Project

General

Profile

Actions

Support #7282

open

Allow access suricata command unix socket with lower permissions

Added by Ofer Dagan about 2 months ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Assignee:
Affected Versions:
Label:

Description

Hi,
I'm having a use case where I'm running a suricata inside a docker container. The unix socket is simply in a shared folder with the host and I have a service that needs to use it.
This requires the service that runs on the host to run as root in order to command properly. I want to allow processes with lower permissions to use the unix socket.
I though about a config that allows that.

Actions #1

Updated by Jason Ish about 2 months ago ยท Edited

  • Tracker changed from Feature to Support
  • Target version deleted (TBD)
  • Difficulty deleted (low)

With a custom setup like this I don't think we can provide much support from our end, however, standard unix permissions should allow this.

For example, the Suricata RPM is setup to allow users of the group "suricata" to run `suricatasc` just by using basic unix file permissions. Something could be adapted to your containerized setup.

For further discussion of such topics, I recommend our forum over at https://forum.suricata.io.

Actions #2

Updated by Ofer Dagan about 2 months ago

Thank you for the response. I'll try to find solutions in the forum :)

Actions

Also available in: Atom PDF