[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)

Subject: [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
From: oahmet at metu.edu.tr (ahmet ozturk)
Date: Tue, 16 May 2006 15:54:34 +0300
Hi Sebastian,

First I should admit that I have no personal experience with Zone
technology on  Solaris. As far as I read about it, I guess it may be the
cause of problem. However, I want to test it. Is it possible to send
your Zone configuration(info),  especially the "inherit-pkg-dir" entries
if exists?

Also, if you are the root of the main Solaris instance, is it possible
for you to install ossec-hids on that instance -not on a zone- for test
purposes?

Regards,

Ahmet Ozturk.


Sebastian Benner wrote:
> Hi Ahmet,
> 
> here I have got some additional info about my system for you:
> 
> ----------------------------------------------------------------------------
> bash-3.00# showrev -c make
> 
> PATH is:
> /opt/csw/bin:/opt/csw/gcc3/bin:/usr/ucb:/usr/ccs/bin:/usr/sbin:/usr/bin
> 
> PWD is:
> /tmp/ossec-hids-0.8
> 
> LD_LIBRARY_PATH is not set in the current environment
> ________________________________________________________________________
> 
> File: /usr/ccs/bin/make
> =======================
> File type: ELF 32-bit MSB executable SPARC Version 1, dynamically linked, 
> stripped
> Command version: RELEASE VERSION SunOS 5.10 Patch 118676-01 March 2005
> 
> File mode: rwxr-xr-x
> User owning file: root
> Group owning file: bin
> Library information:
>          libintl.so.1 =>  /lib/libintl.so.1
>          libnsl.so.1 =>   /lib/libnsl.so.1
>          libsocket.so.1 =>        /lib/libsocket.so.1
>          libw.so.1 =>     /lib/libw.so.1
>          libm.so.1 =>     /lib/libm.so.1
>          libc.so.1 =>     /lib/libc.so.1
>          libmp.so.2 =>    /lib/libmp.so.2
>          libmd5.so.1 =>   /lib/libmd5.so.1
>          libscf.so.1 =>   /lib/libscf.so.1
>          libdoor.so.1 =>  /lib/libdoor.so.1
>          libuutil.so.1 =>         /lib/libuutil.so.1
>          libm.so.2 =>     /lib/libm.so.2
>          /platform/SUNW,Sun-Fire-V240/lib/libc_psr.so.1
>          /platform/SUNW,Sun-Fire-V240/lib/libmd5_psr.so.1
> Sum: 58362
> ----------------------------------------------------------------------------
> 
> I tested mkdir -p ../bin and it works.
> 
> Regards,
> 
> Sebastian Benner
> 
> 
> 
>>Hi Sebastian,
>>
>>In addition to Daniel's suggestions, is it possible to verify that
>>"mkdir -p ../bin" creates the directory on your system.
>>Btw, I'm using Solaris 10 on x86 and GNU make v3.80 without any
>>problem. Is it possible to tell us which  version of make you're using,
>>and is your system Solaris 10 on Sparc or x86?
>>
>>Regards,
>>
>>Ahmet Ozturk.
>>
>>Daniel Cid wrote:
>>
>>>Hi Sebastian,
>>>
>>>Looks like the "bin" directory wasn't created for some reason... Can
>>>you do the following:
>>>
>>>-Remove /var/ossec (rm -rf /var/ossec)
>>>-Start the installation process again (cd ossec-hids-0.8).
>>>-Before running the install.sh script, create ./bin (mkdir ./bin).
>>>-Run ./install.sh and see if it works.
>>>
>>>*I don't have Solaris in here, so I can't help you much more than that.
>>>Probably Ahmet (the Solaris guy :)) will be able to give you a better answer.
>>>
>>>Thanks,
>>>
>>>--
>>>Daniel B. Cid
>>>dcid @ ( at ) ossec.net
>>>
>>>On 5/15/06, Sebastian Benner <sebastian.benner at fernuni-hagen.de> wrote:
>>>
>>>
>>>>Hello,
>>>>
>>>>I tried to install ossec 0.8 on a Solaris 10 Zone. The install script
>>>>worked so far, but some errors occured making it impossible to start
>>>>ossec :-(
>>>>
>>>>.......................................................................
