[Bro] Bro Cluster User

M P mpselab at gmail.com
Thu Jul 23 10:16:28 PDT 2015


On Thu, Jul 23, 2015 at 8:13 PM, Daniel Thayer <dnthayer at illinois.edu>
wrote:

> What is your install prefix directory (or are you just using the
> default)?


Thanks for your reply Daniel.

I am using the default directory, i.e.:  /usr/local/bro


> On 07/23/2015 12:04 PM, M P wrote:
>
>> Any thoughts or pointers on this? Some googling did turn some similar
>> issue(s) but nothing definitive. The rest of the results I have seen
>> involved using root to setup and run Bro.
>>
>> Thanks for any pointers
>> MP
>>
>> On Thursday, July 16, 2015, M P <mpselab at gmail.com
>> <mailto:mpselab at gmail.com>> wrote:
>>
>>     I have finished preparing a multi-node cluster of Bro and the setup
>>     was enjoyable to say the least. Now I am stuck at getting the
>>     manager to provision the nodes with an error stating that it cannot
>>     create some of the directories on the nodes: permission denied.
>>
>>     The error message is pretty clear, however I am not able to find the
>>     "best practice" solution for it.
>>
>>     What I did was:
>>     1. Create the bro user on both manager and nodes.
>>     2. Gegenrate the ssh key as the user bro on the manager and copy the
>>     public key to the nodes.
>>     3. SSH as the user bro works without password.
>>     4. May be not necessary but I added the bro user to the sudors
>>     visduo and granted it everything a root can do.
>>
>>     I attempted to create a test folder where Bro is attempting to
>>     create its directories on a node, and that failed with permissions
>>     denied as expected from the Bro error message.
>>
>>     My options (I think) are:
>>     1. Setup Bro as root, which I am trying to avoid in the first place.
>>     2. Setup Bro with root initially and then change ownership of
>>     directories to the bro users. This does not seem to the right way to
>>     do though.
>>     3. Elevate the permissions of the user Bro to have more privileges.
>>     Again, not sure if this is the right way.
>>
>>     You may get this question a lot, but any help or pointers are
>>     appreciated.
>>
>>     Thank you for reading so far.
>>     MP
>>
>>
>>
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150723/d74bdc26/attachment.html 


More information about the Bro mailing list