Bug #361: AF_PACKET fails to initialize when running with limited privileges - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #361

closed

DB EL

AF_PACKET fails to initialize when running with limited privileges

Bug #361: AF_PACKET fails to initialize when running with limited privileges

Added by Doug Burks over 14 years ago. Updated over 14 years ago.

Status:

Closed

Priority:

High

Assignee:

Eric Leblond

Target version:

1.1rc1

Affected Versions:

Effort:

Difficulty:

Label:

Description

If I run Suricata with AF_PACKET as shown below, everything is fine:
suricata -c /etc/suricata/suricata.yaml --af-packet=eth0

However, if I tell Suricata to drop to a non-root user like this:
suricata --user sguil --group sguil -c /etc/suricata/suricata.yaml --af-packet=eth0

it drops the capabilities and then AF_PACKET fails to initialize.

Should Suricata initialize AF_PACKET first, and then drop capabilities?

Files

0001-Add-AF_PACKET-to-capability-system.patch (1.09 KB) 0001-Add-AF_PACKET-to-capability-system.patch

Eric Leblond, 10/30/2011 03:59 PM

History
Notes
Property changes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Bug #361

AF_PACKET fails to initialize when running with limited privileges

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#1

VJ Updated by Victor Julien over 14 years ago Actions
Copy link
#2

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#3

VJ Updated by Victor Julien over 14 years ago Actions
Copy link
#4

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#5

VJ Updated by Victor Julien over 14 years ago Actions
Copy link
#6

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#7

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#8

VJ Updated by Victor Julien over 14 years ago Actions
Copy link
#9

Project

General

Profile

Suricata

Custom queries

Bug #361

AF_PACKET fails to initialize when running with limited privileges

EL Updated by Eric Leblond over 14 years ago ActionsCopy link #1

VJ Updated by Victor Julien over 14 years ago ActionsCopy link #2

EL Updated by Eric Leblond over 14 years ago ActionsCopy link #3

VJ Updated by Victor Julien over 14 years ago ActionsCopy link #4

EL Updated by Eric Leblond over 14 years ago ActionsCopy link #5

VJ Updated by Victor Julien over 14 years ago ActionsCopy link #6

EL Updated by Eric Leblond over 14 years ago ActionsCopy link #7

EL Updated by Eric Leblond over 14 years ago ActionsCopy link #8

VJ Updated by Victor Julien over 14 years ago ActionsCopy link #9

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#1

VJ Updated by Victor Julien over 14 years ago Actions
Copy link
#2

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#3

VJ Updated by Victor Julien over 14 years ago Actions
Copy link
#4

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#5

VJ Updated by Victor Julien over 14 years ago Actions
Copy link
#6

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#7

EL Updated by Eric Leblond over 14 years ago Actions
Copy link
#8

VJ Updated by Victor Julien over 14 years ago Actions
Copy link
#9