drop to user different than root not working

t3chn0m4g3 commented 8 years ago

When trying to start dionaea 0.4.0 with /opt/dionaea/bin/dionaea -u tpot -g tpot -c /opt/dionaea/etc/dionaea/dionaea.cfg -p /data/dionaea/dionaea.pid

results in the following error (previous version worked flawlessly, also running 0.4.0 without -u / -g switches works fine):

Dionaea Version 0.4.0 
Compiled on Linux/x86_64 at Jun  1 2016 05:00:52 with gcc 4.8.4 
Started on f80af1cd7550 running Linux/x86_64 release 4.4.0-21-generic

[01062016 13:02:01] dionaea dionaea.c:230: User tpot has uid 2000

[01062016 13:02:01] dionaea dionaea.c:249: Group tpot has gid 2000

START
{'lo': ['127.0.0.1', '::1'], 'eth0': ['172.17.0.6', 'fe80::42:acff:fe11:6']}
allow
     # protocol   # type  accept 
     # protocol  ftpctrl  # type  connect 

deny
     # protocol  ftpdata ftpdatacon xmppclient  # type  

allow
     # protocol  smbd epmapper nfqmirrord mssqld  # type  

STARTING SERVICES
lo
127.0.0.1
<class 'dionaea.tftp.TFTPService'>
<class 'dionaea.pptp.PPTPService'>
<class 'dionaea.sip.SIPService'>
........................+++
..................+++
<class 'dionaea.upnp.UPNPService'>
<class 'dionaea.mqtt.MQTTService'>
<class 'dionaea.http.HTTPService'>
<dionaea.http.Headers object at 0x7f0902f0a828> OrderedDict([('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba438> OrderedDict([('Server', 'nginx'), ('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba588> OrderedDict([('Server', 'nginx'), ('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '{content_length}'), ('Connection', '{connection}'), ('X-Powered-By', 'PHP/5.5.9-1ubuntu4.5')])
<dionaea.http.Headers object at 0x7f0902f0a828> OrderedDict([('Server', 'nginx'), ('Location', '{location}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba748> OrderedDict([('Server', 'nginx'), ('Allow', '{allow}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba358> OrderedDict([('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba2b0> OrderedDict([('Server', 'nginx'), ('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba240> OrderedDict([('Server', 'nginx'), ('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '{content_length}'), ('Connection', '{connection}'), ('X-Powered-By', 'PHP/5.5.9-1ubuntu4.5')])
<dionaea.http.Headers object at 0x7f0902eba358> OrderedDict([('Server', 'nginx'), ('Location', '{location}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba5c0> OrderedDict([('Server', 'nginx'), ('Allow', '{allow}'), ('Connection', '{connection}')])
....................................+++
..+++
<class 'dionaea.smb.SMBService'>
<class 'dionaea.mysql.MYSQLService'>
<class 'dionaea.mssql.MSSQLService'>
<class 'dionaea.mirror.MirrorService'>
<class 'dionaea.smb.EPMAPService'>
<class 'dionaea.ftp.FTPService'>
::1
<class 'dionaea.tftp.TFTPService'>
<class 'dionaea.pptp.PPTPService'>
<class 'dionaea.sip.SIPService'>
......................................................................................................................................+++
....................+++
<class 'dionaea.upnp.UPNPService'>
<class 'dionaea.mqtt.MQTTService'>
<class 'dionaea.http.HTTPService'>
