From owner-freebsd-ports Wed Oct 23 20:23: 5 2002 Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6932E37B401; Wed, 23 Oct 2002 20:23:03 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-165-226-88.dsl.lsan03.pacbell.net [64.165.226.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7F7D943E6A; Wed, 23 Oct 2002 20:22:57 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 089F566C7B; Wed, 23 Oct 2002 20:22:56 -0700 (PDT) Date: Wed, 23 Oct 2002 20:22:56 -0700 From: Kris Kennaway To: Krzysztof Stryjek Cc: kris@FreeBSD.org, ports@FreeBSD.org Subject: Re: snort port in FreeBSD Message-ID: <20021024032256.GA31730@xor.obsecurity.org> References: <20021024051300.R53209-100000@kryptos.mud.pl> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4Ckj6UjgE2iN1+kY" Content-Disposition: inline In-Reply-To: <20021024051300.R53209-100000@kryptos.mud.pl> User-Agent: Mutt/1.4i Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 24, 2002 at 05:19:24AM +0200, Krzysztof Stryjek wrote: > Hello, >=20 > I think there is sth wrong with snort. This is my configuration. >=20 > I use daemontools to run snort with such script: > -------------------- cut here -------------------- > #!/bin/sh >=20 > snorth=3D/home/snort > snort=3D/usr/local/bin/snort > sncfg=3Detc/snort.conf > ug=3D"xten" > exec $snort -i xl0 -d -t $snorth -u $ug -g $ug -e -p -o -c $sncfg -l log/ > -------------------- cut here -------------------- > So it should run in changeroot (-t), but when this script is run by > daemontools, there is a error message: > Initializing Output Plugins! > ERROR: log directory 'log/' does not exist > Fatal Error, Quitting.. >=20 > Well. I've made workarround by making log subdir in place, where snort is > started. But in previous versions I have not had such problems? Is this > correct? The log/ directory must exist in the chroot directory, and it must be writable by the snort user. Kris --4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9t2eQWry0BWjoQKURAnDAAJ0YtvwS/sEbSQH0Xwikofy2YhtH7QCeJWP5 CSvtP2t/z1vvSVif/TgVBB8= =RScY -----END PGP SIGNATURE----- --4Ckj6UjgE2iN1+kY-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message