>>>> *** Making syscheckd ***
>>>>
>>>>gcc -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DUSE_OPENSSL
>>>>-lsocket -lnsl -lresolv -DSOLARIS -DHIGHFIRST -include strings.h
>>>>-DARGV0=\"ossec-syscheckd\" -DXML_VAR=\"var\" -DOSSECHIDS syscheck.c
>>>>config.c create_db.c run_check.c ../config/*.c ../shared/lib_shared.a
>>>>../os_xml/os_xml.a ../os_regex/os_regex.a ../os_net/os_net.a
>>>>../os_crypto/os_crypto.a ../rootcheck/rootcheck_lib.a -o ossec-syscheckd
>>>>cp -pr ossec-maild ../../bin
>>>>cp -pr ossec-execd ../../bin
>>>>cp -pr ossec-analysisd ../../bin
>>>>cp -pr ossec-logcollector ../../bin
>>>>cp -pr ossec-remoted ../../bin
>>>>cp -pr ossec-agentd ../../bin
>>>>cp -pr manage_agents ../../bin
>>>>cp -pr manage_agents ../../bin
>>>>cp -pr syscheck_update clear_stats ../../bin
>>>>cp: Target ../../bin must be a directory
>>>>Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>>>       cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>>>       cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>>>*** Error code 2
>>>>make: Fatal error: Command failed for target `build'
>>>>Current working directory /tmp/ossec-hids-0.8/src/util
>>>>
>>>>Error Making the binaries
>>>>*** Error code 1
>>>>The following command caused the error:
>>>>/bin/sh ./Makeall build
>>>>make: Fatal error: Command failed for target `build'
>>>>chmod: WARNING: can't access /var/ossec
>>>>chown: unknown user id: root:ossec
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/alerts
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/ossec
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/fts
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/syscheck
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/rootcheck
>>>>chown: unknown user id: ossecr:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/agent-info
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/stats
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/logs
>>>>touch: cannot create /var/ossec/logs/ossec.log: No such file or directory
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/logs/ossec.log
>>>>cp: /var/ossec/rules/ not found
>>>>chown: unknown user id: root:ossec
>>>>chmod: WARNING: can't access /var/ossec/rules
>>>>chmod: WARNING: can't access /var/ossec/etc
>>>>chown: unknown user id: root:ossec
>>>>Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>>>       cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>>>       cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>>>chmod: WARNING: can't access /var/ossec/var/run
>>>>chown: unknown user id: root:ossec
>>>>cp: ../bin/ossec*: Not a directory
>>>>cp: ../bin/manage_agents: Not a directory
>>>>cp: ../bin/syscheck_update: Not a directory
>>>>cp: ../bin/clear_stats: Not a directory
>>>>cp: cannot create /var/ossec/bin/ossec-control: No such file or directory
>>>>cp: cannot create /var/ossec/etc/: No such file or directory
>>>>cp: /var/ossec/etc/shared/ not found
>>>>cp: /var/ossec/active-response/bin/ not found
>>>>chmod: WARNING: can't access /var/ossec/active-response/bin/*
>>>>Not overwritting /etc/ossec.conf.
>>>>
>>>>
>>>> - Unknown system. No init script added.
>>>>
>>>> - Configuration finished properly.
>>>>
>>>> - To start OSSEC HIDS:
>>>>                /var/ossec/bin/ossec-control start
>>>>
>>>> - To stop OSSEC HIDS:
>>>>                /var/ossec/bin/ossec-control stop
>>>>
>>>> - The configuration can be viewed or modified at
>>>>/var/ossec/etc/ossec.conf
>>>>
>>>>
>>>>    Thanks for using the OSSEC HIDS.
>>>>    If you have any question, suggestion or if you find any bug,
>>>>    contact us at contact at ossec.net or using our public maillist at
>>>>    ossec-list at ossec.net
>>>>    (http://mailman.underlinux.com.br/mailman/listinfo/ossec-list).
