Re: snort port in FreeBSD
Message-ID:  <20021024032256.GA31730@xor.obsecurity.org>
In-Reply-To: <20021024051300.R53209-100000@kryptos.mud.pl>
References:  <20021024051300.R53209-100000@kryptos.mud.pl>
next in thread | previous in thread | raw e-mail | index | archive | help 

--4Ckj6UjgE2iN1+kY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Oct 24, 2002 at 05:19:24AM +0200, Krzysztof Stryjek wrote:
> Hello,
>=20
> I think there is sth wrong with snort. This is my configuration.
>=20
> I use daemontools to run snort with such script:
> -------------------- cut here --------------------
> #!/bin/sh
>=20
> snorth=3D/home/snort
> snort=3D/usr/local/bin/snort
> sncfg=3Detc/snort.conf
> ug=3D"xten"
> exec $snort -i xl0 -d -t $snorth -u $ug -g $ug -e -p -o -c $sncfg -l log/
> -------------------- cut here --------------------
> So it should run in changeroot (-t), but when this script is run by
> daemontools, there is a error message:
> Initializing Output Plugins!
> ERROR: log directory 'log/' does not exist
> Fatal Error, Quitting..
>=20
> Well. I've made workarround by making log subdir in place, where snort is
> started. But in previous versions I have not had such problems? Is this
> correct?

The log/ directory must exist in the chroot directory, and it must be
writable by the snort user.

Kris

--4Ckj6UjgE2iN1+kY
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQE9t2eQWry0BWjoQKURAnDAAJ0YtvwS/sEbSQH0Xwikofy2YhtH7QCeJWP5
CSvtP2t/z1vvSVif/TgVBB8=
=RScY
-----END PGP SIGNATURE-----

--4Ckj6UjgE2iN1+kY--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021024032256.GA31730>