Build fails because of missing pcre2-10.32

[bcapptain]

Fix: Extract pcre2-10.32.tar.gz to src/external.

Get it here: https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz

[ddpbsd]

Thanks. We haven't really updated the documentation past 3.2 yet. I'm hoping we can add an option to use a system installed pcre2 as well, but I haven't looked into it yet. EDIT: Looks like there is a PCRE2_SYSTEM option already. Nice

[vitorhmcorreia]

Had this issue too, thanks for the workaround.

[d4t4king]

Tried

export PCRE2_SYSTEM=yes
sudo ./install.sh

Still no joy. Did I miss something?

untarring the tarball from the link in the first post to .../src/external works.

[ddpbsd]

@d4t4king Was there any output that might help track down the issue? What OS/distro are you trying this on? Were the PCRE2 packages installed? Are there dev/devel packages that need to be installed?

[aquerubin]

sudo PCRE2_SYSTEM=yes ./install.sh

seems to work on some systems

[d4t4king]

@d4t4king Was there any output that might help track down the issue? What OS/distro are you trying this on? Were the PCRE2 packages installed? Are there dev/devel packages that need to be installed?

I don't have a clear recollection of anything useful. I will try to replicate and note the details this time.

[d4t4king]

OK, a little more details. This is on Ubuntu 18.04.

I removed the local git repo and recloned from github. cd into the local directory and ran sudo ./install.sh. ossec-hids is already installed, so I opted to update it. This is the error:

cc  -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DLinux -DINOTIFY_ENABLED -DZLIB_SYSTEM -I./external/pcre2-10.32//install/include/ -DPCRE2_STATIC -DUSE_PCRE2_JIT -DLOCAL -Wall -Wextra -I./ -I./headers/ -c external/cJSON/cJSON.c -o external/cJSON/cJSON.o
ar -crs libcJSON.a external/cJSON/cJSON.o
ranlib libcJSON.a
cd external/pcre2-10.32/ && \
./configure \
    --prefix=/home/charlie/Downloads/ossec-hids/src/external/pcre2-10.32//install \
    --enable-jit \
    --disable-shared \
    --enable-static && \
make install-libLTLIBRARIES install-nodist_includeHEADERS
/bin/sh: 1: cd: can't cd to external/pcre2-10.32/
Makefile:766: recipe for target 'external/pcre2-10.32//install/lib/libpcre2-8.a' failed
make: *** [external/pcre2-10.32//install/lib/libpcre2-8.a] Error 2

 Error 0x5.
 Building error. Unable to finish the installation.

[ddpbsd]

@d4t4king It looks like you're not using PCRE2_SYSTEM=y (and have the appropriate package installed), and you didn't download the pcre2 source.

wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz
tar xzf pcre2-10.32.tar.gz -C src/external

[d4t4king]

@d4t4king It looks like you're not using PCRE2_SYSTEM=y (and have the appropriate package installed), and you didn't download the pcre2 source.

wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz
tar xzf pcre2-10.32.tar.gz -C src/external

So ALL of the above is required? o_O The last bit worked for me before without exporting PCRE2_SYSTEM. pcre2 was installed, but not the -dev package.

I don't have access to that system at the moment. I will test it again exporting the environment variable, but pretty sure that didn't work before.

[d4t4king]

OK had a little time to poke at this.

# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS"

# dpkg --get-selections | grep pcre
libpcre2-16-0:amd64             install
libpcre2-32-0:amd64             install
libpcre2-8-0:amd64              install
libpcre2-dev:amd64              install
libpcre2-posix0:amd64               install
libpcre3:amd64                  install
pcregrep                    install

# env | grep PCRE
PCRE_SYSTEM=y

5- Installing the system
 - Running the Makefile
cd external/pcre2-10.32/ && \
./configure \
    --prefix=/home/charlie/Downloads/ossec-hids/src/external/pcre2-10.32//install \
    --enable-jit \
    --disable-shared \
    --enable-static && \
make install-libLTLIBRARIES install-nodist_includeHEADERS
/bin/sh: 1: cd: can't cd to external/pcre2-10.32/
Makefile:766: recipe for target 'external/pcre2-10.32//install/lib/libpcre2-8.a' failed
make: *** [external/pcre2-10.32//install/lib/libpcre2-8.a] Error 2

 Error 0x5.
 Building error. Unable to finish the installation.