>>>>
>>>>    More information can be found at http://www.ossec.net
>>>>
>>>>    ---  Press ENTER to finish (maybe more information bellow). ---
>>>>........................................................................
>>>>
>>>>I am using gnu tools and software installed as packages via blastwave.org
>>>>(e.g. gcc3, wget...) needed to install and compile ossec.
>>>>
>>>>
>>>>Regards,
>>>>
>>>>Sebastian
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>On Fri, 12 May 2006, ossec-list-request at ossec.net wrote:
>>>>
>>>>
>>>>
>>>>>Send ossec-list mailing list submissions to
>>>>>     ossec-list at ossec.net
>>>>>
>>>>>To subscribe or unsubscribe via the World Wide Web, visit
>>>>>     http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>>>or, via email, send a message with subject or body 'help' to
>>>>>     ossec-list-request at ossec.net
>>>>>
>>>>>You can reach the person managing the list at
>>>>>     ossec-list-owner at ossec.net
>>>>>
>>>>>When replying, please edit your Subject line so it is more specific
>>>>>than "Re: Contents of ossec-list digest..."
>>>>>
>>>>>
>>>>>Today's Topics:
>>>>>
>>>>> 1. Version 0.8 of OSSEC HIDS is now available! (Daniel Cid)
>>>>>
>>>>>
>>>>>----------------------------------------------------------------------
>>>>>
>>>>>Message: 1
>>>>>Date: Thu, 11 May 2006 17:17:30 -0300
>>>>>From: "Daniel Cid" <daniel.cid at gmail.com>
>>>>>Subject: [Ossec-list] Version 0.8 of OSSEC HIDS is now available!
>>>>>To: "OSSEC Users List" <ossec-list at ossec.net>
>>>>>Message-ID:
>>>>>     <b92e6f200605111317n58aa5bale194d4cb30b4583e at mail.gmail.com>
>>>>>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>>>>
>>>>>This is the first version offering native support to
>>>>>Windows NT, XP, 2000 and 2003. It includes as well a new set
>>>>>of log analysis rules for sendmail, web logs (Apache and
>>>>>IIS), IDSs and Windows authentication events.
>>>>>
>>>>>The correlation rules for squid, mail logs, firewall events
>>>>>and authentication systems have been improved, detecting
>>>>>scans, brute-force attacks, worms and internal attacks.
>>>>>In addition to that, the active-responses were refined, with
>>>>>support to IPFW (FreeBSD) added.
>>>>>
>>>>>The installation process was re-organized, now including simpler
>>>>>configuration options and translation on 6 different languages
>>>>>(English, Portuguese, German, Turkish, Polish and Italian).
>>>>>
>>>>>
>>>>>To download the Unix and Windows versions:
>>>>>http://www.ossec.net/en/downloads.html
>>>>>
>>>>>
>>>>>Use our mailling list if you have any question or comment:
>>>>>http://www.ossec.net/en/mailing_lists.html
>>>>>
>>>>>
>>>>>More information about the Windows support:
>>>>>http://www.ossec.net/en/manual.html#windows
>>>>>
>>>>>
>>>>>
>>>>>Detailed changelog (new features added):
>>>>>
>>>>>- Active response for IPFW (Thanks Welkson de Medeiros
>>>>> and Rafael Capovilla for the help).
>>>>>
>>>>>- Improved rules for Squid (Thanks Ahmet and Marcus Maciel for the help).
>>>>>
>>>>>- Rules for Sendmail (thanks Ahmet Ozturk).
>>>>>
>>>>>- Improvements to the host-deny active response, with
>>>>> support to locking added (Thanks Kayvan A. Sylvan).
>>>>>
>>>>>- Improvements to the installation script and the
>>>>> manage_agents tool, making it much simpler to use
>>>>> (thanks Ahmet and Kayvan for the help).
>>>>>
>>>>>- Installation in Italian (thanks Alberto Furia).
>>>>>
>>>>>- Installation in Polish (thanks Dziankowski Krzysztof).
>>>>>
>>>>>- Rules for Windows authentication, success audit and failure
>>>>> audit events.
