[Bro] [Not] Running Bro as root?
Jim Mellander
jmellander at lbl.gov
Wed Jun 13 12:03:29 PDT 2018
BTW: This may be relevant for some installations as well:
https://stackoverflow.com/questions/29099797/raw-capture-capabilities-cap-net-raw-cap-net-admin-not-working-outside-usr-b#30826137
On Wed, Jun 13, 2018 at 9:41 AM, Jim Mellander <jmellander at lbl.gov> wrote:
> Please see https://www.bro.org/documentation/faq.html#how-
> can-i-capture-packets-as-an-unprivileged-user which should address your
> concerns.
>
> Take care,
>
> Jim
>
>
> On Wed, Jun 13, 2018 at 9:07 AM, Drew Dixon <dwdixon at umich.edu> wrote:
>
>> Hello,
>>
>> So from what I understand it is not at all a trivial task to get bro to
>> properly run/function under a user account other than root (Linux
>> [RHEL/CentOS]).
>>
>> Just mostly out of curiosity, I was wondering if anyone had taken on this
>> task and are successfully running bro in production under a non-root user
>> account? Further, has anyone perhaps automated/scripted some/all of the
>> changes required in order to move bro to run as a non-root user account
>> without issue?
>>
>> Thank you,
>>
>> -Drew
>>
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180613/b08366c0/attachment.html
More information about the Bro
mailing list