I'm not that great at make syntax, but it looks like the environment variable isn't being pulled in for some reason.

[aquerubin]

You may need to install libpcre3-dev as well.

[d4t4king]

You may need to install libpcre3-dev as well.

libpcre3-dev is the "old" (as in NOT PCRE2) PCRE library. It's a little counter-intuitive. I'll give it a try.

[aquerubin]

On Mon, 1 Apr 2019, dataking wrote:

You may need to install libpcre3-dev as well.

libpcre3-dev is the "old" (as in NOT PCRE2) PCRE library. It's a little counter-intuitive. I'll give it a try.

Understood but you did have both listed in your package list so it might matter. This worked for me on an Ubuntu and a Mint system. For some reason the Ubuntu system also required a manual ldconfig after installing libpcre2.

Antonio Querubin e-mail: tony@lavanauts.org

[ddpbsd]

I must have typo'd that, sorry. It's not PCRE_SYSTEM=y, it's PCRE2_SYSTEM=y

[d4t4king]

ok, it worked with the legacy pcre library (libpcre3-dev) installed, but then failed zlib. installing the zlib -dev library fixed that and it installed fine.

So maybe PCRE2_SYSTEM should be changed to PCRE_SYSTEM since it seems to look for the legacy PCRE lib with this option? Minor detail....

Other modern install scripts install the necessary packages, why not do that here?

[ddpbsd]

I'm able to build on OpenBSD without the pcre package installed. On an Ubuntu 18.04 container, I don't have libpcre3-dev installed, and it compiled just fine.

ddp@u18:~/src/ossec-hids/src$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS"

ddp@u18:~/src/ossec-hids/src$ dpkg --list | grep pcre
ii  libpcre2-16-0:amd64           10.31-2                           amd64        New Perl Compatible Regular Expression Library - 16 bit runtime files
ii  libpcre2-32-0:amd64           10.31-2                           amd64        New Perl Compatible Regular Expression Library - 32 bit runtime files
ii  libpcre2-8-0:amd64            10.31-2                           amd64        New Perl Compatible Regular Expression Library- 8 bit runtime files
ii  libpcre2-dev:amd64            10.31-2                           amd64        New Perl Compatible Regular Expression Library - development files
ii  libpcre2-posix0:amd64         10.31-2                           amd64        New Perl Compatible Regular Expression Library - posix-compatible runtime files
ri  libpcre3:amd64                2:8.39-9                          amd64        Old Perl 5 Compatible Regular Expression Library - runtime files
ddp@u18:~/src/ossec-hids/src$ PCRE2_SYSTEM=y make TARGET=local
blah blah blah
Done building local

Do I need to install a full system to reproduce this?

[d4t4king]

ddp@u18:~/src/ossec-hids/src$ PCRE2_SYSTEM=y make TARGET=local blah blah blah Done building local

Do I need to install a full system to reproduce this?

I see you built using make directly in the source. Try using install.sh. Maybe the requirement is imposed by the script and not the actual source.

[ddpbsd]

I did a local installation via install.sh. Worked fine.

root@u18:~/src/ossec-hids# env PCRE2_SYSTEM=y ./install.sh 2>&1 | tee /tmp/buildlog_install
blah blah blah
 - System is Debian (Ubuntu or derivative).
 - Init script modified to start OSSEC HIDS during boot.

 - Configuration finished properly.

 - To start OSSEC HIDS:
      /var/ossec/bin/ossec-control start

 - To stop OSSEC HIDS:
      /var/ossec/bin/ossec-control stop

 - The configuration can be viewed or modified at /var/ossec/etc/ossec.conf

    Thanks for using the OSSEC HIDS.
    If you have any question, suggestion or if you find any bug,
    contact us at contact@ossec.net or using our public maillist at
    ossec-list@ossec.net
    ( http://www.ossec.net/main/support/ ).

    More information can be found at http://www.ossec.net

    ---  Press ENTER to finish (maybe more information below). ---

[janiko71]

Hi all, I tried an install on a armhf server today, with the master branch, and I got the libpcre error seen here. I tried to install all libpcre packages I could find with no (good) result. I didn't try to change the Makefile or anything (PCRE/PCRE2_SYSTEM parameter). After that, I dropped to 3.2.0 branch (after deleting the install directory). Then I got an error about zlib, then I installed zlib1g-dev on my system, and the compilation worked...