>>>>>
>>>>>- Correlation rules for web logs (Apache and IIS).
>>>>>
>>>>>- Support for variable file names (based on date) to be monitored.
>>>>>
>>>>>- Support for Windows (Agent only).
>>>>> http://www.ossec.net/en/manual.html#windows
>>>>>
>>>>>- Support for IIS.
>>>>> http://www.ossec.net/en/manual.html#iis
>>>>>
>>>>>- Clean up of the configuration options and documentation on
>>>>> the web site.
>>>>> http://www.ossec.net/en/manual.html
>>>>>
>>>>>- Lot of new small features and bug fixes.
>>>>>
>>>>>
>>>>>For more information:
>>>>>http://www.ossec.net/
>>>>>
>>>>>
>>>>>To download the new version:
>>>>>http://www.ossec.net/en/downloads.html
>>>>>
>>>>>
>>>>>We want to thanks everyone who sent comments, suggestions
>>>>>or just some nice words to us! We really appreciate the
>>>>>feedback!
>>>>>
>>>>>Daniel B. Cid (in name of the OSSEC HIDS team).
>>>>>http://www.ossec.net/en/about.html#dev-team
>>>>>http://www.ossec.net/announcements/v08-2006-05-12.txt
>>>>>
>>>>>
>>>>>------------------------------
>>>>>
>>>>>_______________________________________________
>>>>>ossec-list mailing list
>>>>>ossec-list at ossec.net
>>>>>http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>>>
>>>>>
>>>>>End of ossec-list Digest, Vol 7, Issue 7
>>>>>****************************************
>>>>>
>>>>
>>>>_______________________________________________
>>>>ossec-list mailing list
>>>>ossec-list at ossec.net
>>>>http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>>
>>>
>>>_______________________________________________
>>>ossec-list mailing list
>>>ossec-list at ossec.net
>>>http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>
>>
>>------------------------------
>>
>>Message: 3
>>Date: Tue, 16 May 2006 09:01:25 +0200 (CEST)
>>From: Sebastian Benner <sebastian.benner at FernUni-Hagen.de>
>>Subject: Re: [Ossec-list] ossec-list Digest, Vol 7, Issue 9
>>To: ossec-list at ossec.net
>>Message-ID: <20060516082704.C1119 at hubbard.fernuni-hagen.de>
>>Content-Type: text/plain; charset="iso-8859-1"
>>
>>
>>
>>Hello,
>>
>>thank's for the help. I just checked my installation directory:
>>
>>..............................................................
>>bash-3.00# cd bin
>>bash: cd: bin: Not a directory
>>bash-3.00# more bin
>>ELF?4??4 (?44?????,?88?/usr/lib/ld.so.1
>>
>>?!#$&(),0246789:;<>@BDFIJLMNOQRSTVXZ[\]^_`acefhiklpqrtwxyz{|}
>>bash-3.00#
>>bash-3.00# ls -alF
>>total 200
>>drwxr-xr-x   6 1000         1005 May 15 11:13 ./
>>drwxrwxrwt   3 root          377 May 16 03:30 ../
>>-rw-r--r--   1 1000         3132 Feb  8 21:04 BUGS
>>-rw-r--r--   1 1000        18638 May 10 01:40 CHANGELOG
>>-rw-r--r--   1 1000          365 Apr 12 22:42 CONFIG
>>-rw-r--r--   1 1000         1240 May  4 21:29 CONTRIB
>>-rw-r--r--   1 1000         1926 Apr 12 22:42 INSTALL
>>-rw-r--r--   1 1000         1887 Mar 22 22:01 INSTALL.br
>>-rw-r--r--   1 1000          234 May 10 01:40 README
>>-rw-r--r--   1 1000          236 Feb  8 16:35 TODO
>>drwxr-xr-x   3 1000          400 May 10 16:35 active-response/
>>-rwxr-xr-x   1 root        42256 May 16 08:19 bin*
>>drwxr-xr-x   3 1000          745 May 10 16:35 doc/
>>drwxr-xr-x   4 1000          665 May 15 10:42 etc/
>>-rwxr-xr-x   1 1000        19007 May 10 01:40 install.sh*
>>drwxr-xr-x  23 1000         2015 May 15 10:43 src/
>>..............................................................
