Closed cyongxue closed 5 years ago
raptorr
commented
7 years ago I've got 'getaddrinfo' error but with ossec-remoted "ERROR: Unable to Bind port '1514'" EDIT: on my side it was disabled ipv6. Setting net.ipv6.conf.default.disable_ipv6 = 0 and net.ipv6.conf.all.disable_ipv6 = 0 fixed the problem
ddpbsd
commented
7 years ago Have you tried copying /etc/resolv.conf to the chroot? (/var/ossec/etc)
cyongxue
commented
7 years ago No~~ And Thank you
and I had modified the code for open(chmod…) any file. Because OSSEC depend on many system files, e.g.:/etc/resolv.conf/dev/random…
The code:
/* char tmp_file_path[FILE_PATH_STR + 1]; if (!full_file_path(path, tmp_file_path, sizeof(tmp_file_path))) { ErrorExit("File[%s] deal full file path Error."FILE_LINE_FORMAT, path FILE_LINE_VALUE); } / int full_file_path(const char file_name, char buf_full_path, unsigned int buf_size) { if (buf_size = strlen(file_name) + strlen(DEFAULTDIR)) { return 0; }
memset(buf_full_path, 0x00, buf_size); if (isChroot()) { snprintf(buf_full_path, buf_size, "%s", file_name); } else { snprintf(buf_full_path, buf_size, "%s%s", DEFAULTDIR, file_name); }
return strlen(buf_full_path); }
原始邮件 发件人:Dan Parriottnotifications@github.com 收件人:ossec/ossec-hidsossec-hids@noreply.github.com 抄送:小用cyongxue@163.com; Authorauthor@noreply.github.com 发送时间:2017年2月22日(周三) 22:53 主题:Re: [ossec/ossec-hids] ‘chroot’ cause 'getaddrinfo' Failed (#1063)
Have you tried copying /etc/resolv.conf to the chroot? (/var/ossec/etc) — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
The ossec-agentd will do ‘getaddrinfo’ Failed,after execd ‘chroot’。 The Error Info:
Isn't there someone else come across this questions? Or,know How to solve with 'chroot'?