Your message dated Tue, 09 Sep 2025 18:47:13 +0000
with message-id <[email protected]>
and subject line Bug#1109307: fixed in suricata 1:8.0.0-1~exp1
has caused the Debian Bug report #1109307,
regarding suricata: /var/log/suricata should be owned by group adm
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1109307: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109307
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: suricata
Version: 1:7.0.10-1
Severity: normal
Currently, suricata installs on Debian with permissions on /var/log/suricata as
0755 root:root.
Per Debian convention, /var/log/suricata should be owned by root:adm with
(optionally) permissions 0750.
Note I do not believe this to be a violation of Debian policy, as I could not
find a written policy on this, nor does it seem to be strictly enforced.
Historically speaking however, packages in /var/log should have the group set
to adm (e.g. see nginx for an implementation of this):
https://wiki.debian.org/SystemGroups
It is also probably not a good idea for security-relevant logs to be
world-readable, though there is potential for breakage here.
--- End Message ---
--- Begin Message ---
Source: suricata
Source-Version: 1:8.0.0-1~exp1
Done: Andreas Dolp <[email protected]>
We believe that the bug you reported is fixed in the latest version of
suricata, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Dolp <[email protected]> (supplier of updated suricata package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 20 Aug 2025 21:55:13 +0200
Source: suricata
Binary: suricata suricata-dbgsym
Architecture: source amd64
Version: 1:8.0.0-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Pierre Chifflier <[email protected]>
Changed-By: Andreas Dolp <[email protected]>
Description:
suricata - Next Generation Intrusion Detection and Prevention Tool
Closes: 836929 1109307
Changes:
suricata (1:8.0.0-1~exp1) experimental; urgency=medium
.
[ Andreas Dolp ]
* New upstream release.
* Remove libhtp dependency as this is now built in Suricata.
* Remove LUA as this is now built in Suricata.
* Bump versioned Rust dependency to 1.75.0 or later.
* Remove recommended package snort-rules-default.
* Remove Python3 dependencies.
* Add libunwind-dev build dependency.
* Refresh Debian patches.
* Use systemd service Type=notify for systemd status notification.
* Remove libnss compile option and dependency.
* Remove libnspr compile option and dependency.
* Remove enable-libhs compile option.
* Add d/suricata.conffiles to remove sysv init conffiles.
* Align rundir and unix command socket to upstream /var/run/suricata/.
* Run Suricata as user suricata. (Closes: #836929, #1109307)
* Add configuration for landlock LSM security sandbox, but disabled by
default.
.
[ Sascha Steinbiss ]
* Remove sysv init support.
* Adjust README.Debian to mention systemd drop-in approach to
customize ExecStart parameters without having to clone the
packaged unit file.
* Remove unneeded ISC license text from d/copyright.
* Add NEWS.Debian file documenting the change.
