[Bro] [Not] Running Bro as root?
Michał Purzyński
michalpurzynski1 at gmail.com
Wed Jun 13 14:41:42 PDT 2018
And to your second point - yes, bro documentation needs some improvements when it comes to the afpacket.
> On Jun 13, 2018, at 1:54 PM, Azoff, Justin S <jazoff at illinois.edu> wrote:
>
>
>> On Jun 13, 2018, at 3:59 PM, Michał Purzyński <michalpurzynski1 at gmail.com> wrote:
>>
>> Above is true unless your capture technology decides otherwise, of course. AF_Packet is OK with just net raw. Myricom SNF needs nothing (and that’s pretty scary).
>>
>
> I believe that's just due to the default permissions of the devices they install:
>
> crw-rw-rw-. 1 root root 241, 0 May 16 08:37 /dev/myriC0
> crw-rw-rw-. 1 root root 241, 2 May 16 08:37 /dev/myriC1
> crw-rw-rw-. 1 root root 241, 4 May 16 08:37 /dev/myriC2
> crw-rw-rw-. 1 root root 241, 6 May 16 08:37 /dev/myriC3
> crw-rw-rw-. 1 root root 241, 8 May 16 08:37 /dev/myriC4
> crw-rw-rw-. 1 root root 241, 10 May 16 08:37 /dev/myriC5
> crw-rw-rw-. 1 root root 241, 12 May 16 08:37 /dev/myriC6
> crw-rw-rw-. 1 root root 241, 14 May 16 08:37 /dev/myriC7
>
> You can
>
> chown root:bro /dev/myriC?
> chmod 0660 /dev/myriC?
>
> and that should do what you want.
>
> —
> Justin Azoff
>
More information about the Bro
mailing list