Hi Leslie,
Thanks for the e-mail. I will respond inline to do not confuse the topics...
On 6/12/06, Leslie S Arvin <[EMAIL PROTECTED]> wrote:
>
> It would be nice in our environment if those installation tasks which
> require root were separated from those that don't. I would prefer to
> compile software as, say, user 'arvin' and then execute only those tasks
> which absolutely need to run as root as root -- creating system directories,
> new users and groups, and setting file and directory modes. I'd like to
> separate the configure and compilation processes from the installation
> process.
I think this is currently possible. The install.sh script is just a wrapper to
configure ossec. The main work is done by ./src/Makeall and ./src/Installxx.sh.
For example, as user arvin you can type the following commands inside "src":
make all
make build
It will compile everything and let ossec ready to install. After that,
if you su to root
and type "make server", it will install the server files (or make
agent to install the agent files). I just tried it here and worked,
but since my testing environment has too
many instances of ossec running, I may be wrong (Kayvan knows well
about that :) ). However, because of that, ossec will not be properly
configured.
Anyway, to make things easy, I will add a flag to the install file to configure
only and other to install only ("./install configure-only" or
"./install install-only")
on the next version. Should be simple to do and will simplify the life of
a lot of people :)
Other thing that you may be interested is ./etc/preloaded-vars.conf. It allows
you to automate the installation without the need to answer to all the
questions every time... Maybe helpful on large networks.
> In our environment, our source directory is automounted from a separate
> machine
> than where I want to install the software. Root on the installation machine
> doesn't have authority to overwrite the source files owned by 'arvin' on the
> source machine, so unless I make the source files world-writable I can't
> compile ossec as root. But I can't create users or set directory permissions
> as
> 'arvin'. So I will have to hack the install scripts for each release unless
> this
> is changed. (Nevertheless, I'm very pleased to see indications that the
> source is
> updated frequently!)
>
> It would also be nice if the install script would only try to create the users
> and group if they do not already exist.
Will fix that :)
> My department is very pleased with ossec's capabilities. We were looking for
> a cross-platform HIDS product and were excited to find this. It works very
> well
> out of the box and seems very extensible. Wish me luck when I try to compile
> it
> for HP-UX.
I'm happy to know ossec is being helpful. Let us know how it works (or don't) in
HP-UX. Some other people already asked for HP-UX support, so it may
help other people :)
> -- Leslie Arvin
> [EMAIL PROTECTED], Office: FREH G409, Phone: 765-496-3971
> Network Systems Administrator, ITI-Unix Platforms
> Purdue University, Information Technology at Purdue
Thanks,
--
Daniel B. Cid
dcid @ ( at ) ossec.net
--~--~---------~--~----~------------~-------~--~----~
-~----------~----~----~----~------~----~------~--~---
