Support #7282
openAllow access suricata command unix socket with lower permissions
Description
Hi,
I'm having a use case where I'm running a suricata inside a docker container. The unix socket is simply in a shared folder with the host and I have a service that needs to use it.
This requires the service that runs on the host to run as root in order to command properly. I want to allow processes with lower permissions to use the unix socket.
I though about a config that allows that.
Updated by Jason Ish about 1 month ago ยท Edited
- Tracker changed from Feature to Support
- Target version deleted (
TBD) - Difficulty deleted (
low)
With a custom setup like this I don't think we can provide much support from our end, however, standard unix permissions should allow this.
For example, the Suricata RPM is setup to allow users of the group "suricata" to run `suricatasc` just by using basic unix file permissions. Something could be adapted to your containerized setup.
For further discussion of such topics, I recommend our forum over at https://forum.suricata.io.
Updated by Ofer Dagan 26 days ago
Thank you for the response. I'll try to find solutions in the forum :)