[justinludwig]

Thanks to this thread, I was able to update from ossec 2.9.x to 3.3.0 on ubuntu 18.04 -- the two new packages I had to install were libpcre2-dev and zlib1g-dev. Specifically, this is what worked for me:

sudo apt install libpcre2-dev zlib1g-dev
sudo PCRE2_SYSTEM=yes ./install.sh

[jubois]

Hi everybody! You should extract pcre2-10.32.tar.gz to src/external for better performances. This way, installation is working and PCRE2 is compiled using jit, and is way more faster...

Note that PCRE2 is used for all regex, even for the default rules...

[Nono-m0le]

On a fresh Ubuntu Server 18.04.2 , installing the current stable (3.3.0) work with the @justinludwig solution below (https://github.com/ossec/ossec-hids/issues/1663#issuecomment-487341751)

[ilulillirillion]

I was able to get this working with just the following things @bcapptain @ddpbsd

wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz
tar xzf pcre2-10.32.tar.gz -C src/external

[tomSCJE]

OK had a little time to poke at this.

# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS"

# dpkg --get-selections | grep pcre
libpcre2-16-0:amd64               install
libpcre2-32-0:amd64               install
libpcre2-8-0:amd64                install
libpcre2-dev:amd64                install
libpcre2-posix0:amd64             install
libpcre3:amd64                    install
pcregrep                  install

# env | grep PCRE
PCRE_SYSTEM=y

5- Installing the system
 - Running the Makefile
cd external/pcre2-10.32/ && \
./configure \
  --prefix=/home/charlie/Downloads/ossec-hids/src/external/pcre2-10.32//install \
  --enable-jit \
  --disable-shared \
  --enable-static && \
make install-libLTLIBRARIES install-nodist_includeHEADERS
/bin/sh: 1: cd: can't cd to external/pcre2-10.32/
Makefile:766: recipe for target 'external/pcre2-10.32//install/lib/libpcre2-8.a' failed
make: *** [external/pcre2-10.32//install/lib/libpcre2-8.a] Error 2

 Error 0x5.
 Building error. Unable to finish the installation.

I'm not that great at make syntax, but it looks like the environment variable isn't being pulled in for some reason.

So I ran into this exact same issue but had a different solution. I'm incredibly new to Ubuntu, my boss wanted me to demo OSSEC as a SIEMs solution. I don't know about modifying a config file or anything like that but the OSSEC installer is looking for PCRE2 here: --prefix=/home/charlie/Downloads/ossec-hids/src/external/pcre2-10.32//install \

It fails cause that directory doesn't exist. So I went into the ossec-hids-3.3.0, mkdir src, mkdir external, went into the external folder, downloaded and extracted pcre2-10.32.tar.gz there and was able to successfully run through the installation without error.

[kratos13]

@d4t4king It looks like you're not using PCRE2_SYSTEM=y (and have the appropriate package installed), and you didn't download the pcre2 source.

wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz
tar xzf pcre2-10.32.tar.gz -C src/external

Running the #wget and #tar commands above allowed me to successfully comile on Rasbian. Thank you!

$ cat /proc/version; uname -a Linux version 4.14.79+ (dc4@dc4-XPS13-9333) (gcc version 4.9.3 (crosstool-NG crosstool-ng-1.22.0-88-g8460611)) #1159 Sun Nov 4 17:28:08 GMT 2018 Linux loki 4.14.79+ #1159 Sun Nov 4 17:28:08 GMT 2018 armv6l GNU/Linux

[Theoooooo]

Still having the same issue with pcr2 not available in the external directory ... Last version of ossec 3.3.0 on Debian 9.6.0

[ddpbsd]

Sorry @theoooooo I don’t see your previous report of an issue. What problem are you having exactly?

[Theoooooo]

@ddpbsd I had to add manually the missing folder to be able to complete the installation as described above :

Fix: Extract pcre2-10.32.tar.gz to src/external.

Get it here: https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz

[ddpbsd]

So it’s working as expected. I have a pull request for defaulting to the system pcre2. I can’t remember the status of it off hand, but it should help with the confusion. Or everyone will report that they had to install the package to get it to work. We’ll see what happens.

