I've worked round it by not running with use_sudo but by adding a extra send command to the integrity script.
send sudo sh this then runs the rest as root. I will be adding a check to confirm the sudo sh worked, but this at least works without having to open root up. cheers On Mon, 11 Jul 2016 at 15:53 Chris Young <[email protected]> wrote: > hi there, > > Jeff - I see that you can get > > '2015/02/23 15:50:18 ossec-agentlessd: INFO: ssh_integrity_check_linux: > admin@agentless-test-rh6: use_sudo specified and 'sudo sh;' worked.' > > out in the log. > > when I try use_sudo I get no reference what so ever. > > have you managed to progress this any further? I really want to be able to > run with out opening root up. > > I've tried 2.9RC2 as well - no joy. > > > > On Tuesday, 24 February 2015 22:22:47 UTC, Jeff Blaine wrote: >> >> I use agents for systems that can run them, so I don't know. Try >>> turning on the logall option to see if the output ends up in >>> archives.log. >>> >> >> Nothing there with <logall>yes</logall>. Bummer. >> > -- > > --- > You received this message because you are subscribed to a topic in the > Google Groups "ossec-list" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ossec-list/sBC4vIpHM3E/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