<dionaea.http.Headers object at 0x7f0902eba390> OrderedDict([('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba400> OrderedDict([('Server', 'nginx'), ('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba630> OrderedDict([('Server', 'nginx'), ('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '{content_length}'), ('Connection', '{connection}'), ('X-Powered-By', 'PHP/5.5.9-1ubuntu4.5')])
<dionaea.http.Headers object at 0x7f0902eba390> OrderedDict([('Server', 'nginx'), ('Location', '{location}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba940> OrderedDict([('Server', 'nginx'), ('Allow', '{allow}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebaf60> OrderedDict([('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebab70> OrderedDict([('Server', 'nginx'), ('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902eba710> OrderedDict([('Server', 'nginx'), ('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '{content_length}'), ('Connection', '{connection}'), ('X-Powered-By', 'PHP/5.5.9-1ubuntu4.5')])
<dionaea.http.Headers object at 0x7f0902ebaf60> OrderedDict([('Server', 'nginx'), ('Location', '{location}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebacc0> OrderedDict([('Server', 'nginx'), ('Allow', '{allow}'), ('Connection', '{connection}')])
......................................+++
............................................................+++
<class 'dionaea.smb.SMBService'>
<class 'dionaea.mysql.MYSQLService'>
<class 'dionaea.mssql.MSSQLService'>
<class 'dionaea.mirror.MirrorService'>
<class 'dionaea.smb.EPMAPService'>
<class 'dionaea.ftp.FTPService'>
{'::1': {<class 'dionaea.smb.EPMAPService'>: [<dionaea.smb.smb.epmapper object at 0x7f0902ecb090>], <class 'dionaea.pptp.PPTPService'>: [<dionaea.pptp.pptp.pptpd object at 0x7f0902ec6240>], <class 'dionaea.http.HTTPService'>: [<dionaea.http.httpd object at 0x7f0902ec63f0>, <dionaea.http.httpd object at 0x7f0902ec6948>], <class 'dionaea.mqtt.MQTTService'>: [<dionaea.mqtt.mqtt.mqttd object at 0x7f0902ec63a8>], <class 'dionaea.tftp.TFTPService'>: [<dionaea.tftp.TftpServer object at 0x7f0902ec61f8>], <class 'dionaea.mysql.MYSQLService'>: [<dionaea.mysql.mysql.mysqld object at 0x7f0902ec6f78>], <class 'dionaea.mssql.MSSQLService'>: [<dionaea.mssql.mssql.mssqld object at 0x7f0902ec6fc0>], <class 'dionaea.ftp.FTPService'>: [<dionaea.ftp.FTPd object at 0x7f0902ecb0d8>], <class 'dionaea.upnp.UPNPService'>: [<dionaea.upnp.upnp.upnpd object at 0x7f0902ec6360>], <class 'dionaea.sip.SIPService'>: [<dionaea.sip.SipSession object at 0x7f0902ec6288>, <dionaea.sip.SipSession object at 0x7f0902ec6048>, <dionaea.sip.SipSession object at 0x7f0902ec62d0>], <class 'dionaea.mirror.MirrorService'>: [<dionaea.mirror.mirrord object at 0x7f0902ec6ee8>], <class 'dionaea.smb.SMBService'>: [<dionaea.smb.smb.smbd object at 0x7f0902ec6f30>]}, '127.0.0.1': {<class 'dionaea.smb.EPMAPService'>: [<dionaea.smb.smb.epmapper object at 0x7f0902ec6168>], <class 'dionaea.pptp.PPTPService'>: [<dionaea.pptp.pptp.pptpd object at 0x7f0902ec2318>], <class 'dionaea.http.HTTPService'>: [<dionaea.http.httpd object at 0x7f0902ec24c8>, <dionaea.http.httpd object at 0x7f0902ec2a20>], <class 'dionaea.mqtt.MQTTService'>: [<dionaea.mqtt.mqtt.mqttd object at 0x7f0902ec2480>], <class 'dionaea.tftp.TFTPService'>: [<dionaea.tftp.TftpServer object at 0x7f0902ec22d0>], <class 'dionaea.mysql.MYSQLService'>: [<dionaea.mysql.mysql.mysqld object at 0x7f0902ec6090>], <class 'dionaea.mssql.MSSQLService'>: [<dionaea.mssql.mssql.mssqld object at 0x7f0902ec60d8>], <class 'dionaea.ftp.FTPService'>: [<dionaea.ftp.FTPd object at 0x7f0902ec61b0>], <class 'dionaea.upnp.UPNPService'>: [<dionaea.upnp.upnp.upnpd object at 0x7f0902ec2438>], <class 'dionaea.sip.SIPService'>: [<dionaea.sip.SipSession object at 0x7f0902ec2360>, <dionaea.sip.SipSession object at 0x7f0902ec2288>, <dionaea.sip.SipSession object at 0x7f0902ec23a8>], <class 'dionaea.mirror.MirrorService'>: [<dionaea.mirror.mirrord object at 0x7f0902ec6120>], <class 'dionaea.smb.SMBService'>: [<dionaea.smb.smb.smbd object at 0x7f0902ec2fc0>]}}
eth0
172.17.0.6
<class 'dionaea.tftp.TFTPService'>
<class 'dionaea.pptp.PPTPService'>
<class 'dionaea.sip.SIPService'>
.............................+++
.............................+++
<class 'dionaea.upnp.UPNPService'>
<class 'dionaea.mqtt.MQTTService'>
<class 'dionaea.http.HTTPService'>
<dionaea.http.Headers object at 0x7f0902ebd358> OrderedDict([('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebd748> OrderedDict([('Server', 'nginx'), ('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebdb38> OrderedDict([('Server', 'nginx'), ('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '{content_length}'), ('Connection', '{connection}'), ('X-Powered-By', 'PHP/5.5.9-1ubuntu4.5')])
<dionaea.http.Headers object at 0x7f0902ebd358> OrderedDict([('Server', 'nginx'), ('Location', '{location}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebdb70> OrderedDict([('Server', 'nginx'), ('Allow', '{allow}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebda90> OrderedDict([('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebdb00> OrderedDict([('Server', 'nginx'), ('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebda20> OrderedDict([('Server', 'nginx'), ('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '{content_length}'), ('Connection', '{connection}'), ('X-Powered-By', 'PHP/5.5.9-1ubuntu4.5')])
<dionaea.http.Headers object at 0x7f0902ebda90> OrderedDict([('Server', 'nginx'), ('Location', '{location}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ebd240> OrderedDict([('Server', 'nginx'), ('Allow', '{allow}'), ('Connection', '{connection}')])
........................................................................+++
..............................................................+++
<class 'dionaea.smb.SMBService'>
<class 'dionaea.mysql.MYSQLService'>
<class 'dionaea.mssql.MSSQLService'>
<class 'dionaea.mirror.MirrorService'>
<class 'dionaea.smb.EPMAPService'>
<class 'dionaea.ftp.FTPService'>
fe80::42:acff:fe11:6
<class 'dionaea.tftp.TFTPService'>
<class 'dionaea.pptp.PPTPService'>
<class 'dionaea.sip.SIPService'>
.........................................+++
....................................+++
<class 'dionaea.upnp.UPNPService'>
<class 'dionaea.mqtt.MQTTService'>
<class 'dionaea.http.HTTPService'>
<dionaea.http.Headers object at 0x7f0902ebd828> OrderedDict([('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ed12e8> OrderedDict([('Server', 'nginx'), ('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ed1320> OrderedDict([('Server', 'nginx'), ('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '{content_length}'), ('Connection', '{connection}'), ('X-Powered-By', 'PHP/5.5.9-1ubuntu4.5')])
<dionaea.http.Headers object at 0x7f0902ebd828> OrderedDict([('Server', 'nginx'), ('Location', '{location}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ed1358> OrderedDict([('Server', 'nginx'), ('Allow', '{allow}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ed13c8> OrderedDict([('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ed1390> OrderedDict([('Server', 'nginx'), ('Content-Type', '{content_type}'), ('Content-Length', '{content_length}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ed1400> OrderedDict([('Server', 'nginx'), ('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '{content_length}'), ('Connection', '{connection}'), ('X-Powered-By', 'PHP/5.5.9-1ubuntu4.5')])
<dionaea.http.Headers object at 0x7f0902ed13c8> OrderedDict([('Server', 'nginx'), ('Location', '{location}'), ('Connection', '{connection}')])
<dionaea.http.Headers object at 0x7f0902ed1438> OrderedDict([('Server', 'nginx'), ('Allow', '{allow}'), ('Connection', '{connection}')])
...........................+++
..............+++
<class 'dionaea.smb.SMBService'>
<class 'dionaea.mysql.MYSQLService'>
<class 'dionaea.mssql.MSSQLService'>
<class 'dionaea.mirror.MirrorService'>
<class 'dionaea.smb.EPMAPService'>
<class 'dionaea.ftp.FTPService'>
{'fe80::42:acff:fe11:6': {<class 'dionaea.smb.EPMAPService'>: [<dionaea.smb.smb.epmapper object at 0x7f0902ecfea0>], <class 'dionaea.pptp.PPTPService'>: [<dionaea.pptp.pptp.pptpd object at 0x7f0902ecf090>], <class 'dionaea.http.HTTPService'>: [<dionaea.http.httpd object at 0x7f0902ecf240>, <dionaea.http.httpd object at 0x7f0902ecf798>], <class 'dionaea.mqtt.MQTTService'>: [<dionaea.mqtt.mqtt.mqttd object at 0x7f0902ecf1f8>], <class 'dionaea.tftp.TFTPService'>: [<dionaea.tftp.TftpServer object at 0x7f0902ecbe10>], <class 'dionaea.mysql.MYSQLService'>: [<dionaea.mysql.mysql.mysqld object at 0x7f0902ecfdc8>], <class 'dionaea.mssql.MSSQLService'>: [<dionaea.mssql.mssql.mssqld object at 0x7f0902ecfe10>], <class 'dionaea.ftp.FTPService'>: [<dionaea.ftp.FTPd object at 0x7f0902ecfee8>], <class 'dionaea.upnp.UPNPService'>: [<dionaea.upnp.upnp.upnpd object at 0x7f0902ecf1b0>], <class 'dionaea.sip.SIPService'>: [<dionaea.sip.SipSession object at 0x7f0902ecf0d8>, <dionaea.sip.SipSession object at 0x7f0902ecf048>, <dionaea.sip.SipSession object at 0x7f0902ecf120>], <class 'dionaea.mirror.MirrorService'>: [<dionaea.mirror.mirrord object at 0x7f0902ecfe58>], <class 'dionaea.smb.SMBService'>: [<dionaea.smb.smb.smbd object at 0x7f0902ecfd80>]}, '::1': {<class 'dionaea.smb.EPMAPService'>: [<dionaea.smb.smb.epmapper object at 0x7f0902ecb090>], <class 'dionaea.pptp.PPTPService'>: [<dionaea.pptp.pptp.pptpd object at 0x7f0902ec6240>], <class 'dionaea.http.HTTPService'>: [<dionaea.http.httpd object at 0x7f0902ec63f0>, <dionaea.http.httpd object at 0x7f0902ec6948>], <class 'dionaea.mqtt.MQTTService'>: [<dionaea.mqtt.mqtt.mqttd object at 0x7f0902ec63a8>], <class 'dionaea.tftp.TFTPService'>: [<dionaea.tftp.TftpServer object at 0x7f0902ec61f8>], <class 