Project

General

Profile

Actions
Copy link

Support #7282

closed

Allow access suricata command unix socket with lower permissions

Added by Ofer Dagan 7 months ago. Updated about 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
OISF Dev
Affected Versions:
Label:

Description

Hi,
I'm having a use case where I'm running a suricata inside a docker container. The unix socket is simply in a shared folder with the host and I have a service that needs to use it.
This requires the service that runs on the host to run as root in order to command properly. I want to allow processes with lower permissions to use the unix socket.
I though about a config that allows that.

Actions
Copy link
 #1

Updated by Jason Ish 7 months ago ยท Edited

  • Tracker changed from Feature to Support
  • Target version deleted (TBD)
  • Difficulty deleted (low)

With a custom setup like this I don't think we can provide much support from our end, however, standard unix permissions should allow this.

For example, the Suricata RPM is setup to allow users of the group "suricata" to run `suricatasc` just by using basic unix file permissions. Something could be adapted to your containerized setup.

For further discussion of such topics, I recommend our forum over at https://forum.suricata.io.

Actions
Copy link
 #2

Updated by Ofer Dagan 7 months ago

Thank you for the response. I'll try to find solutions in the forum :)

Actions
Copy link
 #3

Updated by Jason Ish about 2 months ago

  • Status changed from New to Closed
Actions
Copy link

Also available in: Atom PDF