All right, here's my plan if it still seems to be working on the Windows hosts: 1. I need to test on linux. a. Test upgrades from 2.8.2 b. Test server installs c. Test agent installs d. Test hybrid 2. I need to write up some release notes 3. Tag and pull request 4. Coordinate an actual release with the powers that be. a. PGP signing b. Website updates c. Announcements
Anyone see anything I've forgotten? Here's a zip of the source for anyone who wants to do any testing (Solaris/OS X testers would be great!): https://github.com/ddpbsd/ossec-hids/archive/283.zip On Tue, Oct 6, 2015 at 8:15 AM, dan (ddp) <[email protected]> wrote: > I don't think it would hurt to do it. > > On Fri, Oct 2, 2015 at 2:02 PM, DefensiveDepth <[email protected]> wrote: >> Looks like the client is still stable this morning. >> >> Do you want me to re-build and test the new changes you made, or wait? >> >> -Josh >> >> On Friday, October 2, 2015 at 8:45:18 AM UTC-4, dan (ddpbsd) wrote: >>> >>> I've also made a couple of smaller changes to the branch. It still >>> compiles for win32 and now compiles for *nix as well. >>> I still need to make sure the hybrid fix is in, and do some more >>> testing. After that it's document the changes and submit them. I still >>> have to figure out the whole git tagging thing, to make sure I don't >>> clobber anything important. >>> >>> On Fri, Oct 2, 2015 at 7:29 AM, dan (ddp) <[email protected]> wrote: >>> > On Thu, Oct 1, 2015 at 4:34 PM, DefensiveDepth <[email protected]> >>> > wrote: >>> >> Built great. (Thanks!) >>> >> >>> >> Installed and running on 2008 R2 right now. Appears to be working >>> >> correctly. >>> >> Getting a massive number of the following errors in the client log: >>> >> >>> >> ===================== >>> >> >>> >> 2015/10/01 16:24:59 ossec-agent: ERROR: Could not mkstemp_ex() >>> >> temporary >>> >> bookmark (tmp/Microsoft-Windows-Sysmon_Operational-a03592) for >>> >> (Microsoft-Windows-Sysmon/Operational) >>> >> >>> >> 2015/10/01 16:24:59 ossec-agent: ERROR: Could not create temporary file >>> >> (tmp/Microsoft-Windows-Sysmon_Operational-a03592) which returned (3) >>> >> >>> >> 2015/10/01 16:24:59 ossec-agent: ERROR: Could not mkstemp_ex() >>> >> temporary >>> >> bookmark (tmp/Microsoft-Windows-Sysmon_Operational-a03592) for >>> >> (Microsoft-Windows-Sysmon/Operational) >>> >> >>> >> 2015/10/01 16:24:59 ossec-agent: ERROR: Could not create temporary file >>> >> (tmp/Microsoft-Windows-Sysmon_Operational-a03592) which returned (3) >>> >> ================== >>> >> >>> > >>> > I'll try to look at these this weekend to try and figure out if >>> > they're a big deal or not. >>> > >>> >> Will check in the morning to make sure everything is still working >>> >> right >>> >> >>> >> -Josh >>> >> >>> >> On Thursday, October 1, 2015 at 9:01:57 AM UTC-4, dan (ddpbsd) wrote: >>> >>> >>> >>> (Hint: I did, but I'll deal with that fallout later :-P) >>> >>> >>> >>> On Oct 1, 2015 8:55 AM, "dan (ddp)" <[email protected]> wrote: >>> >>>> >>> >>>> I've updated the branch again. I managed to compile a binary, but >>> >>>> can't test it at the moment. >>> >>>> I'm running a *nix build or two in the mean time to make sure I >>> >>>> didn't >>> >>>> mess anything up there. >>> >>>> >>> >>>> On Thu, Oct 1, 2015 at 5:16 AM, DefensiveDepth <[email protected]> >>> >>>> wrote: >>> >>>> > When in doubt, caffeinate! >>> >>>> > >>> >>>> > Is the mkstemp error possibly related to the version of mingw32 we >>> >>>> > are >>> >>>> > running? >>> >>>> > >>> >>>> > >>> >>>> > On Wednesday, September 30, 2015 at 10:52:51 PM UTC-4, dan (ddpbsd) >>> >>>> > wrote: >>> >>>> >> >>> >>>> >> On Wed, Sep 30, 2015 at 10:31 PM, dan (ddp) <[email protected]> >>> >>>> >> wrote: >>> >>>> >> > On Wed, Sep 30, 2015 at 8:22 PM, SoulAuctioneer >>> >>>> >> > <[email protected]> wrote: >>> >>>> >> >> Might just need to add this line into error_messages.h in Dan's >>> >>>> >> >> branch: >>> >>>> >> >> >>> >>>> >> >> >>> >>>> >> >> >>> >>>> >> >> >>> >>>> >> >> https://github.com/awiddersheim/ossec-hids/blob/master/src/error_messages/error_messages.h#L44 >>> >>>> >> >> >>> >>>> >> > >>> >>>> >> > There's definitely more than that. Adding that line I still get: >>> >>>> >> > /tmp/ccw4cOwc.o:read_win_event_channel.c:(.text+0xcdb): >>> >>>> >> > undefined >>> >>>> >> > reference to `mkstemp_ex' >>> >>>> >> > /tmp/ccw4cOwc.o:read_win_event_channel.c:(.text+0xe19): >>> >>>> >> > undefined >>> >>>> >> > reference to `rename_ex' >>> >>>> >> > /usr/bin/i686-w64-mingw32-ld: /tmp/ccw4cOwc.o: bad reloc address >>> >>>> >> > 0xd84 >>> >>>> >> > in section `.rdata' >>> >>>> >> > collect2: error: ld returned 1 exit status >>> >>>> >> > >>> >>>> >> > Unfortunately, google doesn't help with mkstemp_ex or rename_ex. >>> >>>> >> > >>> >>>> >> >>> >>>> >> Derp, found those. I probably shouldn't have settled for decaf. >>> >>>> >> >>> >>>> >> > >>> >>>> >> >> -- >>> >>>> >> >> >>> >>>> >> >> --- >>> >>>> >> >> You received this message because you are subscribed to the >>> >>>> >> >> Google >>> >>>> >> >> Groups >>> >>>> >> >> "ossec-list" group. >>> >>>> >> >> To unsubscribe from this group and stop receiving emails from >>> >>>> >> >> it, >>> >>>> >> >> send >>> >>>> >> >> an >>> >>>> >> >> email to [email protected]. >>> >>>> >> >> For more options, visit https://groups.google.com/d/optout. >>> >>>> > >>> >>>> > -- >>> >>>> > >>> >>>> > --- >>> >>>> > You received this message because you are subscribed to the Google >>> >>>> > Groups >>> >>>> > "ossec-list" group. >>> >>>> > To unsubscribe from this group and stop receiving emails from it, >>> >>>> > send >>> >>>> > an >>> >>>> > email to [email protected]. >>> >>>> > For more options, visit https://groups.google.com/d/optout. >>> >> >>> >> -- >>> >> >>> >> --- >>> >> You received this message because you are subscribed to the Google >>> >> Groups >>> >> "ossec-list" group. >>> >> To unsubscribe from this group and stop receiving emails from it, send >>> >> an >>> >> email to [email protected]. >>> >> For more options, visit https://groups.google.com/d/optout. >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
