* [PATCH] suricata: Fix ownership and file permissions of files inside /var/lib/suricata.
@ 2019-03-16 12:04 Stefan Schantl
0 siblings, 0 replies; only message in thread
From: Stefan Schantl @ 2019-03-16 12:04 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 948 bytes --]
These files needs to have nobody.nobody as owner but requires read-acces from everyone
to allow the suricata user reading-in this files during startup.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
---
lfs/suricata | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lfs/suricata b/lfs/suricata
index 0a561ef8b..d7b5b71d6 100644
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -101,8 +101,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
# to the rules directory.
mv /etc/suricata/*.config /var/lib/suricata
- # Set correct ownership for /var/lib/suricata
- chown nobody:nobody /var/lib/suricata
+ # Set correct permissions for the files.
+ chmod 644 /var/lib/suricata/*.config
+
+ # Set correct ownership for /var/lib/suricata and the
+ # contained files
+ chown -R nobody:nobody /var/lib/suricata
# Create logging directory.
-mkdir -p /var/log/suricata
--
2.20.1
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2019-03-16 12:04 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-16 12:04 [PATCH] suricata: Fix ownership and file permissions of files inside /var/lib/suricata Stefan Schantl
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox