suricata: Give 644 permissions to the suricata pidfile

author Stefan Schantl <stefan.schantl@ipfire.org>

Fri, 17 Aug 2018 06:24:19 +0000 (08:24 +0200)

committer Stefan Schantl <stefan.schantl@ipfire.org>

Fri, 17 Aug 2018 06:24:19 +0000 (08:24 +0200)
author Stefan Schantl <stefan.schantl@ipfire.org>
Fri, 17 Aug 2018 06:24:19 +0000 (08:24 +0200)
committer Stefan Schantl <stefan.schantl@ipfire.org>
Fri, 17 Aug 2018 06:24:19 +0000 (08:24 +0200)
diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suricata

index 60a00cc484cfe0bd171d7a7f0b4d6891efc1d524..45e04d4639246c299acd0ab3fe9b186663db20c6 100644 (file)
--- a/src/initscripts/system/suricata
+++ b/src/initscripts/system/suricata
@@ -32,6 +32,9 @@ network_zones=( red green blue orange )
  MARK="0x1"
  MASK="0x1"
  
+# PID file of suricata.
+PID_FILE="/var/run/suricata.pid"
+
  case "$1" in
          start)
                 # Get amount of CPU cores.
@@ -78,12 +81,15 @@ case "$1" in
                         boot_mesg "Starting Intrusion Detection System..."
                         /usr/bin/suricata -c /etc/suricata/suricata.yaml -D $NFQUEUES
                         evaluate_retval
+
+                       # Allow reading the pidfile.
+                       chmod 644 $PID_FILE
                 fi
         ;;
  
          stop)
                 boot_mesg "Stopping Intrusion Detection System..."
-               killproc -p /var/run/suricata.pid /var/run
+               killproc -p $PID_FILE /var/run
  
                 # Flush firewall chain.
                 iptables -F $FW_CHAIN
author	Stefan Schantl <stefan.schantl@ipfire.org>
	Fri, 17 Aug 2018 06:24:19 +0000 (08:24 +0200)
committer	Stefan Schantl <stefan.schantl@ipfire.org>
	Fri, 17 Aug 2018 06:24:19 +0000 (08:24 +0200)