Package: ossec-hids-agent
Version: 3.1.0.5696stretch
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?

     Just normal apt upgrade

   * What exactly did you do (or not do) that was effective (or
     ineffective)?

     see above

   * What was the outcome of this action?

     install failed.   

   * What outcome did you expect instead?

     install suceeds

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 9.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ossec-hids-agent depends on:
ii  debconf    1.5.61
ii  expect     5.45-7+deb9u1
ii  libc6      2.24-11+deb9u3
ii  libssl1.1  1.1.0f-3+deb9u2

ossec-hids-agent recommends no packages.

ossec-hids-agent suggests no packages.

-- Configuration Files:
/var/ossec/etc/ossec.conf changed:
<!-- OSSEC example config -->
<ossec_config>
  <client>
    <server-ip>some.public.ip.address</server-ip>
  </client>
  <syscheck>
    <!-- Frequency that syscheck is executed -- default every 2 hours -->
    <frequency>7200</frequency>
    
    <!-- Directories to check  (perform all possible verifications) -->
    <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
    <directories check_all="yes">/bin,/sbin,/boot</directories>
    <!-- Files/directories to ignore -->
    <ignore>/etc/mtab</ignore>
    <ignore>/etc/hosts.deny</ignore>
    <ignore>/etc/mail/statistics</ignore>
    <ignore>/etc/random-seed</ignore>
    <ignore>/etc/adjtime</ignore>
    <ignore>/etc/httpd/logs</ignore>
    <!-- Check the file, but never compute the diff -->
    <nodiff>/etc/ssl/private.key</nodiff>
  </syscheck>
  <rootcheck>
    <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
    <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
  </rootcheck>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/messages</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/authlog</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/secure</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/xferlog</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/maillog</location>
  </localfile>
  <localfile>
    <log_format>apache</log_format>
    <location>/var/www/logs/access_log</location>
  </localfile>
  <localfile>
    <log_format>apache</log_format>
    <location>/var/www/logs/error_log</location>
  </localfile>
</ossec_config>


-- debconf information:
* ossec-hids-agent/server-ip: some.public.ip.address

  • Bug#912213: ossec-hids-agent: subprocess new pre-removal scrip... Tom Stocker

Reply via email to