This patch does not have any effect (yet) and is untested because suricata needs to be built against libcap-ng which is currently not being packaged for IPFire.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org --- config/suricata/suricata.yaml | 9 +++++++++ 1 file changed, 9 insertions(+)
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml index 8b4ab8c3b..3701fe9c6 100644 --- a/config/suricata/suricata.yaml +++ b/config/suricata/suricata.yaml @@ -268,6 +268,15 @@ asn1-max-frames: 256 ## ##############################################################################
+## +## Run Options +## + +# Run suricata as user and group. +run-as: + user: nobody + group: nobody + # Suricata core dump configuration. Limits the size of the core dump file to # approximately max-dump. The actual core dump size will be a multiple of the # page size. Core dumps that would be larger than max-dump are truncated. On