[Bro] Bro Cluster User

Aashish Sharma asharma at lbl.gov
Thu Jul 23 10:20:59 PDT 2015 

>    I attempted to create a test folder where Bro is attempting to create its
>    directories on a node, and that failed with permissions denied as expected

Yes, thats what is happening. 

When setting up, I believe you'd want to make sure that on all the nodes, there is a directory with same path, ownership and premissions as the directory you have bro installed on the manager. 

For example: if you have bro:bro with install prefix of /usr/local/bro-2.4 

make sure your other nodes also have a /usr/local/bro-2.4 with bro:bro permissions. 

That should fix this issue. 

(Oh also make sure you ssh with both hostname and ip address once to your nodes and "yes" the ssh banner/warning)

let me know if you still encounter problems. 

Aashish 


On Thu, Jul 23, 2015 at 08:04:28PM +0300, M P wrote:
> 
>    Any  thoughts or pointers on this? Some googling did turn some similar
>    issue(s)  but  nothing definitive. The rest of the results I have seen
>    involved using root to setup and run Bro.
>    Thanks for any pointers
>    MP
>    On Thursday, July 16, 2015, M P <[1]mpselab at gmail.com> wrote:
> 
>      I have finished preparing a multi-node cluster of Bro and the setup was
>      enjoyable to say the least. Now I am stuck at getting the manager to
>      provision the nodes with an error stating that it cannot create some of
>      the directories on the nodes: permission denied.
> 
>    The error message is pretty clear, however I am not able to find the "best
>    practice" solution for it.
> 
>    What I did was:
> 
>    1. Create the bro user on both manager and nodes.
> 
>    2. Gegenrate the ssh key as the user bro on the manager and copy the public
>    key to the nodes.
> 
>    3. SSH as the user bro works without password.
> 
>      4. May be not necessary but I added the bro user to the sudors visduo and
>      granted it everything a root can do.
> 
>    I attempted to create a test folder where Bro is attempting to create its
>    directories on a node, and that failed with permissions denied as expected
>    from the Bro error message.
>    My options (I think) are:
>    1. Setup Bro as root, which I am trying to avoid in the first place.
>    2. Setup Bro with root initially and then change ownership of directories to
>    the bro users. This does not seem to the right way to do though.
> 
>    3. Elevate the permissions of the user Bro to have more privileges. Again,
>    not sure if this is the right way.
> 
>    You may get this question a lot, but any help or pointers are appreciated.
> 
>    Thank you for reading so far.
> 
>    MP
> 
> References
> 
>    1. mailto:mpselab at gmail.com

> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

More information about the Bro mailing list