Wrongo canine exhalation... If you tell ntop -u xxxxx, it uses user xxxxx If you tell ntop -u root, it uses user root with some warnings
If you don't specify -u, in 2.2/2.2c it aborts. In 2.2.5x+, the behavior changed (I don't particularly like this, but Luca does). Now, ntop tries two common 'service' ids, nobody and then anonymous. If either of them exist, ntop runs using that id. Otherwise it aborts. So, when I say 'writable by the -u userid', it has to include the implicit -u nobody or -u anonymous. Now if OpenBSD gives 'nobody' minimal privileges, well that's an OpenBSD issue. You SHOULD be creating an ntop userid to own the ntop files (rrds etc.) and limit everyone else from seeing them, including other service machines that run under 'nobody'. -----Burton -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Julien TOUCHE Sent: Saturday, November 08, 2003 8:00 AM To: [EMAIL PROTECTED] Subject: Re: [Ntop] ntop + openbsd 3.4 Burton M. Strauss III wrote: > Quick reply re the ultimate error. Julian, read the back traffic and > docs/FAQ on this, it's quite common. > > Basically, the directory has to exist and be writable by the -u userid. > What directory ntop uses is set by the -P parameter (and possibly another - > man ntop). The default - if it's unspecified - is derived from the > ./configure --prefix setting. > talking about this error ? > 08/Nov/2003 10:57:22 [initialize:862] Opening database > '/opt/var/ntop/prefsCache.db' > 08/Nov/2003 10:57:22 [initialize:868] **FATAL_ERROR** ....open of > /opt/var/ntop/prefsCache.db failed: File open error > 08/Nov/2003 10:57:22 [initialize:880] Is another instance of ntop running? > > Program exited with code 0377. > (gdb) because the directory exists, the real problem was, i you do not use '-u user', ntop decrease privs to '(null)' (null being nobody) so ... here a problem i think: if configure has detect a ntop user, use it, else without -u, use root. else the main point of the post is having ntop running on openbsd (has yet to see stability and speed but it runs :) Regards Julien _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop
