Project

General

Custom queries

Profile

Actions

Support #7282

closed

Allow access suricata command unix socket with lower permissions

Added by Ofer Dagan 6 months ago. Updated about 1 month ago.

Status:
Closed
Priority:
Normal
Assignee:
Affected Versions:
Label:

Description

Hi,
I'm having a use case where I'm running a suricata inside a docker container. The unix socket is simply in a shared folder with the host and I have a service that needs to use it.
This requires the service that runs on the host to run as root in order to command properly. I want to allow processes with lower permissions to use the unix socket.
I though about a config that allows that.

Actions #1

Updated by Jason Ish 6 months ago · Edited

  • Tracker changed from Feature to Support
  • Target version deleted (TBD)
  • Difficulty deleted (low)

With a custom setup like this I don't think we can provide much support from our end, however, standard unix permissions should allow this.

For example, the Suricata RPM is setup to allow users of the group "suricata" to run `suricatasc` just by using basic unix file permissions. Something could be adapted to your containerized setup.

For further discussion of such topics, I recommend our forum over at https://forum.suricata.io.

Actions #2

Updated by Ofer Dagan 6 months ago

Thank you for the response. I'll try to find solutions in the forum :)

Actions #3

Updated by Jason Ish about 1 month ago

  • Status changed from New to Closed
Actions

Also available in: Atom PDF