NSM: create /usr/sbin/broctl #1043

Closed
dougburks opened this Issue Dec 21, 2016 · 3 comments

Projects

None yet

1 participant

@dougburks
Contributor

/usr/sbin/broctl will be a wrapper to run /opt/bro/bin/broctl as a limited user:

#!/bin/bash

SO_CONF="/etc/nsm/securityonion.conf"

# Add new Bro entries to SO_CONF if necessary
if ! grep BRO_USER $SO_CONF >/dev/null; then
        echo >> $SO_CONF
        echo "# BRO_USER specifies the user account used to start Bro." >> $SO_CONF
        echo "BRO_USER=sguil"   >> $SO_CONF
        echo "BRO_GROUP=sguil"  >> $SO_CONF
fi

# load in user config
. $SO_CONF

su $BRO_USER -c "/opt/bro/bin/broctl $@"
@dougburks dougburks closed this Jan 4, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment