[ossec-list] Re: Ossec 2.6 Compile errors on Mac Os 10.7.3
anyone?
[ossec-list] Re: Ossec 2.6 Compile errors on Mac Os 10.7.3
yes you are right about Apple! anyway, i have another problem. i have installed ossec server on my mac. Now i would like that ossec sends me alert via mail but i don't have a mailserver. I tried to follow the active-response tutorial but i did't get any results. any idea? have i to mandatory install an MTA? thanks PS: Onto this mac i have apache installed.
[ossec-list] Re: Ossec 2.6 Compile errors on Mac Os 10.7.3
ahahah i can feel a little bit of disappointing in your answer. My bad, i'm sorry, i didn't notice that i was using llvm compiler. I have changed it with the REAL gcc and now it works!!! :) thank you dan On 27 Apr, 20:49, dan (ddp) ddp...@gmail.com wrote: Use the real gcc instead of Apple's llvm/clang/whatever it is these days.
[ossec-list] ossec-syscheckd and ossec-rootcheck (1210): ERROR: Queue
hi, I have installed ossec 2.6 server on a Mac 10.7.3. i tried to run ossec with ossec-control start but it gave me some errors that i fixed adding the 3 ossec users: ossec, ossecr, ossecm and the group ossec. This time the error i got is : Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)... Started ossec-maild... Started ossec-execd... Started ossec-analysisd... Started ossec-logcollector... Started ossec-remoted... 2012/04/29 01:40:49 ossec-syscheckd(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'Queue not found'. 2012/04/29 01:41:04 ossec-rootcheck(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'No such file or directory'. 2012/04/29 01:41:15 ossec-syscheckd(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'Queue not found'. 2012/04/29 01:41:30 ossec-rootcheck(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'No such file or directory'. 2012/04/29 01:41:46 ossec-syscheckd(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'Queue not found'. 2012/04/29 01:42:01 ossec-rootcheck(1211): ERROR: Unable to access queue: '/var/ossec/queue/ossec/queue'. Giving up.. surfing on the various answers on internet i think that the problems are the permission and the files owners/group. I have all the utilities and files, within /var/ossec, with root owner: dr-xr-x--- 3 root wheel 102 28 Apr 10:27 active-response dr-xr-x--- 14 root wheel 476 28 Apr 10:27 agentless dr-xr-x--- 27 root wheel 918 28 Apr 10:27 bin dr-xr-x--- 8 root wheel 272 28 Apr 10:27 etc drwxr-x--- 6 root wheel 204 28 Apr 10:27 logs dr-xr-x--- 11 root wheel 374 28 Apr 10:27 queue dr-xr-x--- 64 root wheel 2176 28 Apr 10:27 rules drwxr-x--- 2 root wheel68 28 Apr 10:27 stats dr-xr-x--- 2 root wheel68 28 Apr 10:27 tmp dr-xr-x--- 3 root wheel 102 29 Apr 01:42 var Now, I don't know if the problem is really caused by permissions error or something else, furthermore i don't know what owner and group each single file need to, so I can't fix it manually. If the problems are the files permission so can anyone tell me every sigle file what owner and permissions i have to assign to it? thank you!!! Gappa
[ossec-list] Re: ossec-syscheckd and ossec-rootcheck (1210): ERROR: Queue
done, and now it works. thanks again dan! On 29 Apr, 01:59, dan (ddp) ddp...@gmail.com wrote: Now that the users and group are added, I would delete the /var/ossec, and reinstall. On Apr 28, 2012 7:58 PM, Gappa gapp...@gmail.com wrote: hi, I have installed ossec 2.6 server on a Mac 10.7.3. i tried to run ossec with ossec-control start but it gave me some errors that i fixed adding the 3 ossec users: ossec, ossecr, ossecm and the group ossec. This time the error i got is : Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)... Started ossec-maild... Started ossec-execd... Started ossec-analysisd... Started ossec-logcollector... Started ossec-remoted... 2012/04/29 01:40:49 ossec-syscheckd(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'Queue not found'. 2012/04/29 01:41:04 ossec-rootcheck(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'No such file or directory'. 2012/04/29 01:41:15 ossec-syscheckd(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'Queue not found'. 2012/04/29 01:41:30 ossec-rootcheck(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'No such file or directory'. 2012/04/29 01:41:46 ossec-syscheckd(1210): ERROR: Queue '/var/ossec/ queue/ossec/queue' not accessible: 'Queue not found'. 2012/04/29 01:42:01 ossec-rootcheck(1211): ERROR: Unable to access queue: '/var/ossec/queue/ossec/queue'. Giving up.. surfing on the various answers on internet i think that the problems are the permission and the files owners/group. I have all the utilities and files, within /var/ossec, with root owner: dr-xr-x--- 3 root wheel 102 28 Apr 10:27 active-response dr-xr-x--- 14 root wheel 476 28 Apr 10:27 agentless dr-xr-x--- 27 root wheel 918 28 Apr 10:27 bin dr-xr-x--- 8 root wheel 272 28 Apr 10:27 etc drwxr-x--- 6 root wheel 204 28 Apr 10:27 logs dr-xr-x--- 11 root wheel 374 28 Apr 10:27 queue dr-xr-x--- 64 root wheel 2176 28 Apr 10:27 rules drwxr-x--- 2 root wheel 68 28 Apr 10:27 stats dr-xr-x--- 2 root wheel 68 28 Apr 10:27 tmp dr-xr-x--- 3 root wheel 102 29 Apr 01:42 var Now, I don't know if the problem is really caused by permissions error or something else, furthermore i don't know what owner and group each single file need to, so I can't fix it manually. If the problems are the files permission so can anyone tell me every sigle file what owner and permissions i have to assign to it? thank you!!! Gappa
[ossec-list] Ossec 2.6 Compile errors on Mac Os 10.7.3
hi everyone, i'm trying to install ossec on my Mac. I get this error: gcc -g -Wall -I../../ -I../../headers -DDEFAULTDIR=\/var/ossec\ -DUSE_OPENSSL -DDarwin -DHIGHFIRST-DARGV0=\sha1_op\ -DXML_VAR=\var\ -DOSSECHIDS -c sha1_op.c In file included from sha1_op.c:27: sha_locl.h: In function ‘sha1_block_host_order’: sha_locl.h:261: error: unsupported inline asm: input constraint with a matching output constraint of incompatible type! sha_locl.h:261: error: unsupported inline asm: input constraint with a matching output constraint of incompatible type! sha_locl.h:262: error: unsupported inline asm: input constraint with a matching output constraint of incompatible type! sha_locl.h:262: error: unsupported inline asm: input constraint with a matching output constraint of incompatible type! ……….. ………. sha_locl.h:344: error: unsupported inline asm: input constraint with a matching output constraint of incompatible type! sha_locl.h:345: error: unsupported inline asm: input constraint with a matching output constraint of incompatible type! sha_locl.h:345: error: unsupported inline asm: input constraint with a matching output constraint of incompatible type! sha_locl.h:345: error: unsupported inline asm: input constraint with a matching output constraint of incompatible type! make[2]: *** [sha1] Error 1 make[1]: *** [os_crypto] Error 2 I searched for some prerequisites to install on the Mac and i only found XCode, i have it. Can anyone help me with this error? Thanks Gappa
