suricata: Fix ownership and file permissions of files inside /var/lib/suricata.
authorStefan Schantl <stefan.schantl@ipfire.org>
Sat, 16 Mar 2019 12:04:18 +0000 (13:04 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Sat, 16 Mar 2019 12:28:30 +0000 (12:28 +0000)
These files needs to have nobody.nobody as owner but requires read-acces from everyone
to allow the suricata user reading-in this files during startup.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
lfs/suricata

index 0a561ef..d7b5b71 100644 (file)
@@ -101,8 +101,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        # to the rules directory.
        mv /etc/suricata/*.config /var/lib/suricata
 
-       # Set correct ownership for /var/lib/suricata
-       chown nobody:nobody /var/lib/suricata
+       # Set correct permissions for the files.
+       chmod 644 /var/lib/suricata/*.config
+
+       # Set correct ownership for /var/lib/suricata and the
+       # contained files
+       chown -R nobody:nobody /var/lib/suricata
 
        # Create logging directory.
        -mkdir -p /var/log/suricata