]> git.ipfire.org Git - people/mfischer/ipfire-2.x.git/blobdiff - config/suricata/suricata.yaml
projects / people / mfischer / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'next' of ssh://people.ipfire.org/pub/git/ipfire-2.x into next
[people/mfischer/ipfire-2.x.git] / config / suricata / suricata.yaml
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 041082b040001f8dae4b17c38e517e7056d78682..faa1aa71d9d2317d0c665630a54764807db5fb40 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -768,14 +768,15 @@ security:
   limit-noproc: true
   # Use landlock security module under Linux
   landlock:
-    enabled: no
+    enabled: yes
     directories:
       write:
         - /run
       # /usr and /etc folders are added to read list to allow
       # file magic to be used.
       read:
-        - /usr/share/misc/magic.mgc
+        - /etc/suricata
+        - /usr/share/misc
         - /usr/share/suricata
         - /var/ipfire/suricata
         - /var/lib/suricata
Matthias' tree of IPFire 2.x