[ghost]

I never managed to get the installer working properly. I ended up adding the repo which worked fine.

wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo bash apt update;apt install ossec-hids-server -y or yum install ossec-hids-server -y

I successfully updated my build from 3.1 to 3.3 with this method

cat /etc/ossec-init.conf

[MrWnn]

ossec-hids-3.3.0]#wget https://ftp.pcre.org/pub/pcre/https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz ossec-hids-3.3.0]#tar -zxf pcre2-10.32.tar.gz ossec-hids-3.3.0]#mv pcre2-10.32/ ./src/external/ ossec-hids-3.3.0]#sh install.sh It works.

[itsVagabond]

sudo PCRE2=yes ./install.sh

worked for me

PS - I am using Ubuntu 18.04

[sterndata]

On Centos 7, I had to install pcre2:

sudo yum install pcre2 pcre2-devel sudo PCRE2_SYSTEM=y ./install.sh

[stephenjamieson]

sudo apt-get install libpcre2-dev
sudo PCRE2_SYSTEM=y ./install.sh

fixed it for me in Ubuntu 19.04

[jubois]

sudo apt-get install libpcre2-dev
sudo PCRE2_SYSTEM=y ./install.sh

fixed it for me in Ubuntu 19.04

Please note that doing this implies lower performances as pcre2 is NOT compiled using JIT. For better performances:

wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz tar xzf pcre2-10.32.tar.gz -C src/external ./install.sh

[kristianpaul]

Is there any license issue that stop us on distributing pcre inside src/external the same way lua is there?

[ddpbsd]

@kristianpaul Not that I'm aware of (but I haven't really checked either). Just trying to cut down on the number of external projects we bundle.

[kristianpaul]

IMHO this should be bundled, either if we point the docs on how to fetch it/un tar it and/or make that process part of an script.. there is a uncertainty of that file might not be available at some point (unless lives in github perhaps, need to check that last one..)

[ddpbsd]

@kristianpaul I think the default right now is to use pcre2 from the system (installed through the OS's package manager). As long as you have the dependency installed, it shouldn't cause any issues. But feel free to submit a pull request to bundle it. Maybe there's more demand for it than I realize.

[kristianpaul]

Well more than demand, i just came across this issue because was installing OSSEC 3.3 few minutes ago and it complained about pcre2.. Will consider sending the PR for sure

[jubois]

@kristianpaul I think the default right now is to use pcre2 from the system (installed through the OS's package manager). As long as you have the dependency installed, it shouldn't cause any issues. But feel free to submit a pull request to bundle it. Maybe there's more demand for it than I realize.

IMHA, the good way to do it is to bundle pcre into scr/external. This way, the lib is compiled using JIT, and performances are WAY better.

[micos76]

Hi all, Was anyone able to install the agent on macOS Mojave?

Running this after downloading the library and extracting in src/external sudo PCRE2_SYSTEM=no ZLIB_SYSTEM=no ./install.sh

But I still get this error:

pcre2-10.32 configuration summary:

    Install prefix ..................... : /Users/micos/Downloads/ossec-hids-3.3.0/src/external/pcre2-10.32//install
    C preprocessor ..................... : gcc -E
    C compiler ......................... : gcc
    Linker ............................. : /Library/Developer/CommandLineTools/usr/bin/ld
    C preprocessor flags ............... : 
    C compiler flags ................... : -D_THREAD_SAFE -pthread -O2 -fvisibility=hidden
    Linker flags ....................... : 
    Extra libraries .................... :  

    Build 8-bit pcre2 library .......... : yes
    Build 16-bit pcre2 library ......... : no
    Build 32-bit pcre2 library ......... : no
    Include debugging code ............. : no
    Enable JIT compiling support ....... : yes
    Use SELinux allocator in JIT ....... : no
    Enable Unicode support ............. : yes
    Newline char/sequence .............. : lf
    \R matches only ANYCRLF ............ : no
    \C is disabled ..................... : no
    EBCDIC coding ...................... : no
    EBCDIC code for NL ................. : n/a
    Rebuild char tables ................ : no
    Internal link size ................. : 2
    Nested parentheses limit ........... : 250
    Heap limit ......................... : 20000000 kibibytes
    Match limit ........................ : 10000000
    Match depth limit .................. : MATCH_LIMIT
    Build shared libs .................. : no
    Build static libs .................. : yes
    Use JIT in pcre2grep ............... : yes
    Enable callouts in pcre2grep ....... : yes
    Initial buffer size for pcre2grep .. : 20480
    Maximum buffer size for pcre2grep .. : 1048576
    Link pcre2grep with libz ........... : no
    Link pcre2grep with libbz2 ......... : no
    Link pcre2test with libedit ........ : no
    Link pcre2test with libreadline .... : no
    Valgrind support ................... : no
    Code coverage ...................... : no
    Fuzzer support ..................... : no

