Hi guys , I am using ossec linux agent v 2.9.2 and saw that it is chrooting to /var/ossec directory . We have the requirement for ossec to avoid chrooting to this directory since it has dependency on multiiple files outside this installation path .
Is there any way to avoid ossec from chrooting to this directory ? I have tried to modify agentd.c to avoid the daemon from chrooting the default directory but somehow it is not connecting to the server and throws the error : 2017/12/19 17:36:48 ossec-syscheckd(1210): ERROR: Queue '/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'. 2017/12/19 17:36:48 rootcheck(1210): ERROR: Queue '/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'. 2017/12/19 17:36:56 ossec-syscheckd(1210): ERROR: Queue '/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'. 2017/12/19 17:36:56 rootcheck(1210): ERROR: Queue '/var/ossec/queue/ossec/queue' not accessible: 'Connection refused'. Any way to overcome this ? Regards -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.