'dionaea.mysql.MYSQLService'>: [<dionaea.mysql.mysql.mysqld object at 0x7f0902ec6f78>], <class 'dionaea.mssql.MSSQLService'>: [<dionaea.mssql.mssql.mssqld object at 0x7f0902ec6fc0>], <class 'dionaea.ftp.FTPService'>: [<dionaea.ftp.FTPd object at 0x7f0902ecb0d8>], <class 'dionaea.upnp.UPNPService'>: [<dionaea.upnp.upnp.upnpd object at 0x7f0902ec6360>], <class 'dionaea.sip.SIPService'>: [<dionaea.sip.SipSession object at 0x7f0902ec6288>, <dionaea.sip.SipSession object at 0x7f0902ec6048>, <dionaea.sip.SipSession object at 0x7f0902ec62d0>], <class 'dionaea.mirror.MirrorService'>: [<dionaea.mirror.mirrord object at 0x7f0902ec6ee8>], <class 'dionaea.smb.SMBService'>: [<dionaea.smb.smb.smbd object at 0x7f0902ec6f30>]}, '172.17.0.6': {<class 'dionaea.smb.EPMAPService'>: [<dionaea.smb.smb.epmapper object at 0x7f0902ecbf78>], <class 'dionaea.pptp.PPTPService'>: [<dionaea.pptp.pptp.pptpd object at 0x7f0902ecb168>], <class 'dionaea.http.HTTPService'>: [<dionaea.http.httpd object at 0x7f0902ecb318>, <dionaea.http.httpd object at 0x7f0902ecb870>], <class 'dionaea.mqtt.MQTTService'>: [<dionaea.mqtt.mqtt.mqttd object at 0x7f0902ecb2d0>], <class 'dionaea.tftp.TFTPService'>: [<dionaea.tftp.TftpServer object at 0x7f0902ecb120>], <class 'dionaea.mysql.MYSQLService'>: [<dionaea.mysql.mysql.mysqld object at 0x7f0902ecbea0>], <class 'dionaea.mssql.MSSQLService'>: [<dionaea.mssql.mssql.mssqld object at 0x7f0902ecbee8>], <class 'dionaea.ftp.FTPService'>: [<dionaea.ftp.FTPd object at 0x7f0902ecbfc0>], <class 'dionaea.upnp.UPNPService'>: [<dionaea.upnp.upnp.upnpd object at 0x7f0902ecb288>], <class 'dionaea.sip.SIPService'>: [<dionaea.sip.SipSession object at 0x7f0902ecb1b0>, <dionaea.sip.SipSession object at 0x7f0902ecb048>, <dionaea.sip.SipSession object at 0x7f0902ecb1f8>], <class 'dionaea.mirror.MirrorService'>: [<dionaea.mirror.mirrord object at 0x7f0902ecbf30>], <class 'dionaea.smb.SMBService'>: [<dionaea.smb.smb.smbd object at 0x7f0902ecbe58>]}, '127.0.0.1': {<class 'dionaea.smb.EPMAPService'>: [<dionaea.smb.smb.epmapper object at 0x7f0902ec6168>], <class 'dionaea.pptp.PPTPService'>: [<dionaea.pptp.pptp.pptpd object at 0x7f0902ec2318>], <class 'dionaea.http.HTTPService'>: [<dionaea.http.httpd object at 0x7f0902ec24c8>, <dionaea.http.httpd object at 0x7f0902ec2a20>], <class 'dionaea.mqtt.MQTTService'>: [<dionaea.mqtt.mqtt.mqttd object at 0x7f0902ec2480>], <class 'dionaea.tftp.TFTPService'>: [<dionaea.tftp.TftpServer object at 0x7f0902ec22d0>], <class 'dionaea.mysql.MYSQLService'>: [<dionaea.mysql.mysql.mysqld object at 0x7f0902ec6090>], <class 'dionaea.mssql.MSSQLService'>: [<dionaea.mssql.mssql.mssqld object at 0x7f0902ec60d8>], <class 'dionaea.ftp.FTPService'>: [<dionaea.ftp.FTPd object at 0x7f0902ec61b0>], <class 'dionaea.upnp.UPNPService'>: [<dionaea.upnp.upnp.upnpd object at 0x7f0902ec2438>], <class 'dionaea.sip.SIPService'>: [<dionaea.sip.SipSession object at 0x7f0902ec2360>, <dionaea.sip.SipSession object at 0x7f0902ec2288>, <dionaea.sip.SipSession object at 0x7f0902ec23a8>], <class 'dionaea.mirror.MirrorService'>: [<dionaea.mirror.mirrord object at 0x7f0902ec6120>], <class 'dionaea.smb.SMBService'>: [<dionaea.smb.smb.smbd object at 0x7f0902ec2fc0>]}}
Trace/breakpoint trap