  CC       src/libpcre2_8_la-pcre2_auto_possess.lo
  CC       src/libpcre2_8_la-pcre2_compile.lo
  CC       src/libpcre2_8_la-pcre2_config.lo
  CC       src/libpcre2_8_la-pcre2_context.lo
  CC       src/libpcre2_8_la-pcre2_convert.lo
  CC       src/libpcre2_8_la-pcre2_dfa_match.lo
  CC       src/libpcre2_8_la-pcre2_error.lo
  CC       src/libpcre2_8_la-pcre2_extuni.lo
  CC       src/libpcre2_8_la-pcre2_find_bracket.lo
  CC       src/libpcre2_8_la-pcre2_jit_compile.lo
  CC       src/libpcre2_8_la-pcre2_maketables.lo
  CC       src/libpcre2_8_la-pcre2_match.lo
  CC       src/libpcre2_8_la-pcre2_match_data.lo
  CC       src/libpcre2_8_la-pcre2_newline.lo
  CC       src/libpcre2_8_la-pcre2_ord2utf.lo
  CC       src/libpcre2_8_la-pcre2_pattern_info.lo
  CC       src/libpcre2_8_la-pcre2_serialize.lo
  CC       src/libpcre2_8_la-pcre2_string_utils.lo
  CC       src/libpcre2_8_la-pcre2_study.lo
  CC       src/libpcre2_8_la-pcre2_substitute.lo
  CC       src/libpcre2_8_la-pcre2_substring.lo
  CC       src/libpcre2_8_la-pcre2_tables.lo
  CC       src/libpcre2_8_la-pcre2_ucd.lo
  CC       src/libpcre2_8_la-pcre2_valid_utf.lo
  CC       src/libpcre2_8_la-pcre2_xclass.lo
  CC       src/libpcre2_8_la-pcre2_chartables.lo
  CCLD     libpcre2-8.la
  CC       src/libpcre2_posix_la-pcre2posix.lo
  CCLD     libpcre2-posix.la

 ./install-sh -c -d '/Users/micos/Downloads/ossec-hids-3.3.0/src/external/pcre2-10.32//install/lib'
mkdir: /Users/micos/Downloads/ossec-hids-3.3.0/src/external/pcre2-10.32/install: File exists
mkdir: /Users/micos/Downloads/ossec-hids-3.3.0/src/external/pcre2-10.32/install: Not a directory
make[1]: *** [install-libLTLIBRARIES] Error 1
make: *** [external/pcre2-10.32//install/lib/libpcre2-8.a] Error 2

Content of the pcre2 folder:

~/Downloads/ossec-hids-3.3.0/src/external/pcre2-10.32$ ls

132html*              HACKING               PrepareRelease*       cmake/                configure.ac          libpcre2-8.la         m4/
AUTHORS               INSTALL               README                compile*              depcomp*              libpcre2-8.pc         missing*
CMakeLists.txt        LICENCE               RunGrepTest*          config-cmake.h.in     doc/                  libpcre2-8.pc.in      pcre2-config*
COPYING               Makefile              RunGrepTest.bat       config.guess*         install-sh*           libpcre2-posix.la     pcre2-config.in
ChangeLog             Makefile.am           RunTest*              config.log            libpcre2-16.pc        libpcre2-posix.pc     perltest.sh*
CheckMan*             Makefile.in           RunTest.bat           config.status*        libpcre2-16.pc.in     libpcre2-posix.pc.in  src/
CleanTxt*             NEWS                  aclocal.m4            config.sub*           libpcre2-32.pc        libtool*              test-driver*
Detrail*              NON-AUTOTOOLS-BUILD   ar-lib*               configure*            libpcre2-32.pc.in     ltmain.sh             testdata/

Any help is appreciated. Thanks Marco

P.S.: not sure why backticks aren't working properly in my message, sorry.

