If I can get a break from people at work constantly doing things they shouldn't I'll put together a SuSE script that will mess well with other SuSE scripts. Baring spare time at work, I should be able to get you one in a day or two.
Scott
On Tue, 2006-08-22 at 14:32 -0300, Daniel Cid wrote:
Thanks for all the contributions. So, I have added the rc.ossec for slackware (thanks Jack) and the script for gentoo. However, I didn't know what to do with the Suse one. Where should the init script go and how to enable it to be called during boot? Any ideas? *I liked the idea of a gentoo package. I heard someone also made an RPM for ossec, but I never saw it (anyone from the list?). *We also have a dev mailling list ([EMAIL PROTECTED]) to discuss these issues.. -- Daniel B. Cid dcid ( at ) ossec.net On 8/21/06, gentuxx <[EMAIL PROTECTED]> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Daniel Cid wrote: > > > > Hi Gentuxx, > > > > Thanks for the script. I just made a small change to it so that instead > > of hardcoding /var/ossec as the directory, it would read it from > > /etc/ossec-init.conf. What I added is: > > Actually, for gentoo, this would be better accomplished by putting > 'DIRECTORY="/var/ossec"' (and other configurable items) in > /etc/conf.d/ossec. Gentoo uses a package system called Portage, and > the packages are "contained" in ebuilds, which is basically a shell > script that goes through the steps of compiling and installing the > package. Ideally, there would be an ebuild for ossec where all of > this would be laid out, but I haven't quite gotten to the point of > writing my own ebuilds yet. ;-) And I don't know if there is a high > enough demand for ossec yet in the gentoo community. Maybe I'll poke > around and see if there's any interest. > > > > > " > > # Finding where ossec is installed > > . /etc/ossec-init.conf > > if [ "X${DIRECTORY}" = "X" ]; then > > DIRECTORY="/var/ossec" > > fi > > > > OSSEC_CONTROL="${DIRECTORY}/bin/ossec-control" > > " > > > > In addition to that, is there a way to identify a system as Gentoo? > > (for > > example, Red hat has the file "/etc/redhat-release"). We need that so > > we can configure the scripts during install... > > And, I can confirm what dzik said regarding the /etc/gentoo-release. > Here's the content of that file, if needed: > > Gentoo Base System version 1.12.4 > > > > > > Thanks, > > > > -- > > Daniel B. Cid > > dcid ( at ) ossec.net > > > > On 8/20/06, gentuxx <[EMAIL PROTECTED]> wrote: > > Hi all, > > > > I managed to modify one of the existing rc-scripts on my gentoo system > > for ossec. > > > > Usage: ossec { start|stop|restart|status|configtest } > > > > Works like a charm for me. > > > > [EMAIL PROTECTED] ~ # rc-update add ossec default > > * ossec added to runlevel default > > [EMAIL PROTECTED] ~ # /etc/init.d/ossec start > > * Starting ossec-hids > > ... > > > > > > [ ok ] > > [EMAIL PROTECTED] ~ # > > > > > > -- > > gentux > > echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' > > > > gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 39E2 > > 18D3 4A9E > > >> > > >> > > >> > > #!/sbin/runscript > > >> > > opts="${opts} status configtest" > > OSSEC_CONTROL='/var/ossec/bin/ossec-control' > > >> > > depend() { > > need net > > use logger > > } > > >> > > configtest() { > > ebegin "Checking OSSEC Configuration" > > checkconfig > > eend $? > > } > > >> > > checkconfig() { > > >> > > CONFIGFILE="${CONFIGFILE:-/var/ossec/etc/ossec.conf}" > > if [ ! -r "${CONFIGFILE}" ]; then > > eerror "Unable to read configuration file: > > ${CONFIGFILE}" > > return 1 > > fi > > >> > > # Maybe put some kind of config file syntax checking in > > here? XML is a little different > > # so maybe not. > > return $ret > > } > > >> > > start() { > > checkconfig || return 1 > > ebegin "Starting ossec-hids" > > ${OSSEC_CONTROL} start > /dev/null 2>&1 > > eend $? > > } > > >> > > stop() { > > checkconfig || return 1 > > ebegin "Stopping ossec-hids" > > ${OSSEC_CONTROL} stop > /dev/null 2>&1 > > eend $? > > } > > >> > > restart() { > > if ! service_started "${myservice}" ; then > > eerror "OSSEC is not running! Please start it > > before trying to reload it." > > else > > checkconfig || return 1 > > ebegin "Reloading ossec" > > svc_stop ${OSSEC_CONTROL} > > svc_start ${OSSEC_CONTROL} > > eend $? > > fi > > } > > >> > > status() { > > checkconfig || return 1 > > ${OSSEC_CONTROL} status > > } > > >> > > >> > > >> > > > > -- > > gentux > > echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' > > > > gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 > > 39E2 18D3 4A9E > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.5 (GNU/Linux) > > iD8DBQFE6gNsTPA54hjTSp4RAswMAJ97ez4MhCnWbuyOLT2BNcSLY4z6ZwCghvUc > YxShOJ/NM6Xkk8mZv29N+L0= > =2cti > -----END PGP SIGNATURE----- > >
|