phibos commented 8 years ago

Looks like some file permissions are wrong. Can you please increase the logging level and provide additional information.

/opt/dionaea/bin/dionaea -u tpot -g tpot -c /opt/dionaea/etc/dionaea/dionaea.cfg -p /data/dionaea/dionaea.pid -l all,-debug -L '*'

t3chn0m4g3 commented 8 years ago

Thanks did not know about the debug switch and you were right, file permission issue:

[01062016 19:50:48] store dionaea/store.py:60: Not allowed to create files in the '/opt/dionaea/var/dionaea/binaries/' directory

root@ee8fd386c85f:/opt/dionaea/var/dionaea# ls -al
total 188
drwxr-xr-x 5 dionaea dionaea   4096 Jun  1 19:50 .
drwxr-xr-x 3 root    root      4096 Jun  1 19:49 ..
drwxr-xr-x 2 dionaea dionaea   4096 Jun  1 05:01 binaries
drwxr-xr-x 2 dionaea dionaea   4096 Jun  1 05:01 bistreams
-rw-r--r-- 1 root    root         0 Jun  1 19:50 dionaea-errors.log
-rw-r--r-- 1 root    root    172032 Jun  1 19:50 dionaea.log
drwxr-xr-x 6 dionaea dionaea   4096 Jun  1 19:49 roots

Changing the ownership solved it for me. Thanks!

phibos commented 8 years ago

You are welcome. I have closed the issue.

t3chn0m4g3 commented 8 years ago

Something still throws me off. Although dionaea is started with -u tpot / -g tpot some files are still created with root ownership:

-rw-r--r-- 1 root root      0 Jun  1 22:10 dionaea-errors.log
-rw-r--r-- 1 root root      0 Jun  1 22:10 dionaea.json
-rw-r--r-- 1 root root      0 Jun  1 22:10 dionaea.log
-rw-r--r-- 1 root root 117760 Jun  1 22:10 dionaea.sqlite

Resulting in some strange behavior (logging not working 100%) and the following error message upon start:

01062016 22:12:43] python module.c:320: start dionaea.ihandlers 0xaeda20 0x7f04eebcce08
[01062016 22:12:43] ihandlers dionaea/ihandlers.py:57: START THE IHANDLERS
[01062016 22:12:43] python module.c:1036: PermissionError at PermissionError(13, 'Permission denied')
[01062016 22:12:43] python module.c:1061: /opt/dionaea/lib/dionaea/python/dionaea/log_json.py:41 in __init__
[01062016 22:12:43] python module.c:1062:    self.fp = open(url.path, "a")
[01062016 22:12:43] python module.c:1061: /opt/dionaea/lib/dionaea/python/dionaea/log_json.py:103 in __init__
[01062016 22:12:43] python module.c:1062:    self.handlers.append(h(url=handler))
[01062016 22:12:43] python module.c:1061: /opt/dionaea/lib/dionaea/python/dionaea/log_json.py:79 in start
[01062016 22:12:43] python module.c:1062:    handler = LogJsonHandler("*", config=config)
[01062016 22:12:43] python module.c:1061: /opt/dionaea/lib/dionaea/python/dionaea/ihandlers.py:66 in start
[01062016 22:12:43] python module.c:1062:    handlers = h.start(config=ihandler_config.get("config", {}))
[01062016 22:12:43] modules modules.c:203: start module 0x6b63f0
[01062016 22:12:43] modules modules.c:203: start module 0x6b2d60
[01062016 22:12:43] modules modules.c:203: start module 0x6b7f90
[01062016 22:12:43] dionaea dionaea.c:773: Installing signal handlers
[01062016 22:12:43] dionaea dionaea.c:810: Creating 4 threads in pool
[01062016 22:13:53] log signals.c:49: sigint_cb loop 0x7f04f87ae900 w 0xc81d20 revents 1024
[01062016 22:13:53] modules modules.c:229: free module /opt/dionaea/lib/dionaea/curl.so 0x6b2fb0 fn 0x7f04f60e5ad1
[01062016 22:13:53] modules modules.c:229: free module /opt/dionaea/lib/dionaea/python.so 0x6b49b0 fn 0x7f04f194ba80
[01062016 22:13:53] python module.c:289: stop dionaea.log 0x8376f0 0x7f04efbac278
[01062016 22:13:53] python module.c:289: stop dionaea.services 0x7e55b0 0x7f04efbac3b8

@phibos Any idea?

phibos commented 8 years ago

The log files(dionaea.log and dionaea-errors.log) are created before dionaea drops privileges. But the log_json ihandler tries to access the dionaea.json file after the privileges have been dropped.

If dionaea.json is still empty, you can delete the file and restart dionaea. The file should be recreated during the restart.

For more information have a look at #39 and #40

DinoTools / dionaea

drop to user different than root not working #35