[ossec-list] Re: Install OSSEC to /: it's possible?

["Daniel Cid" <daniel.cid@xxxxxxxxx>]

Hi Slava,

We do not allow the installation to be at "/", because we set the
permissions very tight and
it would probably break your system (just imagine /bin not being
accessible)... In addition
to that, ossec runs on chroot and it makes no sense to chroot to "/".

*Feel free to re-write the installation scripts, but just make sure
they work on all the operating systems we currently support (Linux,
*BSD, Solaris, AIX, etc) and have at
least all the current functionality (+ being easy to use :)).

Thanks,

--
Daniel B. Cid
dcid ( at ) ossec.net


On 9/6/07, Slava Semushin <php-coder@xxxxxxxxxxxx> wrote:
>
> Hello!
>
> In install.sh script exist following code:

> Code for verify installation dir not allow to me specify root (/) as
> installation directory:
>
> [c0der@rock ~]$ echo "/" |grep -E "^/[a-zA-Z0-9/-]{3,128}$">/dev/null
> 2>&1; echo rc=$?
> rc=1
>
> So I suggest change this behavior:
>
> - echo $ANSWER | grep -E "^/[a-zA-Z0-9/-]{3,128}$" >/dev/null 2>&1
> +printf '%s' "$ANSWER" | grep -E "^/[[:alnum:]/-]{0,128}$" >/dev/null 2>&1
>
> What's think developers about this change? Should I post the bug for this?
>
> Thanks in advance.
>
> P.S. I think It's impossible. All scripts expects /var/ossec =( But I
> want have FHS-compliant system.
>
> For example this code can broke system (build in chroot environment
> under unprivileged user saves my system):
>
> 120 # Default for all directories
> 121 chmod -R 550 ${DIR}
> 122 chown -R root:${GROUP} ${DIR}
>
> All works right when DIR equal to /var/ossec, but what happens when
> DIR=/ ?! :))))
>
>
> P.S. BTW, ideally all installation scripts should be completely rewritten IMHO.
>
> --
> + Slava Semushin | slava.semushin @ gmail.com
> + ALT Linux Team | php-coder @ altlinux.ru
>