[Oisf-users] Error when running suricata with --user & --group
Josh
josh at securemind.org
Wed Sep 29 21:05:07 UTC 2010
I had a simular problem, mine turned out to be that the user account
"suricata" wasn't created correctly.
Try, "cat /etc/passwd | grep suricata" if the account isn't listed correctly
then do a "userdel suricata" and try again.
Good Luck,
Josh
On Wednesday, September 29, 2010 09:51:44 am Sylvain Chillaud wrote:
> Hi there,
>
> I'm trying to get suricata 1.0.2 to run on a debian 5 server.
> I've configured and installed without problem (the basic conf for now)
> following the guide on the oisf website as well as instructions here
> http://www.inliniac.net/blog/2010/05/10/setting-up-suricata-0-9-0-for-initi
> al-use-on-ubuntu-lucid-10-04.html, but when running the command :
>
> *suricata -c /etc/suricata/suricata.yaml -i eth1 --user suricata --group
> suricata* I get the following error :
>
> (util-privs.c:86) <Error> (SCDropMainThreadCaps) -- [ERRCODE:
> SC_ERR_CHANGING_CAPS_FAILED(155)] - capng_change_id for main thread failed
>
>
> I'm guessing it is linked to the user and/or group because when I run
> *suricata
> -c /etc/suricata/suricata.yaml -i eth1* only, it starts as it should.
>
>
> It is a minor problem, nothing urgent. Right now I am just on the learning
> and testing suricata phase and can run it without user and group, but if
> anyone know why it's not working when adding them in the command line, I'd
> like to hear the reason, and the solution if there is one.
> (I have of course tried to google it and have looked in these archives as
> well without results)
>
>
> Thank you for your help,
>
> Sylvain
More information about the Oisf-users
mailing list