Daniel,
        If I can get a break from people at work constantly doing things they shouldn't I'll put together a SuSE script that will mess well with other SuSE scripts. Baring spare time at work, I should be able to get you one in a day or two.

Scott


On Tue, 2006-08-22 at 14:32 -0300, Daniel Cid wrote:
Thanks for all the contributions. So, I have added the rc.ossec for slackware
(thanks Jack) and the script for gentoo. However, I didn't know what to do with
the Suse one. Where should the init script go and how to enable it to be called
during boot? Any ideas?

*I liked the idea of a gentoo package. I heard someone also made an RPM
for ossec,  but I never saw it (anyone from the list?).

*We also have a dev mailling list ([EMAIL PROTECTED]) to discuss
these issues..

--
Daniel B. Cid
dcid ( at ) ossec.net

On 8/21/06, gentuxx <[EMAIL PROTECTED]> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Daniel Cid wrote:
> >
> > Hi Gentuxx,
> >
> > Thanks for the script. I just made a small change to it so that instead
> > of hardcoding /var/ossec as the directory, it would read it from
> > /etc/ossec-init.conf. What I added is:
>
> Actually, for gentoo, this would be better accomplished by putting
> 'DIRECTORY="/var/ossec"' (and other configurable items) in
> /etc/conf.d/ossec.  Gentoo uses a package system called Portage, and
> the packages are "contained" in ebuilds, which is basically a shell
> script that goes through the steps of compiling and installing the
> package.  Ideally, there would be an ebuild for ossec where all of
> this would be laid out, but I haven't quite gotten to the point of
> writing my own ebuilds yet.  ;-)  And I don't know if there is a high
> enough demand for ossec yet in the gentoo community.  Maybe I'll poke
> around and see if there's any interest.
>
> >
> > "
> > # Finding where ossec is installed
> > . /etc/ossec-init.conf
> > if [ "X${DIRECTORY}" = "X" ]; then
> >    DIRECTORY="/var/ossec"
> > fi
> >
> > OSSEC_CONTROL="${DIRECTORY}/bin/ossec-control"
> > "
> >
> > In addition to that, is there a way to identify a system as Gentoo?
> > (for
> > example, Red hat has the file "/etc/redhat-release"). We need that so
> > we can configure the scripts during install...
>
> And, I can confirm what dzik said regarding the /etc/gentoo-release.
> Here's the content of that file, if needed:
>
> Gentoo Base System version 1.12.4
>
>
> >
> > Thanks,
> >
> > --
> > Daniel B. Cid
> > dcid ( at ) ossec.net
> >
> > On 8/20/06, gentuxx <[EMAIL PROTECTED]> wrote:
> > Hi all,
> >
> > I managed to modify one of the existing rc-scripts on my gentoo system
> > for ossec.
> >
> > Usage: ossec { start|stop|restart|status|configtest }
> >
> > Works like a charm for me.
> >
> > [EMAIL PROTECTED] ~ # rc-update add ossec default
> >  * ossec added to runlevel default
> > [EMAIL PROTECTED] ~ # /etc/init.d/ossec start
> >  * Starting ossec-hids
> > ...
> >
> >
> > [ ok ]
> > [EMAIL PROTECTED] ~ #
> >
> >
> > --
> > gentux
> > echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
> >
> > gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239  D840 4CF0 39E2
> > 18D3 4A9E
> > >>
> > >>
> > >>
> > #!/sbin/runscript
> > >>
> > opts="${opts} status configtest"
> > OSSEC_CONTROL='/var/ossec/bin/ossec-control'
> > >>
> > depend() {
> >         need net
> >         use logger
> > }
> > >>
> > configtest() {
> >         ebegin "Checking OSSEC Configuration"
> >         checkconfig
> >         eend $?
> > }
> > >>
> > checkconfig() {
> > >>
> >         CONFIGFILE="${CONFIGFILE:-/var/ossec/etc/ossec.conf}"
> >         if [ ! -r "${CONFIGFILE}" ]; then
> >                 eerror "Unable to read configuration file:
> > ${CONFIGFILE}"
> >                 return 1
> >         fi
> > >>
> >         # Maybe put some kind of config file syntax checking in
> > here?  XML is a little different
> >         # so maybe not.
> >         return $ret
> > }
> > >>
> > start() {
> >         checkconfig || return 1
> >         ebegin "Starting ossec-hids"
> >         ${OSSEC_CONTROL} start > /dev/null 2>&1
> >         eend $?
> > }
> > >>
> > stop() {
> >         checkconfig || return 1
> >         ebegin "Stopping ossec-hids"
> >         ${OSSEC_CONTROL} stop > /dev/null 2>&1
> >         eend $?
> > }
> > >>
> > restart() {
> >         if ! service_started "${myservice}" ; then
> >                 eerror "OSSEC is not running! Please start it
> > before trying to reload it."
> >         else
> >                 checkconfig || return 1
> >                 ebegin "Reloading ossec"
> >                 svc_stop ${OSSEC_CONTROL}
> >                 svc_start ${OSSEC_CONTROL}
> >                 eend $?
> >         fi
> > }
> > >>
> > status() {
> >         checkconfig || return 1
> >         ${OSSEC_CONTROL} status
> > }
> > >>
> > >>
> > >>
> >
> > --
> > gentux
> > echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
> >
> > gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239  D840 4CF0
> > 39E2 18D3 4A9E
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
>
> iD8DBQFE6gNsTPA54hjTSp4RAswMAJ97ez4MhCnWbuyOLT2BNcSLY4z6ZwCghvUc
> YxShOJ/NM6Xkk8mZv29N+L0=
> =2cti
> -----END PGP SIGNATURE-----
>
>
G E Scott Knauss [EMAIL PROTECTED]  or  [EMAIL PROTECTED]
ECRNOC Naples, IT [EMAIL PROTECTED]
Lead Network Engineer  
DSN: 314-626-4854
Comm: 39-333-224-9323
Cell: 39-333-224-9323

Reply via email to