Likely bug in broctl

Hello:

On an Ubuntu 16.04 server, I have Bro executables in /usr/local/bro/bin, which is in the PATH of all users on the system.

As root, I can invoke all the commands by just specifying the relative paths. As a standard user, I can do the same for the commands except broctl. If I type, for example, "broctl --h", it returns the following error messages:

<error>
Traceback (most recent call last):
   File "/usr/local/bro/bin/broctl", line 830, in <module>
     sys.exit(main())
   File "/usr/local/bro/bin/broctl", line 797, in main
     loop = BroCtlCmdLoop(BroCtl, interactive, cmd)
   File "/usr/local/bro/bin/broctl", line 25, in __init__
     self.broctl = broctl_class(ui=self)
   File "/usr/local/bro/lib/broctl/BroControl/broctl.py", line 69, in __init__
     level=logging.DEBUG)
   File "/usr/lib/python2.7/logging/__init__.py", line 1547, in basicConfig
     hdlr = FileHandler(filename, mode)
   File "/usr/lib/python2.7/logging/__init__.py", line 913, in __init__
     StreamHandler.__init__(self, self._open())
   File "/usr/lib/python2.7/logging/__init__.py", line 943, in _open
     stream = open(self.baseFilename, self.mode)
IOError: [Errno 13] Permission denied: '/usr/local/bro/spool/debug.log'
</error>

"Permission denied" seems to make sense, but if I type "sudo broctl --h", I get "sudo: broctl: command not found".

It only works if I specify the full path with sudo, so "sudo /usr/local/bro/bin/broctl --h" works, but "/usr/local/bro/bin/broctl --h" does not.

Again, this is just for broctl.

Thanks,

-finid-

If you upgrade to the newest release of Bro, then
the error message is more user-friendly.

The error is due to the fact that broctl needs to
write to the "spool" and "logs" directories.
This is explained in the broctl documentation:
https://www.bro.org/sphinx/components/broctl/README.html#using-brocontrol-as-an-unprivileged-user

If you upgrade to the newest release of Bro, then
the error message is more user-friendly.

The error is due to the fact that broctl needs to
write to the "spool" and "logs" directories.
This is explained in the broctl documentation:
[https://www.bro.org/sphinx/components/broctl/README.html#using-brocontrol-as-an-unprivileged-user

](https://www.bro.org/sphinx/components/broctl/README.html#using-brocontrol-as-an-unprivileged-user

)

And as for /usr/local/bro/bin, add that to your secure_path= line in /etc/sudoers file.

James