If you could send me your changes I can get those added into the main package too.
-Scott On Thu, 2010-08-26 at 11:41 -0400, David Porcello wrote: > Indeed I am. Specifically, here are the Atomic packages I installed: > > inotify-tools-3.11-1.el5.art.x86_64.rpm > ossec-hids-2.4-1.el5.art.x86_64.rpm > ossec-hids-client-2.4-1.el5.art.x86_64.rpm > > Would be great to see your SPEC fix if you'd like to share. Otherwise I'll > just build a new RPM from source. > > Thanks!! > d. > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Jason 'XenoPhage' Frisvold > Sent: Wednesday, August 18, 2010 4:25 PM > To: [email protected] > Subject: Re: [ossec-list] Detecting changes to running processes & ports > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Aug 12, 2010, at 11:53 AM, David Porcello wrote: > > Hi all, > > > > I'm running OSSEC client 2.4.1 on a handful of RedHat EL 5.5 servers and > > I'm seeing the following behavior across the board: It appears that > > client-logcollector and client-syscheckd aren't detected as running, and > > therefore aren't stopped by ossec-control. If these daemons aren't killed, > > multiple instances begin building up with each start or restart request, > > and new agent.conf configs are prevented from loading. > > Are you, perchance, running the atomicturtle RPM version of ossec? > Specifically version 2.4.1-4 ? If so, I think this is a bug in that RPM > causing the problem.. I have a SPEC that fixes the problem if you want it, > though it removes all of the atomicturtle specific stuff (rules, decoders, > etc). > > > Found a couple related threads, but none with a resolution. Anyone else > > seeing this? > > > > Thanks, > > d. > > - --------------------------- > Jason 'XenoPhage' Frisvold > [email protected] > - --------------------------- > "Any sufficiently advanced magic is indistinguishable from technology." > - - Niven's Inverse of Clarke's Third Law > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.14 (Darwin) > > iEYEARECAAYFAkxsQZ0ACgkQ8CjzPZyTUTSQWQCgmLRn3ZAjHP8eZqYvinCFZ4+d > nqUAn0CoHOSjIEBoJAyuhxy4wYBXynSb > =g6SA > -----END PGP SIGNATURE----- > > NOTICE: The information contained in this e-mail and any attachments is > intended solely for the recipient(s) named above, and may be confidential and > legally privileged. If you received this e-mail in error, please notify the > sender immediately by return e-mail and delete the original message and any > copy of it from your computer system. If you are not the intended recipient, > you are hereby notified that any review, disclosure, retransmission, > dissemination, distribution, copying, or other use of this e-mail, or any of > its contents, is strictly prohibited. > > Although this e-mail and any attachments are believed to be free of any virus > or other defects, it is the responsibility of the recipient to ensure that it > is virus-free and no responsibility is accepted by the sender for any loss or > damage arising if such a virus or defect exists.