>>
>>bin is created, but it's a regular file and not a directory ...
>>I removed bin and followed your hint (creating ./bin by hand). It's still
>>not working ...
>>
>>------------------------------------------------------------
>>cp -pr ossec-maild ../../bin
>>cp -pr ossec-execd ../../bin
>>cp -pr ossec-analysisd ../../bin
>>cp -pr ossec-logcollector ../../bin
>>cp -pr ossec-remoted ../../bin
>>cp -pr ossec-agentd ../../bin
>>cp -pr manage_agents ../../bin
>>cp -pr manage_agents ../../bin
>>cp -pr syscheck_update clear_stats ../../bin
>>cp -pr ossec-syscheckd ../../bin
>>chmod: WARNING: can't access /var/ossec
>>chown: unknown user id: root:ossec
>>chown: unknown user id: ossec:ossec
>>chmod: WARNING: can't access /var/ossec/queue/alerts
>>chown: unknown user id: ossec:ossec
>>chmod: WARNING: can't access /var/ossec/queue/ossec
>>chown: unknown user id: ossec:ossec
>>chmod: WARNING: can't access /var/ossec/queue/fts
>>chown: unknown user id: ossec:ossec
>>chmod: WARNING: can't access /var/ossec/queue/syscheck
>>chown: unknown user id: ossec:ossec
>>chmod: WARNING: can't access /var/ossec/queue/rootcheck
>>chown: unknown user id: ossecr:ossec
>>chmod: WARNING: can't access /var/ossec/queue/agent-info
>>chown: unknown user id: ossec:ossec
>>chmod: WARNING: can't access /var/ossec/stats
>>chown: unknown user id: ossec:ossec
>>chmod: WARNING: can't access /var/ossec/logs
>>touch: cannot create /var/ossec/logs/ossec.log: No such file or directory
>>chown: unknown user id: ossec:ossec
>>chmod: WARNING: can't access /var/ossec/logs/ossec.log
>>cp: /var/ossec/rules/ not found
>>chown: unknown user id: root:ossec
>>chmod: WARNING: can't access /var/ossec/rules
>>chmod: WARNING: can't access /var/ossec/etc
>>chown: unknown user id: root:ossec
>>Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>       cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>       cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>chmod: WARNING: can't access /var/ossec/var/run
>>chown: unknown user id: root:ossec
>>cp: /var/ossec/bin/ not found
>>cp: cannot create /var/ossec/bin/: No such file or directory
>>cp: cannot create /var/ossec/bin/: No such file or directory
>>cp: cannot create /var/ossec/bin/: No such file or directory
>>cp: cannot create /var/ossec/bin/ossec-control: No such file or directory
>>cp: cannot create /var/ossec/etc/: No such file or directory
>>cp: /var/ossec/etc/shared/ not found
>>cp: /var/ossec/active-response/bin/ not found
>>chmod: WARNING: can't access /var/ossec/active-response/bin/*
>>Not overwritting /etc/ossec.conf.
>>------------------------------------------------------------
>>
>>bash-3.00# showrev
>>Hostname: ossec-server
>>Hostid: 83566709
>>Release: 5.10
>>Kernel architecture: sun4u
>>Application architecture: sparc
>>Hardware provider: Sun_Microsystems
>>Domain:
>>Kernel version: SunOS 5.10 Generic_118822-25
>>
>>
>>Regards,
>>
>>Sebastian
>>
>>
>>
>>
>>>Today's Topics:
>>>
>>>  1. Re: ossec-list Digest, Vol 7, Issue 7 (Daniel Cid)
>>>
>>>
>>>----------------------------------------------------------------------
>>>
>>>Message: 1
>>>Date: Mon, 15 May 2006 11:10:59 -0300
>>>From: "Daniel Cid" <daniel.cid at gmail.com>
>>>Subject: Re: [Ossec-list] ossec-list Digest, Vol 7, Issue 7
>>>To: "Sebastian Benner" <sebastian.benner at fernuni-hagen.de>
>>>Cc: ossec-list at ossec.net
>>>Message-ID:
>>>	<b92e6f200605150710g4947bdf0ie5401bfd463c5050 at mail.gmail.com>
>>>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>>
>>>Hi Sebastian,
>>>
>>>Looks like the "bin" directory wasn't created for some reason... Can
>>>you do the following:
>>>
>>>-Remove /var/ossec (rm -rf /var/ossec)
>>>-Start the installation process again (cd ossec-hids-0.8).
