On Wed, Dec 1, 2010 at 10:28 AM, Jean-Paul Lesein <[email protected]> wrote: > I fix the error but now i'm getting "No agent available", how i can get my > local alert about my server ? > is it a permission problem ? >
It looks like a permissions problem. If the apache process is running with the correct groups it should work. I [dw]on't use the wui though, so I'm not sure I can be of much more help. > Le 01/12/2010 15:21, Jean-Paul Lesein a écrit : >> >> Okay, >> i see my log and i get this error >> >> opendir(/var/ossec) [<a href='function.opendir'>function.opendir</a>]: >> failed to open dir: Operation not permitted in >> /var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs/ossec-wui-0.3/lib/os_lib_handle.php >> on line 94, referer: >> http://monitoring.mydomain.com/ossec-wui-0.3/index.php?f=i >> >> [<a href='function.opendir'>function.opendir</a>]: open_basedir >> restriction in effect. File(/var/ossec) is not within the allowed path(s): >> (/var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs:/tmp) in >> /var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs/ossec-wui-0.3/lib/os_lib_handle.php >> on line 94, referer: >> http://monitoring.mydomain.com/ossec-wui-0.3/index.php?f=i >> >> >> >> Le 01/12/2010 15:10, dan (ddp) a écrit : >>> >>> On Wed, Dec 1, 2010 at 9:01 AM, Jean-Paul Lesein<[email protected]> >>> wrote: >>>> >>>> Thanks for your answer my >>>> >>>> SELinux status: disabled >>>> Ossec group is ok : ossec:x:2523:apache >>>> >>>> How i can verify apache isn't chrooted to another location ? >>>> >>>> Make sure you add the apache user to the ossec group (and restart >>>> apache). >>>> Make sure SELinux isn't blocking the access. : my >>>> Make sure apache isn't chrooted to another location. >>>> >>>> >>> I'm not sure of an easy way to check really. Is this a default Centos >>> apache? I don't think they chroot it. >>> >>> Only other things that I can think of to check are the webserver and >>> system logs to see if there is a proper error to go with the one you >>> get in the wui. >>> >>>> Le 01/12/2010 14:55, dan (ddp) a écrit : >>>>> >>>>> On Wed, Dec 1, 2010 at 8:48 AM, Jean-Paul Lesein<[email protected]> >>>>> wrote: >>>>>> >>>>>> Hi, >>>>>> >>>>>> OSSEC is installed successfully >>>>>> i try to use OSSEC webui on CentOS 5 with plesk but when i connect to >>>>>> OSSEC >>>>>> webui i get this error >>>>>> >>>>>> "Unable to access ossec directory" >>>>>> >>>>>> My safe_mode in "Off" and i fix the user who is apache on CentOS >>>>>> >>>>>> dr-xr-x--- 3 root ossec 16 Oct 13 16:06 active-response >>>>>> dr-xr-x--- 2 root ossec 4096 Dec 1 11:12 agentless >>>>>> dr-xr-x--- 2 root ossec 4096 Dec 1 14:03 bin >>>>>> dr-xr-x--- 4 root ossec 136 Dec 1 14:03 etc >>>>>> drwxr-x--- 5 ossec ossec 92 Oct 13 16:06 logs >>>>>> dr-xr-x--- 11 root ossec 127 Oct 13 16:06 queue >>>>>> dr-xr-x--- 3 root ossec 4096 Dec 1 11:12 rules >>>>>> drwxr-x--- 5 ossec ossec 61 Dec 1 11:13 stats >>>>>> drwxrwx--- 2 root apache 6 Dec 1 11:12 tmp >>>>>> dr-xr-x--- 3 root ossec 16 Dec 1 14:13 var >>>>>> >>>>>> If someone can help me, i would be very happy >>>>>> >>>>> Make sure you add the apache user to the ossec group (and restart >>>>> apache). >>>>> Make sure SELinux isn't blocking the access. >>>>> Make sure apache isn't chrooted to another location. >>>>> >>>> >> > >
