--On Thursday, May 31, 2007 14:21:58 -0700 Andrew Storms
<[EMAIL PROTECTED]> wrote:
Reporting some problems.
Based on how things got installed the start script at
/usr/local/etc/rc.d/ossec-hids Points to the wrong 'command' and
'required_files'.
command="/usr/local/bin/ossec-control"
Whereas 'ossec-control' got installed at '/usr/local/ossec-hids/bin'
And
required_files="/usr/local/etc/ossec.conf"
The ossec.conf file was actually installed at '/usr/local/ossec-hids/etc'.
I also noticed that even though one chooses to install
ossec-hids-client-1.2 and not the server, what's actually installed is
the server. Though the ossec.conf file appears to be for a client, if
one runs the 'manage-agents' binary you receive the options as if this
was a server installation. I honestly haven't dug into why this one is
happening. My guess would be something got missed in the Make options.
Nonetheless, I'm excited to see a port for OSSEC.
I can't believe this port got committed. There are three conf files in the
source; server, client and local. Only one is referenced in the master
Makefile and even *it* doesn't get installed because the syntax is
incorrect.
The startup script is useless as well. That's just what I found in a
cursory examination.
This port needs a ton of work before it's ready to go into the tree. I'll
see what I can do about submitting PRs over the weekend.
--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
