I followed the instructi0ons in the link below
http://www.ossec.net/wiki/index.php/OSSECWUI:Install
for installing web interface.
I did add the web user to the ossec group and i did restart the apache
service.
When i access the site "http ://anyhost/ossec-wui/" i am getting the
error on the web page saying
"Unable to access ossec directory"
I also get a notification from OSSEC installed on this system saying
the following
OSSEC HIDS Notification.
2007 Aug 13 16:09:20
Received From: systemname->/var/log/messages
Rule: 1002 fired (level 7) -> "Unknown problem somewhere in the
system."
Portion of the log(s):
Aug 13 16:09:19 systemname kernel: audit(1187046559.343:130): avc:
denied { read } for pid=29595 comm="httpd" name="ossec" dev=dm-0
ino=16957254 scontext=root:system_r:httpd_t:s0
tcontext=root:object_r:var_t:s0 tclass=dir
--END OF NOTIFICATION
Help please.
apache is my web user.Found by using ps -aux | grep http
The tmp/ folder inside ossec-wui folder has the following permissions
drwxrwxrwx 2 root apache 4096 Aug 13 15:05 tmp
The etc/group file has
"ossec:x:3004:apache" added
/var/ossec is the dir which has ossec installed.The permissions for
ossec folder are as follows.
dr-xr-xr-- 11 root ossec 4096 Aug 8 11:07 ossec
Help please. Running Fedora 6
