CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2019/03/05 05:38:24
Modified files:
security/suricata: Makefile
security/suricata/patches: patch-suricata_yaml_in
security/suricata/pkg: PLIST
Added files:
security/suricata/patches: patch-configure_ac
patch-src_suricata_c
patch-src_util-privs_c
patch-src_util-privs_h
Log message:
Use setresuid/gid() directly to change user and group. Otherwise
Suricata uses libcap-ng on Linux and runs as root elsewhere.
Switch to _suricata user and group in config to avoid running as root.
To remove pid file its directory must be writable by suricata user.
Fix pid file removal if it is specified in config file.
setresuid()/gid() patch from Emmanuel Roullit
OK gonzalo@
