[Bro] Bro Cluster User
Aashish Sharma
asharma at lbl.gov
Thu Jul 23 10:20:59 PDT 2015
> I attempted to create a test folder where Bro is attempting to create its
> directories on a node, and that failed with permissions denied as expected
Yes, thats what is happening.
When setting up, I believe you'd want to make sure that on all the nodes, there is a directory with same path, ownership and premissions as the directory you have bro installed on the manager.
For example: if you have bro:bro with install prefix of /usr/local/bro-2.4
make sure your other nodes also have a /usr/local/bro-2.4 with bro:bro permissions.
That should fix this issue.
(Oh also make sure you ssh with both hostname and ip address once to your nodes and "yes" the ssh banner/warning)
let me know if you still encounter problems.
Aashish
On Thu, Jul 23, 2015 at 08:04:28PM +0300, M P wrote:
>
> Any thoughts or pointers on this? Some googling did turn some similar
> issue(s) but nothing definitive. The rest of the results I have seen
> involved using root to setup and run Bro.
> Thanks for any pointers
> MP
> On Thursday, July 16, 2015, M P <[1]mpselab at gmail.com> wrote:
>
> I have finished preparing a multi-node cluster of Bro and the setup was
> enjoyable to say the least. Now I am stuck at getting the manager to
> provision the nodes with an error stating that it cannot create some of
> the directories on the nodes: permission denied.
>
> The error message is pretty clear, however I am not able to find the "best
> practice" solution for it.
>
> What I did was:
>
> 1. Create the bro user on both manager and nodes.
>
> 2. Gegenrate the ssh key as the user bro on the manager and copy the public
> key to the nodes.
>
> 3. SSH as the user bro works without password.
>
> 4. May be not necessary but I added the bro user to the sudors visduo and
> granted it everything a root can do.
>
> I attempted to create a test folder where Bro is attempting to create its
> directories on a node, and that failed with permissions denied as expected
> from the Bro error message.
> My options (I think) are:
> 1. Setup Bro as root, which I am trying to avoid in the first place.
> 2. Setup Bro with root initially and then change ownership of directories to
> the bro users. This does not seem to the right way to do though.
>
> 3. Elevate the permissions of the user Bro to have more privileges. Again,
> not sure if this is the right way.
>
> You may get this question a lot, but any help or pointers are appreciated.
>
> Thank you for reading so far.
>
> MP
>
> References
>
> 1. mailto:mpselab at gmail.com
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
More information about the Bro
mailing list