Closed marcRBD closed 5 years ago
Just wanted to point out that running a source installation of 2.9.0 (not 2.9.1) I too am getting the error "strings: '/usr/bin/mail': No such file" on step 3.3. Installing on Ubuntu Mate 16.04.2 (64-bit); gcc 5.4.0.
I haven't tried a binary install with 2.9.x, so I'm not sure what all is involved. I'll have to do it eventually though to work on the docs.
**> which: no host in** (/sbin:/usr/sbin:/usr/local/sbin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
> which: no host in (/sbin:/usr/sbin:/usr/local/sbin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
This is from src/init/shared.sh
. I'm not sure why your system wouldn't have the host command.
> **strings: '/usr/bin/mail': No such file**
This is from the following lines in install.sh
:
if strings /usr/bin/mail | grep "x-shsh bash" 1> /dev/null; then
sed -i 's/mail !bash|/mail !/' ./src/rootcheck/db/rootkit_trojans.txt
fi
Again, not sure why your host doesn't have the mail command. We can add something to see if the file is there though.
hello on centos, the mail command is in mailx package, like debian. i wait for the documentation to validate on all OS i work on thanks
For centos and host: yum install bind-utils
which host /usr/bin/host
make TARGET=agent build cd external/lua/ && make posix make[1]: Entering directory
/root/ossec-hids-2.9.1/src/external/lua-5.2.3'
cd src && make posix
make[2]: Entering directory /root/ossec-hids-2.9.1/src/external/lua-5.2.3/src' make all SYSCFLAGS="-DLUA_USE_POSIX" make[3]: Entering directory
/root/ossec-hids-2.9.1/src/external/lua-5.2.3/src'
make[3]: Nothing to be done for all'. make[3]: Leaving directory
/root/ossec-hids-2.9.1/src/external/lua-5.2.3/src'
make[2]: Leaving directory /root/ossec-hids-2.9.1/src/external/lua-5.2.3/src' make[1]: Leaving directory
/root/ossec-hids-2.9.1/src/external/lua-5.2.3'
make settings
make[1]: Entering directory `/root/ossec-hids-2.9.1/src'
General settings: TARGET: agent V: DEBUG: DEBUGAD PREFIX: /var/ossec MAXAGENTS: 2048 DATABASE: ONEWAY: no CLEANFULL: no User settings: OSSEC_GROUP: ossec OSSEC_USER: ossec OSSEC_USER_MAIL: ossecm OSSEC_USER_REM: ossecr Lua settings: LUA_PLAT: posix USE settings: USE_ZEROMQ: no USE_GEOIP: no USE_PRELUDE: no USE_OPENSSL: auto USE_PICVIZ: yes USE_INOTIFY: no Mysql settings: includes: libs: Pgsql settings: includes: libs: Defines: -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR="/var/ossec" -DUSER="ossec" -DREMUSER="ossecr" -DGROUPGLOBAL="ossec" -DMAILUSER="ossecm" -DLinux -DINOTIFY_ENABLED -DPICVIZ_OUTPUT_ENABLED -DCLIENT Compiler: CFLAGS -O2 -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR="/var/ossec" -DUSER="ossec" -DREMUSER="ossecr" -DGROUPGLOBAL="ossec" -DMAILUSER="ossecm" -DLinux -DINOTIFY_ENABLED -DPICVIZ_OUTPUT_ENABLED -DCLIENT -Wall -Wextra -I./ -I./headers/ LDFLAGS -lm -lpthread CC cc MAKE make make[1]: Leaving directory `/root/ossec-hids-2.9.1/src'
Done building agent `
still some error , i already seen:
Started ossec-agentd... 2017/07/12 09:49:48 ossec-logcollector(1226): ERROR: Error reading XML file '/var/ossec/etc/shared/agent.conf': XMLERR: File '/var/ossec/etc/shared/agent.conf' not found. (line 89). Started ossec-logcollector... 2017/07/12 09:49:48 ossec-syscheckd(1226): ERROR: Error reading XML file '/var/ossec/etc/shared/agent.conf': XMLERR: File '/var/ossec/etc/shared/agent.conf' not found. (line 89). 2017/07/12 09:49:48 ossec-syscheckd(1226): ERROR: Error reading XML file '/var/ossec/etc/shared/agent.conf': XMLERR: File '/var/ossec/etc/shared/agent.conf' not found. (line 89).
So make TARGET=agent build is sufficient with the preload configuration ? i will test all this OS:
All debian and centos 6 & 7
As i test now 2.9.2 i think we can close this one ?
Hello as we use binary installation, i test 2.9.1 and i read:
807
so i made a test:
cd ossec-*/src
make setagent
make all
make build
didn't work i try
make TARGET=agent build is it sufficient ? what other make command to do to build all ?
After i write my etc/preloaded-vars.conf
then ./install.sh with the little error on centos 6: