I've been working on installing and setting up snort-mysql on a server tonight, and noticed that the default apt-get installation leaves snort unable to run.
It appears that when I did a chmod o-rwx /etc/snort/snort.conf it made it so that snort couldn't read it's own config file. (I ran the chmod to try and protect my passwords, since I'm running snort-mysql and have to include the db username and password if I expect it to use the db any.) After doing a "chown -R snort:snort /etc/snort/", it was happy and I could start it using the /etc/init.d script again. /var/log/messages and "ps ax | grep snort" show it successfully running in the background again. So, my thoughts were, shouldn't the debian package set the permissions up like this by default? Is this worth filing a bug report about? If there's something I'm overlooking, I'd appreciate hearing about that too. TIA, Jacob ----- GnuPG Key: 1024D/16377135 In a world without fences, who needs Gates? http://www.linux.org/
msg30430/pgp00000.pgp
Description: PGP signature
