These files needs to have nobody.nobody as owner but requires read-acces from everyone to allow the suricata user reading-in this files during startup.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org --- lfs/suricata | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lfs/suricata b/lfs/suricata index 0a561ef8b..d7b5b71d6 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -101,8 +101,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) # to the rules directory. mv /etc/suricata/*.config /var/lib/suricata
- # Set correct ownership for /var/lib/suricata - chown nobody:nobody /var/lib/suricata + # Set correct permissions for the files. + chmod 644 /var/lib/suricata/*.config + + # Set correct ownership for /var/lib/suricata and the + # contained files + chown -R nobody:nobody /var/lib/suricata
# Create logging directory. -mkdir -p /var/log/suricata