From patchwork Tue Mar 15 18:24:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 5348 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4KJ1yP5zpXz3wt4 for ; Tue, 15 Mar 2022 18:24:13 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4KJ1yM5j97zNw; Tue, 15 Mar 2022 18:24:11 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4KJ1yM5RHQz2ykl; Tue, 15 Mar 2022 18:24:11 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4KJ1yL2bBGz2yC3 for ; Tue, 15 Mar 2022 18:24:10 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4KJ1yJ6XMgz37; Tue, 15 Mar 2022 18:24:08 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1647368649; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=qsJxVQf8xlthJwVpEsUxlTPV//oWPjN4uIOKBThUTPI=; b=GneSROxU/i9wMPchIO/Vl9Nksdgeij3/+ChxW73JYACJ0QnX/2G1UMbO96w5KxhCUBFL6t Y/ch22lwU/m7UODA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1647368649; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=qsJxVQf8xlthJwVpEsUxlTPV//oWPjN4uIOKBThUTPI=; b=AkB1JvAbaaclyBGECzkwVWnhSVYE+CzvPZbadrFpLkOqUHzZfkGWTJRl9b3rUfg/g1Ak99 nJWZF046VIFqfSj4dRa5LyTLF9OBSC07IWyEOzdv0igAr3qL8OHvf/IzYYc0n27EtH8lr3 SZ6qNFmN+UE2STMbxW8c/dVhi1B+MMX9GsxRiEX/DYsM8A9siacklJNt8AICMdc4rE7nLT BPuh7zS4O/zersAIsrs3ANMDKbPxyAwQUEEXhomWe3qNSv6IHAnyg6gt6LsCy2T+IY8BS/ lLI6bSU7UV1vTSI+n/bR8m6C2gh3rtpHLi/Dd23V0NeiYD3jbi7tUt+tX9ae7w== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH] C165: Fix ownership of suricata classification.config file. Date: Tue, 15 Mar 2022 19:24:02 +0100 Message-Id: <20220315182403.6359-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" The file has to be write-able for the WUI and update script, which both are executed as nobody. Fixes #12803. Signed-off-by: Stefan Schantl Reviewed-by: Adolf Belka --- config/rootfiles/core/165/update.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh index 00974de73..ffb552c80 100644 --- a/config/rootfiles/core/165/update.sh +++ b/config/rootfiles/core/165/update.sh @@ -129,6 +129,9 @@ ldconfig telinit u /etc/rc.d/init.d/firewall restart +# Fix ownership of classification file. +chown nobody:nobody /usr/share/suricata/classification.config + # Rebuild IPS rules rm -vf /tmp/ids_page_locked perl -e "require '/var/ipfire/ids-functions.pl'; &IDS::oinkmaster();"