On Mon, Mar 11, 2013 at 11:04 AM, hays <[email protected]> wrote: > > > dan (ddp) wrote: >>> >>> Thinking that perhaps4.2 is too old, I next installed mac ports and used >> >> >> 4.2 definitely works. I generally compile OSSEC with4.2, just not on OS >> X. >> > > I don't doubt it, but Apple stopped patching gcc a good while ago, and I bet > that's the problem. > > Shane R, thanks for the pointer. I just installed Macports version of gcc, > it's easy to switch between compilers. > > >> >> dev is usually easier (IMO), but here is fine too. I'm definitely >> interested in what is failing WRT creating users. I feel like that was >> updated not too long ago. >> > > Figure that part out, the InstallAgent.sh file was defaulting to netinfo > style user creation if it did not find 10.5|10.6 in the sw_vers return. I > reversed it, this works better: > > # Thanks Chuck L. for the mac addusers > elif [ "$UNAME" = "Darwin" ]; then > # Check to see if we're root. > id -u ${USER} > /dev/null 2>&1 > if [ ! $? = 0 ]; then > > # Creating for 10.5 > /usr/bin/sw_vers 2>/dev/null| grep "ProductVersion" | grep -E > "10.2|10.3.|10.4" > /dev/null 2>&1 > if [ $? = 0 ]; then > echo "Found OS X version 10.4 or below"; > chmod +x ./init/darwin-addusers.pl > ./init/darwin-addusers.pl > else > echo "Found OS X version above 10.4"; > chmod +x ./init/osx105-addusers.sh > ./init/osx105-addusers.sh > > fi > fi > > I'm guessing no one will install this on anything older than 10.2. (; > > But now I'm getting: > 2013/03/11 10:50:25 ossec-agentd(1402): ERROR: Authentication key file > '/var/ossec/etc/client.keys' not found. > 2013/03/11 10:50:25 ossec-agentd(1750): ERROR: No remote connection > configured. Exiting. > 2013/03/11 10:50:25 ossec-agentd(4109): ERROR: Unable to start without auth > keys. Exiting. > > And in the etc folder in ossec-hids-2.7 dir after the make, sure enough > there's no client.keys file. Where do the client.keys get made? >
It gets made when you either add an agent, or install the key. Is this supposed to be a server, local, or agent install? (I'm guessing server since it complains about remoted) > Also, if access to a mac is an issue, I can give you access to one of mine. > > tia, > bil > > -- > _______________________ > bil haysShane R <[email protected]> > > Infrastructure Manager > Computer Science, UNC CH > www.cs.unc.edu/~hays > > -- > > --- You received this message because you are subscribed to the Google > Groups "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
