[Bro] Problems Building Bro
Dominic Steinitz
dominic.steinitz at blueyonder.co.uk
Sat Jun 24 09:45:34 PDT 2006
Christian Kreibich wrote:
> On Sat, 2006-06-24 at 12:26 +0100, Dominic Steinitz wrote:
>> Vern,
>>
>> 1. That's done it so thanks very much.
>
> Cool.
>
>> 2. "make install" installed everything as root so I'm having to run bro
>> as root.
>
> I don't understand -- who owns the installed files is determined by who
> runs make install. I'd normally hope that everything is installed as
> root. How does that prevent you from running bro non-root?
I quote from the Bro Quick Start Guide:
"The Bro-Lite configuration script can be used to automatically
configure Bro for you. It checks your system's BPF settings, creates a
'bro' user account, installs a script to start bro at boot time, and
installs a number of cron jobs to checkpoint bro every night, run
perioidic reports, and manage log files."
and
" User id to install and run Bro under [bro]
bro_config will create a new user account with this username if
the user does not exist."
I did make install as root and then make install-brolite. Should I not
have done make install but make install-brolite only?
>
> If you want to do packet capture you'll likely be running it as root
> anyway, if you want to process traces you don't need root, and if you
> want to run a Bro-Bro communications node you can use high ports to
> avoid root.
Ok but I'm confused in that case. What is the point of creating the user
bro?
>
> I can't comment on your point 3.
Should bro_config be amended to use useradd for linux systems rather
than pw which presumably is a freebsd command? But see my comment above
about the need for a user called bro in the first place.
>
>> 4. Something not quite right with either the install or the documentation:
>
> Many things aren't quite right with the documentation. :)
Ok I could send a patch for the documentation but I wonder if this is an
isolated case or whether this happens for all linux installs?
>
> Cheers,
> Christian.
More information about the Bro
mailing list