C165: Fix ownership of suricata classification.config file.
Commit Message
The file has to be write-able for the WUI and update script, which both
are executed as nobody.
Fixes #12803.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/rootfiles/core/165/update.sh | 3 +++
1 file changed, 3 insertions(+)
Comments
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
On 15/03/2022 19:24, Stefan Schantl wrote:
> The file has to be write-able for the WUI and update script, which both
> are executed as nobody.
>
> Fixes #12803.
>
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> config/rootfiles/core/165/update.sh | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh
> index 00974de73..ffb552c80 100644
> --- a/config/rootfiles/core/165/update.sh
> +++ b/config/rootfiles/core/165/update.sh
> @@ -129,6 +129,9 @@ ldconfig
> telinit u
> /etc/rc.d/init.d/firewall restart
>
> +# Fix ownership of classification file.
> +chown nobody:nobody /usr/share/suricata/classification.config
> +
> # Rebuild IPS rules
> rm -vf /tmp/ids_page_locked
> perl -e "require '/var/ipfire/ids-functions.pl'; &IDS::oinkmaster();"
@@ -129,6 +129,9 @@ ldconfig
telinit u
/etc/rc.d/init.d/firewall restart
+# Fix ownership of classification file.
+chown nobody:nobody /usr/share/suricata/classification.config
+
# Rebuild IPS rules
rm -vf /tmp/ids_page_locked
perl -e "require '/var/ipfire/ids-functions.pl'; &IDS::oinkmaster();"