]> git.ipfire.org Git - ipfire-2.x.git/commit
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3358151) | patch
suricata.yaml: Fix Landlock path settings
authorPeter Müller <peter.mueller@ipfire.org>
Mon, 22 Apr 2024 16:44:00 +0000 (16:44 +0000)
committerArne Fitzenreiter <arne_f@ipfire.org>
Mon, 29 Apr 2024 12:45:19 +0000 (12:45 +0000)
commit464b2117ead41a2c5f5771665f828e74e3e40f82
tree52a2ea9065caa836b0b6e9a27be24df3c923c230tree | snapshot
parent3358151c85c9c5cecf091da3e612cb0632f9b8c8commit | diff
suricata.yaml: Fix Landlock path settings

Suricata will complain if it cannot read its own configuration file,
hence read-only access to /etc/suricata must be allowed. Since the list
applies to directories, rather than files, restricting read access to
only /usr/share/misc/magic.mgc is not possible; reading /usr/share/misc
must be allowed instead.

Fixes: #13645
Tested-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
config/suricata/suricata.yaml diff | blob | blame | history
IPFire 2.x development tree