Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.

NSM: create /usr/sbin/broctl #1043

Closed
dougburks opened this issue Dec 21, 2016 · 3 comments
Closed

NSM: create /usr/sbin/broctl #1043

dougburks opened this issue Dec 21, 2016 · 3 comments

Comments

@dougburks
Copy link
Contributor

/usr/sbin/broctl will be a wrapper to run /opt/bro/bin/broctl as a limited user:

#!/bin/bash

SO_CONF="/etc/nsm/securityonion.conf"

# Add new Bro entries to SO_CONF if necessary
if ! grep BRO_USER $SO_CONF >/dev/null; then
        echo >> $SO_CONF
        echo "# BRO_USER specifies the user account used to start Bro." >> $SO_CONF
        echo "BRO_USER=sguil"   >> $SO_CONF
        echo "BRO_GROUP=sguil"  >> $SO_CONF
fi

# load in user config
. $SO_CONF

su $BRO_USER -c "/opt/bro/bin/broctl $@"
@dougburks
Copy link
Contributor Author

dougburks commented Dec 21, 2016
edited

commits:

Security-Onion-Solutions/securityonion-nsmnow-admin-scripts@ceca915

Security-Onion-Solutions/securityonion-nsmnow-admin-scripts@10dd8a3

@dougburks dougburks mentioned this issue Dec 21, 2016
Closed
@dougburks
Copy link
Contributor Author

submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/4E5fP25nbm0/discussion

@dougburks
Copy link
Contributor Author

published:
http://blog.securityonion.net/2017/01/pulledpork-rule-update-and-several.html

@dougburks dougburks mentioned this issue Mar 22, 2017
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dougburks