Bug 1651394 - Log directory not readable by members of the suricata group
Summary: Log directory not readable by members of the suricata group
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: suricata
Version: rawhide
Hardware: All
OS: All
unspecified
low
Target Milestone: ---
Assignee: Steve Grubb
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-11-19 22:23 UTC by Jason Ish
Modified: 2018-11-20 23:06 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-11-20 23:06:44 UTC


Attachments (Terms of Use)

Description Jason Ish 2018-11-19 22:23:49 UTC
Description of problem:

/var/log/suricata is has a group of suricata but is not group readable by default. It would be useful for utilities that monitor the logs to gain access by being part of the suricata group without yum post actions.

Please consider making this directory group readable by default. The files contained within are already group readable by default.

Comment 1 Steve Grubb 2018-11-20 21:25:38 UTC
In the spec file, we have:
attr(750,suricata,root) %dir %{_var}/log/%{name}

Are you wanting it to be:
%attr(750,suricata,suricata) %dir %{_var}/log/%{name}

Comment 2 Jason Ish 2018-11-20 21:48:51 UTC
Yes, exactly.


Note You need to log in before you can comment on or make changes to this bug.