[Oisf-users] running suricata 2.0 as a user results in syscall error
Andreas Herz
andi at geekosphere.org
Mon Mar 31 07:58:25 UTC 2014
Hi,
i updated to suricata 2.0 and it's working fine except one issue. I
tried to use the new feature to run suricata as another user.
suricata -c /etc/suricata/suricata.yaml -i eth0 -v --user=suricata
This results in the following warning:
<Warning> - [ERRCODE: SC_ERR_SYSCALL(50)] - Failure when trying to get
feature via ioctl: Operation not permitted (1)
Even using --user=root results in the same error.
The system is a redhat system with kernel 2.6.32.61 and libcap-ng is
version 0.7.3.
I found that the related commit is from "regit":
https://github.com/inliniac/suricata/commit/fcc87595611e23eec4749e22d402644f9487b06e#diff-b75e28418f74aceb54d806d7525cec1b
So i checked if ethtool is working, and it is.
Since it's just a warning suricata is working as intended but i would
like to get rid of this warning.
Here is the strace ouput at this part:
http://paste.geekosphere.org/5O
Thanks
--
Andreas Herz
More information about the Oisf-users
mailing list