chroot issues
Carter Bullard
carter at qosient.com
Mon Sep 25 22:44:06 EDT 2006
Gentle people,
OK, so if we can get consensus on this we'll have a solution sooner
than later.
Can we assume that if argus reads packet files, that they will be
outside the
chroot'd directory structure? I'm hoping that I can treat packet
files and interfaces
the same, so we open them before the chroot(). Because you have to
be root to
chroot(), we won't do the setuid, or setgid until after we do the
chroot().
Is this reasonable, or do we need to force the input files to be in
the chroot'd
directory?
Carter
On Sep 25, 2006, at 10:13 PM, Darren Spruell wrote:
> On 9/25/06, Carter Bullard <carter at qosient.com> wrote:
>> I'll have to have delayed opening of some things, but if the notion
>> is that we're just controlling output file generation, I maybe
>> able to
>> do this in a short period of time.
>>
>> Seems like we'll have to change how we use syslog, as we current
>> call openlog() and closelog() in each ArgusLog() call, and that won't
>> work if we're chroot()'d.
>
> Is this trouble remedied by having syslogd create a log socket in
> the chroot?
>
> --
> Darren Spruell
> phatbuckett at gmail.com
>
More information about the argus
mailing list