[Bro] Problems Building Bro

[Dominic Steinitz]

Christian Kreibich wrote:
> On Sat, 2006-06-24 at 12:26 +0100, Dominic Steinitz wrote:
>> Vern,
>>
>> 1. That's done it so thanks very much.
> 
> Cool.
> 
>> 2. "make install" installed everything as root so I'm having to run bro 
>> as root.
> 
> I don't understand -- who owns the installed files is determined by who
> runs make install. I'd normally hope that everything is installed as
> root. How does that prevent you from running bro non-root?

I quote from the Bro Quick Start Guide:

"The Bro-Lite configuration script can be used to automatically 
configure Bro for you. It checks your system's BPF settings, creates a 
'bro' user account, installs a script to start bro at boot time, and 
installs a number of cron jobs to checkpoint bro every night, run 
perioidic reports, and manage log files."

and

"     User id to install and run Bro under [bro]

         bro_config will create a new user account with this username if 
the user does not exist."

I did make install as root and then make install-brolite. Should I not 
have done make install but make install-brolite only?

> 
> If you want to do packet capture you'll likely be running it as root
> anyway, if you want to process traces you don't need root, and if you
> want to run a Bro-Bro communications node you can use high ports to
> avoid root.

Ok but I'm confused in that case. What is the point of creating the user 
bro?

> 
> I can't comment on your point 3.

Should bro_config be amended to use useradd for linux systems rather 
than pw which presumably is a freebsd command? But see my comment above 
about the need for a user called bro in the first place.

> 
>> 4. Something not quite right with either the install or the documentation:
> 
> Many things aren't quite right with the documentation. :)

Ok I could send a patch for the documentation but I wonder if this is an 
isolated case or whether this happens for all linux installs?

> 
> Cheers,
> Christian.