From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat, 16 Mar 2019 12:04:18 +0000 (+0100)
Subject: suricata: Fix ownership and file permissions of files inside /var/lib/suricata.
X-Git-Tag: v2.23-core131~107
X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=728f3d2e8f3d26e80154236c6d67e303e1f7f3b9

suricata: Fix ownership and file permissions of files inside /var/lib/suricata.

These files needs to have nobody.nobody as owner but requires read-acces from everyone
to allow the suricata user reading-in this files during startup.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/lfs/suricata b/lfs/suricata
index 0a561ef8ba..d7b5b71d6b 100644
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -101,8 +101,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	# to the rules directory.
 	mv /etc/suricata/*.config /var/lib/suricata
 
-	# Set correct ownership for /var/lib/suricata
-	chown nobody:nobody /var/lib/suricata
+	# Set correct permissions for the files.
+	chmod 644 /var/lib/suricata/*.config
+
+	# Set correct ownership for /var/lib/suricata and the
+	# contained files
+	chown -R nobody:nobody /var/lib/suricata
 
 	# Create logging directory.
 	-mkdir -p /var/log/suricata