[Bro] Likely bug in broctl

Daniel Thayer dnthayer at illinois.edu
Fri Apr 14 21:48:42 PDT 2017

If you upgrade to the newest release of Bro, then
the error message is more user-friendly.

The error is due to the fact that broctl needs to
write to the "spool" and "logs" directories.
This is explained in the broctl documentation:

On 4/14/17 11:17 PM, LinuxBSDos.com wrote:
> Hello:
> On an Ubuntu 16.04 server, I have Bro executables in /usr/local/bro/bin,
> which is in the PATH of all users on the system.
> As root, I can invoke all the commands by just specifying the relative
> paths. As a standard user, I can do the same for the commands except
> broctl. If I type, for example, "broctl --h", it returns the following
> error messages:
> <error>
> Traceback (most recent call last):
>    File "/usr/local/bro/bin/broctl", line 830, in <module>
>      sys.exit(main())
>    File "/usr/local/bro/bin/broctl", line 797, in main
>      loop = BroCtlCmdLoop(BroCtl, interactive, cmd)
>    File "/usr/local/bro/bin/broctl", line 25, in __init__
>      self.broctl = broctl_class(ui=self)
>    File "/usr/local/bro/lib/broctl/BroControl/broctl.py", line 69, in
> __init__
>      level=logging.DEBUG)
>    File "/usr/lib/python2.7/logging/__init__.py", line 1547, in
> basicConfig
>      hdlr = FileHandler(filename, mode)
>    File "/usr/lib/python2.7/logging/__init__.py", line 913, in __init__
>      StreamHandler.__init__(self, self._open())
>    File "/usr/lib/python2.7/logging/__init__.py", line 943, in _open
>      stream = open(self.baseFilename, self.mode)
> IOError: [Errno 13] Permission denied: '/usr/local/bro/spool/debug.log'
> </error>
> "Permission denied" seems to make sense, but if I type "sudo broctl
> --h", I get "sudo: broctl: command not found".
> It only works if I specify the full path with sudo, so "sudo
> /usr/local/bro/bin/broctl --h" works, but "/usr/local/bro/bin/broctl
> --h" does not.
> Again, this is just for broctl.

More information about the Bro mailing list