From: "Marek Szuba" <marecki@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
Date: Wed, 22 Mar 2023 23:43:52 +0000 (UTC) [thread overview]
Message-ID: <1679528614.8532e51714ce99ea6db20cfedde4d976291e70d3.marecki@gentoo> (raw)
commit: 8532e51714ce99ea6db20cfedde4d976291e70d3
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 22 23:02:00 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Mar 22 23:43:34 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8532e517
net-analyzer/suricata: make rule-file and update dirs setuid suricata
So that it is possible to run suricata-update as root (which according
to upstream documentation is still very much allowed) but have suricata
itself drop its privileges, without having to manually change the
ownership of downloaded files. In the long run it would be nice for
suricata-update to drop privileges as well - but that's something
for upstream to take care of, and setuid suricata on the relevant
directories appears to work fine.
Closes: https://bugs.gentoo.org/900627
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.10.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild b/net-analyzer/suricata/suricata-6.0.10.ebuild
index 697b19988894..bcc930edadc3 100644
--- a/net-analyzer/suricata/suricata-6.0.10.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.10.ebuild
@@ -146,7 +146,7 @@ src_install() {
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
newinitd "${FILESDIR}/${PN}.initd" ${PN}
newconfd "${FILESDIR}/${PN}.confd" ${PN}
next reply other threads:[~2023-03-22 23:44 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-22 23:43 Marek Szuba [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-04-07 1:06 [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/ Marek Szuba
2024-01-23 5:07 Ionen Wolkens
2023-11-29 21:16 Petr Vaněk
2023-10-25 22:04 Marek Szuba
2023-10-25 22:04 Marek Szuba
2023-08-16 17:08 Marek Szuba
2023-08-16 17:08 Marek Szuba
2023-06-27 21:56 Marek Szuba
2023-05-11 12:03 Marek Szuba
2023-04-16 20:03 Marek Szuba
2023-03-01 23:12 Marek Szuba
2023-02-01 10:51 Marek Szuba
2023-02-01 10:51 Marek Szuba
2022-12-02 10:00 Marek Szuba
2022-11-10 0:42 Marek Szuba
2022-11-01 13:10 Marek Szuba
2022-11-01 0:36 Marek Szuba
2022-10-04 0:53 Marek Szuba
2022-09-01 12:27 Marek Szuba
2022-08-24 15:36 Marek Szuba
2022-08-24 15:36 Marek Szuba
2022-07-27 23:54 Marek Szuba
2022-07-13 15:55 Marek Szuba
2022-07-13 15:55 Marek Szuba
2022-04-25 22:57 Marek Szuba
2022-04-25 22:57 Marek Szuba
2022-03-23 1:24 Sam James
2021-11-19 14:59 Marek Szuba
2021-11-19 14:59 Marek Szuba
2021-09-25 19:08 Sam James
2021-09-03 12:15 Marek Szuba
2021-09-03 12:15 Marek Szuba
2021-08-23 21:29 Marek Szuba
2021-07-25 20:58 Marek Szuba
2021-07-01 9:47 Marek Szuba
2021-07-01 9:47 Marek Szuba
2021-06-21 16:03 Marek Szuba
2021-06-21 14:54 Marek Szuba
2021-06-21 14:54 Marek Szuba
2021-05-17 16:15 Marek Szuba
2021-04-03 19:53 Sam James
2021-03-04 14:47 Marek Szuba
2021-03-04 14:47 Marek Szuba
2021-01-25 17:38 Marek Szuba
2021-01-25 17:38 Marek Szuba
2020-12-06 22:02 Marek Szuba
2020-12-03 12:54 Marek Szuba
2020-10-14 14:44 Marek Szuba
2020-10-09 11:41 Marek Szuba
2020-07-17 20:10 Marek Szuba
2020-05-22 21:02 Marek Szuba
2020-04-23 21:11 Marek Szuba
2020-04-23 21:11 Marek Szuba
2020-03-04 9:46 Marek Szuba
2020-02-05 15:30 Marek Szuba
2019-12-20 10:18 Marek Szuba
2019-12-19 15:18 Marek Szuba
2019-12-16 16:05 Marek Szuba
2019-09-08 19:25 Slawek Lis
2018-06-11 14:04 Marek Szuba
2018-06-03 13:49 Aaron Bauman
2018-05-11 7:43 Slawek Lis
2018-03-26 19:33 Michał Górny
2018-01-24 7:00 Slawek Lis
2018-01-23 9:15 Slawek Lis
2017-07-24 8:30 Slawek Lis
2017-01-07 10:25 Slawek Lis
2016-12-28 13:25 Slawek Lis
2016-12-15 6:19 Slawek Lis
2016-11-29 12:05 Slawek Lis
2016-10-10 19:08 Slawek Lis
2016-06-30 19:03 Slawek Lis
2016-06-29 6:44 Slawek Lis
2016-04-26 6:18 Slawek Lis
2016-02-19 20:19 Slawek Lis
2016-02-19 5:59 Slawek Lis
2016-02-19 5:32 Slawek Lis
2015-12-28 5:53 Slawek Lis
2015-12-28 5:49 Slawek Lis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1679528614.8532e51714ce99ea6db20cfedde4d976291e70d3.marecki@gentoo \
--to=marecki@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox