1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1109307: suricata: /var/log/suricata should be owned by group adm

    From Lloyd@21:1/5 to All on Tue Jul 15 02:20:01 2025
    Package: suricata
    Version: 1:7.0.10-1
    Severity: normal

    Currently, suricata installs on Debian with permissions on /var/log/suricata as 0755 root:root.

    Per Debian convention, /var/log/suricata should be owned by root:adm with (optionally) permissions 0750.

    Note I do not believe this to be a violation of Debian policy, as I could not find a written policy on this, nor does it seem to be strictly enforced. Historically speaking however, packages in /var/log should have the group set to adm (e.g. see nginx
    for an implementation of this):

    https://wiki.debian.org/SystemGroups

    It is also probably not a good idea for security-relevant logs to be world-readable, though there is potential for breakage here.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)