Project

General

Profile

Actions

Bug #3359

closed

suricata.log ownership not being set to run-as user/group

Added by Jason Taylor about 5 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

we are running Suricata 5.0 and have the following in our suricata.yaml:

  outputs:
  - console:
      enabled: yes
  - file:
      enabled: yes
      level: info
      filename: suricata.log
  - syslog:
      enabled: no
      facility: local5
      format:

We have the run-as user and group options configured as well.

We are seeing where the suricata.log file is staying owned as root.root instead of being set as the user/group we have set in run-as. All other log outputs are being assigned proper user/group.

Build info attached, let me know if there is additional information needed.


Files

suricata_buildinfo.txt (3.91 KB) suricata_buildinfo.txt suricata build-info Jason Taylor, 11/22/2019 08:31 PM
Actions #1

Updated by Jason Taylor about 5 years ago

Forgot to add this is on EL7.7

Actions #2

Updated by Andreas Herz about 5 years ago

  • Assignee set to OISF Dev
  • Target version set to TBD
Actions #3

Updated by Jason Taylor about 1 year ago

  • Status changed from New to Closed

This doesn't appear to be a problem any longer. I am unable to reproduce the issue with suricata 7.

Actions

Also available in: Atom PDF