Project

General

Profile

Actions
Copy link

Support #2575

closed

Permission denied opening suricata-command.socket on CentOS 7 using EPEL packages

Added by B Mathis over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Affected Versions:
4.0.5
Label:

Description

When using suricata packages on CentOS 7 from EPEL, the following error is seen in the suricata.log file:

    Unix socket: UNIX socket bind(/var/run/suricata/suricata-command.socket) error: Permission denied
    Unable to create unix command socket

On this platform suricata is run as user 'suricata', but /run/suricata has ownership root:root, so it cannot create the socket file. This is set in '/usr/lib/tmpfiles.d/suricata.conf'.

Actions
Copy link
 #1

Updated by B Mathis over 5 years ago

To resolve this error, update /usr/lib/tmpfiles.d/suricata.conf

d /run/suricata 0775 root suricata -

Actions
Copy link
 #2

Updated by Victor Julien over 5 years ago

  • Status changed from New to Closed

The EPEL packages have their own bug tracker at Redhat. Jason Taylor added it here: https://bugzilla.redhat.com/show_bug.cgi?id=1614935

Actions
Copy link
 #3

Updated by Victor Julien over 5 years ago

  • Tracker changed from Bug to Support
Actions
Copy link
 #4

Updated by Jason Taylor over 5 years ago

This is also being tracked under, https://bugzilla.redhat.com/show_bug.cgi?id=1614935

A new build should be out in the near future to resolve this issue.

Actions
Copy link

Also available in: Atom PDF