>>>-Before running the install.sh script, create ./bin (mkdir ./bin).
>>>-Run ./install.sh and see if it works.
>>>
>>>*I don't have Solaris in here, so I can't help you much more than that.
>>>Probably Ahmet (the Solaris guy :)) will be able to give you a better answer.
>>>
>>>Thanks,
>>>
>>>--
>>>Daniel B. Cid
>>>dcid @ ( at ) ossec.net
>>>
>>>On 5/15/06, Sebastian Benner <sebastian.benner at fernuni-hagen.de> wrote:
>>>
>>>>Hello,
>>>>
>>>>I tried to install ossec 0.8 on a Solaris 10 Zone. The install script
>>>>worked so far, but some errors occured making it impossible to start
>>>>ossec :-(
>>>>
>>>>.......................................................................
>>>>  *** Making syscheckd ***
>>>>
>>>>gcc -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DUSE_OPENSSL
>>>>-lsocket -lnsl -lresolv -DSOLARIS -DHIGHFIRST -include strings.h
>>>>-DARGV0=\"ossec-syscheckd\" -DXML_VAR=\"var\" -DOSSECHIDS syscheck.c
>>>>config.c create_db.c run_check.c ../config/*.c ../shared/lib_shared.a
>>>>../os_xml/os_xml.a ../os_regex/os_regex.a ../os_net/os_net.a
>>>>../os_crypto/os_crypto.a ../rootcheck/rootcheck_lib.a -o ossec-syscheckd
>>>>cp -pr ossec-maild ../../bin
>>>>cp -pr ossec-execd ../../bin
>>>>cp -pr ossec-analysisd ../../bin
>>>>cp -pr ossec-logcollector ../../bin
>>>>cp -pr ossec-remoted ../../bin
>>>>cp -pr ossec-agentd ../../bin
>>>>cp -pr manage_agents ../../bin
>>>>cp -pr manage_agents ../../bin
>>>>cp -pr syscheck_update clear_stats ../../bin
>>>>cp: Target ../../bin must be a directory
>>>>Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>>>        cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>>>        cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>>>*** Error code 2
>>>>make: Fatal error: Command failed for target `build'
>>>>Current working directory /tmp/ossec-hids-0.8/src/util
>>>>
>>>>Error Making the binaries
>>>>*** Error code 1
>>>>The following command caused the error:
>>>>/bin/sh ./Makeall build
>>>>make: Fatal error: Command failed for target `build'
>>>>chmod: WARNING: can't access /var/ossec
>>>>chown: unknown user id: root:ossec
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/alerts
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/ossec
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/fts
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/syscheck
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/rootcheck
>>>>chown: unknown user id: ossecr:ossec
>>>>chmod: WARNING: can't access /var/ossec/queue/agent-info
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/stats
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/logs
>>>>touch: cannot create /var/ossec/logs/ossec.log: No such file or directory
>>>>chown: unknown user id: ossec:ossec
>>>>chmod: WARNING: can't access /var/ossec/logs/ossec.log
>>>>cp: /var/ossec/rules/ not found
>>>>chown: unknown user id: root:ossec
>>>>chmod: WARNING: can't access /var/ossec/rules
>>>>chmod: WARNING: can't access /var/ossec/etc
>>>>chown: unknown user id: root:ossec
>>>>Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>>>        cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>>>        cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>>>chmod: WARNING: can't access /var/ossec/var/run
>>>>chown: unknown user id: root:ossec
>>>>cp: ../bin/ossec*: Not a directory
>>>>cp: ../bin/manage_agents: Not a directory
>>>>cp: ../bin/syscheck_update: Not a directory
>>>>cp: ../bin/clear_stats: Not a directory
>>>>cp: cannot create /var/ossec/bin/ossec-control: No such file or directory
>>>>cp: cannot create /var/ossec/etc/: No such file or directory
>>>>cp: /var/ossec/etc/shared/ not found
>>>>cp: /var/ossec/active-response/bin/ not found
>>>>chmod: WARNING: can't access /var/ossec/active-response/bin/*
>>>>Not overwritting /etc/ossec.conf.