[micos76]

For macOS, I could not use the pcre2 library downloaded following the instructions here. Add to install the library through brew:

brew install pcre2

After which I used the newly installed system pcre2:

sudo PCRE2_SYSTEM=yes ZLIB_SYSTEM=no ./install.sh

Regards

[agsouza]

On Centos 7, I had to install pcre2:

sudo yum install pcre2 pcre2-devel sudo PCRE2_SYSTEM=y ./install.sh

Thanks!

[suryamurugan]

On Ubuntu 18 This worked

sudo apt install libpcre2-dev zlib1g-dev sudo PCRE2_SYSTEM=yes ./install.sh

[19oos]

On CentOS 7, I had download the pcre2 and untar to src/external dir. Not working.

$ cd ossec-hids-*/src

$ wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz

$ tar xzf pcre2-10.32.tar.gz -C ossec-hids-*/src/external

And I tried system's pcre2, not woring. Same error info.

PCRE2_SYSTEM=yes ./install.sh

Hers is the error infomation.

` 5- Installing the system

• Running the Makefile cc -I./external/compat -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DLinux -DINOTIFY_ENABLED -DZLIB_SYSTEM -DUSE_PCRE2_JIT -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -DARGV0=\"ossec-maild\" -c os_maild/maild.c -o os_maild/maild.o In file included from ./headers/shared.h:215:0, from os_maild/maild.c:10: ./os_regex/os_regex.h:19:19: fatal error: pcre2.h: No such file or directory

  include

             ^

  compilation terminated. make: *** [os_maild/maild.o] Error 1

  Error 0x5. Building error. Unable to finish the installation. `

[19oos]

On CentOS 7, I had download the pcre2 and untar to src/external dir. Not working.

$ cd ossec-hids-*/src

$ wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz

$ tar xzf pcre2-10.32.tar.gz -C ossec-hids-*/src/external

And I tried system's pcre2, not woring. Same error info.

PCRE2_SYSTEM=yes ./install.sh

Hers is the error infomation.

` 5- Installing the system

• Running the Makefile cc -I./external/compat -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR="/var/ossec" -DUSER="ossec" -DREMUSER="ossecr" -DGROUPGLOBAL="ossec" -DMAILUSER="ossecm" -DLinux -DINOTIFY_ENABLED -DZLIB_SYSTEM -DUSE_PCRE2_JIT -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -DARGV0="ossec-maild" -c os_maild/maild.c -o os_maild/maild.o In file included from ./headers/shared.h:215:0, from os_maild/maild.c:10: ./os_regex/os_regex.h:19:19: fatal error: pcre2.h: No such file or directory

  include

  ^ compilation terminated. make: *** [os_maild/maild.o] Error 1

Error 0x5. Building error. Unable to finish the installation. `

sudo PCRE2_SYSTEM=no ./install.sh
works.

[mig5]

The above poster is correct, if using the locally-built pcre2, you have to explicitly set PCRE2_SYSTEM=no, because yes is now the default since 1dba4e8698b1d262d3cafce77dfc808b2f19d1d9 . So it will continue to error out if you don't have a system PCRE2.

[ghost]

Hi, I tried out stuff that u guys mentioned above:

I have Extract pcre2-10.32.tar.gz to src/external. sudo PCRE2_SYSTEM=no ./install.sh sudo PCRE2_SYSTEM=yes ./install.sh

I don't have the PCRE2 problem anymore but I'm still facing this issue:

I do not understand the error. Clearly, I have the installation file and I can run the script. My machine is running Ubuntu 18.04.4 LTS The OSSEC file that I downloaded is from https://github.com/ossec/ossec-hids/archive/3.6.0.tar.gz

[ghost]

Hi, I tried out stuff that u guys mentioned above:

I have Extract pcre2-10.32.tar.gz to src/external. sudo PCRE2_SYSTEM=no ./install.sh sudo PCRE2_SYSTEM=yes ./install.sh

I don't have the PCRE2 problem anymore but I'm still facing this issue:

I do not understand the error. Clearly, I have the installation file and I can run the script. My machine is running Ubuntu 18.04.4 LTS The OSSEC file that I downloaded is from https://github.com/ossec/ossec-hids/archive/3.6.0.tar.gz

Nevermind, I solved it by installing the following packages: sudo apt-get install build-essential sudo apt install libssl1.0-dev apt install libz-dev libssl-dev libpcre2-dev libevent-dev