Checksums-Sha1:
e94652aa8d836afe09a3bb6350897f820ecb940a 3009 suricata_8.0.0-1~exp1.dsc
7e4bdc40adcbe54b2d52d1333d5e7319647fcba4 51138956 suricata_8.0.0.orig.tar.gz
329881d5e3d59a54af3cff77eb40a9f1e8d88f93 833 suricata_8.0.0.orig.tar.gz.asc
b081cf6857402ded81be6db9649e9bb137daf6e0 25092
suricata_8.0.0-1~exp1.debian.tar.xz
2975b2c494166dc078da5014bc1f5bac540a0033 34459696
suricata-dbgsym_8.0.0-1~exp1_amd64.deb
20fde36f89402bec58d6ca27ff2c6c1a8c717504 18588
suricata_8.0.0-1~exp1_amd64.buildinfo
7e342d2a96cf3ebc9c28e8ce08adf5d890738f98 4376372
suricata_8.0.0-1~exp1_amd64.deb
Checksums-Sha256:
8579cec3d3a006100df63997ded6a5947ddb02a08653545432ea9bf20b613be3 3009
suricata_8.0.0-1~exp1.dsc
51f36ef492cbee8779d6018e4f18b98a08e677525851251279c1f851654f451f 51138956
suricata_8.0.0.orig.tar.gz
b9a2f4c253b69f1892fd782c891339fa079984441f3e75b74acf4d54ace2d9b6 833
suricata_8.0.0.orig.tar.gz.asc
8c4609ea946c1274a070489e89ff3f32a16200e36af0794c321bff6b06129f49 25092
suricata_8.0.0-1~exp1.debian.tar.xz
ca52069025763c5bfa33fec5a80eb3d8df43b0eb315791b4a7dd219766a892b1 34459696
suricata-dbgsym_8.0.0-1~exp1_amd64.deb
01c160ef4a713667990af6cba8209d3d6c7f18721cca649d34ac7a6df44cf03d 18588
suricata_8.0.0-1~exp1_amd64.buildinfo
767d343cf683c1d026adcb8a8dc1c2ae30736ab4b408f2fe439e1c2079622293 4376372
suricata_8.0.0-1~exp1_amd64.deb
Files:
f10e152f61172ef702ce7069f202f2f8 3009 net optional suricata_8.0.0-1~exp1.dsc
1294292076c062a33b942d1aef1123b8 51138956 net optional
suricata_8.0.0.orig.tar.gz
b8850a1b853a2b884f2d40222dacdedb 833 net optional
suricata_8.0.0.orig.tar.gz.asc
9c8f5d595e658c14cca4402ba543764b 25092 net optional
suricata_8.0.0-1~exp1.debian.tar.xz
539ab5a2bd60811364b68332a7ee9bb0 34459696 debug optional
suricata-dbgsym_8.0.0-1~exp1_amd64.deb
e842ed5d8839ffcec192fdee603fc4c3 18588 net optional
suricata_8.0.0-1~exp1_amd64.buildinfo
c396f25418a4b434ccc29c987ac82c3c 4376372 net optional
suricata_8.0.0-1~exp1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWzS6WqtVB+kDQm6F6NN64vCfSHIFAmjAcFEACgkQ6NN64vCf
SHLndw//ZJP2vETzM2wTkmT4qrl/h80IhcE9A1uy2eivIHirC322RpsHG3jqyLyI
toM4B939heuNHNfH8CWPzA2iSDzCaks/EBrnXtfksgffrp/N0kVQSO5eVwEtgFZU
6ncKwKNjMscD8jVDfUezvG+z95BljqjlqSucPTSV5RPutdAkSIm3M/G3mxJAmQZq
uZ9aVQvysT0VfxOtOPmCN6RuCNwL47LtDZJxVW8ogTqwuFG3GHasQFdejVm3fAeQ
6O3wiaNIQQ1lwN3dAcQTVpoTiNIIuNm3QZevcdJxE6vbN6xilb6I0CCP+oqA0/ez
BcaUUrZgJcmOrAZGZEDYdqgeRvC/b3rf45jKDYlP2F3oPdCLUHaGQNTFd70JKjAw
IFyiOsFRI9ddgq364vceRSOI3qZ5bR+qc5mV3fOLG8p/AAN+5VT2RAriM65AUGHW
mXth9Ryb7DVMfJfQLA9ksXwJ4mmf7Q4O67Fhh0ctxBBKbzT3y4Xfz3pw2aDTeMWI
utRYfXOG39tdL6QGcLrvA57kCrs6WzQKflLrTjDeTqsz5RT6QLqz7dguL7pzvpVe
zDP1M/lnN4wmtg+9GpoOWS+WSEojvxgyU3MX1JKlqLsYTwZGF80X38ROGcC8PPhP
kUDvVHHiAnrpnRUEhoJjzPwKolqcPrwaIm61fZAqxW1V6sS1oGY=
=VU62
-----END PGP SIGNATURE-----
pgpoU6LdRojPl.pgp
Description: PGP signature
--- End Message ---