>>>>
>>>>
>>>>  - Unknown system. No init script added.
>>>>
>>>>  - Configuration finished properly.
>>>>
>>>>  - To start OSSEC HIDS:
>>>>                 /var/ossec/bin/ossec-control start
>>>>
>>>>  - To stop OSSEC HIDS:
>>>>                 /var/ossec/bin/ossec-control stop
>>>>
>>>>  - The configuration can be viewed or modified at
>>>>/var/ossec/etc/ossec.conf
>>>>
>>>>
>>>>     Thanks for using the OSSEC HIDS.
>>>>     If you have any question, suggestion or if you find any bug,
>>>>     contact us at contact at ossec.net or using our public maillist at
>>>>     ossec-list at ossec.net
>>>>     (http://mailman.underlinux.com.br/mailman/listinfo/ossec-list).
>>>>
>>>>     More information can be found at http://www.ossec.net
>>>>
>>>>     ---  Press ENTER to finish (maybe more information bellow). ---
>>>>........................................................................
>>>>
>>>>I am using gnu tools and software installed as packages via blastwave.org
>>>>(e.g. gcc3, wget...) needed to install and compile ossec.
>>>>
>>>>
>>>>Regards,
>>>>
>>>>Sebastian
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>On Fri, 12 May 2006, ossec-list-request at ossec.net wrote:
>>>>
>>>>
>>>>>Send ossec-list mailing list submissions to
>>>>>      ossec-list at ossec.net
>>>>>
>>>>>To subscribe or unsubscribe via the World Wide Web, visit
>>>>>      http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>>>or, via email, send a message with subject or body 'help' to
>>>>>      ossec-list-request at ossec.net
>>>>>
>>>>>You can reach the person managing the list at
>>>>>      ossec-list-owner at ossec.net
>>>>>
>>>>>When replying, please edit your Subject line so it is more specific
>>>>>than "Re: Contents of ossec-list digest..."
>>>>>
>>>>>
>>>>>Today's Topics:
>>>>>
>>>>>  1. Version 0.8 of OSSEC HIDS is now available! (Daniel Cid)
>>>>>
>>>>>
>>>>>----------------------------------------------------------------------
>>>>>
>>>>>Message: 1
>>>>>Date: Thu, 11 May 2006 17:17:30 -0300
>>>>>From: "Daniel Cid" <daniel.cid at gmail.com>
>>>>>Subject: [Ossec-list] Version 0.8 of OSSEC HIDS is now available!
>>>>>To: "OSSEC Users List" <ossec-list at ossec.net>
>>>>>Message-ID:
>>>>>      <b92e6f200605111317n58aa5bale194d4cb30b4583e at mail.gmail.com>
>>>>>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>>>>
>>>>>This is the first version offering native support to
>>>>>Windows NT, XP, 2000 and 2003. It includes as well a new set
>>>>>of log analysis rules for sendmail, web logs (Apache and
>>>>>IIS), IDSs and Windows authentication events.
>>>>>
>>>>>The correlation rules for squid, mail logs, firewall events
>>>>>and authentication systems have been improved, detecting
>>>>>scans, brute-force attacks, worms and internal attacks.
>>>>>In addition to that, the active-responses were refined, with
>>>>>support to IPFW (FreeBSD) added.
>>>>>
>>>>>The installation process was re-organized, now including simpler
>>>>>configuration options and translation on 6 different languages
>>>>>(English, Portuguese, German, Turkish, Polish and Italian).
