[ossec-list] ossec-remoted segfault

Mon, 22 Feb 2010 04:19:12 -0800 

Hi,



When starting ossec, no 1514 port is open and I see in my /var/log/messages
this error



Feb 22 12:03:02 s3cure kernel: [548043.787406] ossec-remoted[25511]:
segfault at 99 ip 08062f01 sp bf8cc7c0 error 4 in
ossec-remoted[8048000+3b000]















with gdb I get this output





GNU gdb 6.8-debian

Copyright (C) 2008 Free Software Foundation, Inc.

License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html
>

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.  Type "show copying"

and "show warranty" for details.

This GDB was configured as "i486-linux-gnu"...

(gdb) set follow-fork-mode child

(gdb) run

Starting program: /var/ossec/bin/ossec-remoted

[Thread debugging using libthread_db enabled]

[New Thread 0xb7df06b0 (LWP 25505)]

[Thread debugging using libthread_db enabled]

[New Thread 0xb7df06b0 (LWP 25508)]

[Thread debugging using libthread_db enabled]

[New Thread 0xb7df06b0 (LWP 25509)]

[Thread debugging using libthread_db enabled]

[New Thread 0xb7df06b0 (LWP 25510)]



Program exited with code 01.

(gdb) bt

No stack.







Ossec version is 2.3 and Linux version is debian 5.0.2 :



Linux s3cure 2.6.26-2-686-bigmem #1 SMP Sat Dec 26 09:26:36 UTC 2009 i686
GNU/Linux







My last ossec.log is:



2010/02/22 12:08:53 ossec-remoted(4111): INFO: Maximum number of agents
allowed: '256'.

2010/02/22 12:08:53 ossec-remoted(1410): INFO: Reading authentication keys
file.

2010/02/22 12:08:56 ossec-syscheckd: INFO: Started (pid: 26901).

2010/02/22 12:08:58 ossec-logcollector(1950): INFO: Analyzing file:
'/var/log/messages'.

2010/02/22 12:08:58 ossec-logcollector(1950): INFO: Analyzing file:
'/var/log/auth.log'.

2010/02/22 12:08:58 ossec-logcollector(1950): INFO: Analyzing file:
'/var/log/syslog'.

2010/02/22 12:08:58 ossec-logcollector(1950): INFO: Analyzing file:
'/var/log/mail.info'.

2010/02/22 12:08:58 ossec-logcollector(1950): INFO: Analyzing file:
'/var/log/dpkg.log'.

2010/02/22 12:08:58 ossec-logcollector(1950): INFO: Analyzing file:
'/var/log/apache2/error.log'.

2010/02/22 12:08:58 ossec-logcollector(1950): INFO: Analyzing file:
'/var/log/apache2/access.log'.

2010/02/22 12:08:58 ossec-logcollector: INFO: Started (pid: 26891).

2010/02/22 12:09:28 ossec-syscheckd: No directories to check.







If I run another time install.sh without upgrading it, ossec-remoted runs
without any problem.



Thank you for any help

Reply via email to