Hi guys,
There doesn't seem to be much info around on how to chroot snort, and the
limited references to it that I have found, somehow don't seem to feel right.
What I have come to is the following :
/usr/local/bin/snort -D -c /var/snort/etc/snort/snort.conf -l \
/var/snort/var/log/snort -t /var/snort -u _snort -g _snort
Somehow I just don't trust this since it seems to want to read everything as a
fully relative path, and not simply relative to the chroot.
Can anyone that runs snort (I'm using the snort package from the 3.8 ports)
confirm if this is actually correctly chrooting or if (as I fear) it's not -
nothing in the launch output specifies that a chroot has occurred.
Cheers
Dave