>>>>>
>>>>>
>>>>>To download the Unix and Windows versions:
>>>>>http://www.ossec.net/en/downloads.html
>>>>>
>>>>>
>>>>>Use our mailling list if you have any question or comment:
>>>>>http://www.ossec.net/en/mailing_lists.html
>>>>>
>>>>>
>>>>>More information about the Windows support:
>>>>>http://www.ossec.net/en/manual.html#windows
>>>>>
>>>>>
>>>>>
>>>>>Detailed changelog (new features added):
>>>>>
>>>>>- Active response for IPFW (Thanks Welkson de Medeiros
>>>>>  and Rafael Capovilla for the help).
>>>>>
>>>>>- Improved rules for Squid (Thanks Ahmet and Marcus Maciel for the help).
>>>>>
>>>>>- Rules for Sendmail (thanks Ahmet Ozturk).
>>>>>
>>>>>- Improvements to the host-deny active response, with
>>>>>  support to locking added (Thanks Kayvan A. Sylvan).
>>>>>
>>>>>- Improvements to the installation script and the
>>>>>  manage_agents tool, making it much simpler to use
>>>>>  (thanks Ahmet and Kayvan for the help).
>>>>>
>>>>>- Installation in Italian (thanks Alberto Furia).
>>>>>
>>>>>- Installation in Polish (thanks Dziankowski Krzysztof).
>>>>>
>>>>>- Rules for Windows authentication, success audit and failure
>>>>>  audit events.
>>>>>
>>>>>- Correlation rules for web logs (Apache and IIS).
>>>>>
>>>>>- Support for variable file names (based on date) to be monitored.
>>>>>
>>>>>- Support for Windows (Agent only).
>>>>>  http://www.ossec.net/en/manual.html#windows
>>>>>
>>>>>- Support for IIS.
>>>>>  http://www.ossec.net/en/manual.html#iis
>>>>>
>>>>>- Clean up of the configuration options and documentation on
>>>>>  the web site.
>>>>>  http://www.ossec.net/en/manual.html
>>>>>
>>>>>- Lot of new small features and bug fixes.
>>>>>
>>>>>
>>>>>For more information:
>>>>>http://www.ossec.net/
>>>>>
>>>>>
>>>>>To download the new version:
>>>>>http://www.ossec.net/en/downloads.html
>>>>>
>>>>>
>>>>>We want to thanks everyone who sent comments, suggestions
>>>>>or just some nice words to us! We really appreciate the
>>>>>feedback!
>>>>>
>>>>>Daniel B. Cid (in name of the OSSEC HIDS team).
>>>>>http://www.ossec.net/en/about.html#dev-team
>>>>>http://www.ossec.net/announcements/v08-2006-05-12.txt
>>>>>
>>>>>
>>>>>------------------------------
>>>>>
>>>>>_______________________________________________
>>>>>ossec-list mailing list
>>>>>ossec-list at ossec.net
>>>>>http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>>>
>>>>>
>>>>>End of ossec-list Digest, Vol 7, Issue 7
>>>>>****************************************
>>>>>
>>>>
>>>>_______________________________________________
>>>>ossec-list mailing list
>>>>ossec-list at ossec.net
>>>>http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>>
>>>
>>>
>>>------------------------------
>>>
>>>_______________________________________________
>>>ossec-list mailing list
>>>ossec-list at ossec.net
>>>http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>
>>>
>>>End of ossec-list Digest, Vol 7, Issue 9
>>>****************************************
>>>
>>
>>------------------------------
>>
>>_______________________________________________
>>ossec-list mailing list
>>ossec-list at ossec.net
>>http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>
>>
>>End of ossec-list Digest, Vol 7, Issue 10
>>*****************************************
>>
> 
> _______________________________________________
> ossec-list mailing list
> ossec-list at ossec.net
> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
Follow-Ups:
- [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
  - From: Sebastian Benner
References:
- [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
  - From: Sebastian Benner
Prev by Date: [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
Next by Date: [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
Previous by thread: [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
Next by thread: [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
Index(es):
- Date
- Thread
OSSEC home | Main Index | Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.