[Bro] Bro Cluster User

M P mpselab at gmail.com
Thu Jul 23 10:45:51 PDT 2015


On Thu, Jul 23, 2015 at 8:30 PM, Daniel Thayer <dnthayer at illinois.edu>
wrote:

> OK, then when you run "broctl deploy", broctl will try
> to create the directory "/usr/local/bro" on each machine
> in your cluster.  If the user that you're running
> broctl does not have write access to the "/usr/local"
> directory, then you will see a permission denied error.
>
> Have you tried to manually create that directory on each machine,
> and then change the ownership to the user that runs
> broctl, and then run "broctl deploy"?


I just did like what you said and as recommended by Aashish and now I got a
working multi-node Bro cluster, just like that :)

Thank you both.
MP


>
>
> On 07/23/2015 12:16 PM, M P wrote:
>
>>
>>
>> On Thu, Jul 23, 2015 at 8:13 PM, Daniel Thayer <dnthayer at illinois.edu
>> <mailto:dnthayer at illinois.edu>> wrote:
>>
>>     What is your install prefix directory (or are you just using the
>>     default)?
>>
>>
>> Thanks for your reply Daniel.
>>
>> I am using the default directory, i.e.:  /usr/local/bro
>>
>>
>>     On 07/23/2015 12:04 PM, M P wrote:
>>
>>         Any thoughts or pointers on this? Some googling did turn some
>>         similar
>>         issue(s) but nothing definitive. The rest of the results I have
>> seen
>>         involved using root to setup and run Bro.
>>
>>         Thanks for any pointers
>>         MP
>>
>>         On Thursday, July 16, 2015, M P <mpselab at gmail.com
>>         <mailto:mpselab at gmail.com>
>>         <mailto:mpselab at gmail.com <mailto:mpselab at gmail.com>>> wrote:
>>
>>              I have finished preparing a multi-node cluster of Bro and
>>         the setup
>>              was enjoyable to say the least. Now I am stuck at getting the
>>              manager to provision the nodes with an error stating that
>>         it cannot
>>              create some of the directories on the nodes: permission
>> denied.
>>
>>              The error message is pretty clear, however I am not able to
>>         find the
>>              "best practice" solution for it.
>>
>>              What I did was:
>>              1. Create the bro user on both manager and nodes.
>>              2. Gegenrate the ssh key as the user bro on the manager and
>>         copy the
>>              public key to the nodes.
>>              3. SSH as the user bro works without password.
>>              4. May be not necessary but I added the bro user to the
>> sudors
>>              visduo and granted it everything a root can do.
>>
>>              I attempted to create a test folder where Bro is attempting
>> to
>>              create its directories on a node, and that failed with
>>         permissions
>>              denied as expected from the Bro error message.
>>
>>              My options (I think) are:
>>              1. Setup Bro as root, which I am trying to avoid in the
>>         first place.
>>              2. Setup Bro with root initially and then change ownership of
>>              directories to the bro users. This does not seem to the
>>         right way to
>>              do though.
>>              3. Elevate the permissions of the user Bro to have more
>>         privileges.
>>              Again, not sure if this is the right way.
>>
>>              You may get this question a lot, but any help or pointers are
>>              appreciated.
>>
>>              Thank you for reading so far.
>>              MP
>>
>>
>>
>>         _______________________________________________
>>         Bro mailing list
>>         bro at bro-ids.org <mailto:bro at bro-ids.org>
>>         http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>         <
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.ICSI.Berkeley.EDU_mailman_listinfo_bro&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=Bi5qPBnY0NmYPqnRTPj_AfXQKpfQTZUpCzpfFBcawv0&m=Uhw49BSBpl-_oLSUEwxmvScGFEDqpMtubL69AiCkk2w&s=xdu1a7kEtEFXHbZRZrvLJ0j3P6i-7ztVyxOBt9_Rp7c&e=
>> >
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150723/f9f4e6a2/attachment-0001.html 


More information about the Bro mailing list