Project

General

Profile

Actions

Bug #2909

closed

segfault on logrotation when the files cannot be opened

Added by Emmanuel Roullit over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

To trigger this, I use have made following changes in a vanilla suricata.yaml:

run-as:
  user: emmanuel.roullit
  group: dev
outputs:
  - eve-log:
      enabled: yes
      filetype: regular
      filename: eve.json
      rotate-interval: minute

Then I followed this procedure:

$ mkdir logs
$ suricata -c suricata.yaml -l logs -i enp0s25 # in a seperate terminal
$ sudo chown -R root:root logs
$ kill -HUP $(pgrep Suricata)
Actions

Also available in: Atom PDF