One question... WTF?.
$ sudo /var/www/var/ossec/bin/manage_agents
2009/10/29 17:46:03 manage_agents(1203): ERROR: Invalid user '' or group 'ossec' given.
OSSEC run on OpenBSD 4.5 and until today is OK, but I tried add a new client and display this error.
any idea?
thanks.
Dimitri.-
http://deoxyt2.livejournal.com
OpenBSD - Free, Functional & Secure
Haven't had that problem. Check to make sure all users an groups are
present, and the binaries are owned by the correct users.
Users:
ossec
ossecm
ossecr
Group: ossec
> $ sudo /var/www/var/ossec/bin/manage_agents
> 2009/10/29 17:46:03 manage_agents(1203): ERROR: Invalid user '' or group 'ossec' given.
>
> OSSEC run on OpenBSD 4.5 and until today is OK, but I tried add a new client and display this error.
It probably has something to do either with the chroot or environment
while running under sudo. Maybe it will work if you run it as the ossec
user (pass it as an option to sudo).
I treated this options:
whit, for example, ossec wui user is user4:
$ sudo -u user4 /var/www/var/ossec/bin/manage_agents
Password:
2009/11/02 10:06:31 manage_agents(1203): ERROR: Invalid user '' or group 'ossec' given.
$ sudo -u user4 /var/www/var/ossec/bin/ossec-control start
Starting OSSEC HIDS v2.1 (by Trend Micro Inc.)...
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
/var/www/var/ossec/bin/ossec-control[303]: cannot create /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
2009/11/02 10:00:28 ossec-maild(1203): ERROR: Invalid user 'ossecm' or group 'ossec' given.
ossec-maild: Configuration error. Exiting
OK, now I treat whit ossecm user, ossec user, ossec group but the error is same.
Dimitri.-
http://deoxyt2.livejournal.com
OpenBSD - Free, Functional & Secure
--- El dom, 1/11/09, Michael Starks <ossec...@michaelstarks.com> escribió:
The manage_agents must be executed as root, since it will try to
chroot/setuid before running.
Same thing with the ossec-control script, since it must be started as
root. That's why you are getting
all these weird errors.
Thanks,
--
Daniel B. Cid
dcid ( at ) ossec.net
How root the error is same.
# /var/www/var/ossec/bin/ossec-control restart
ossec-monitord not running ..
ossec-logcollector not running ..
ossec-remoted not running ..
ossec-syscheckd not running ..
ossec-analysisd not running ..
ossec-maild not running ..
ossec-execd not running ..
OSSEC HIDS v2.1 Stopped
Starting OSSEC HIDS v2.1 (by Trend Micro Inc.)...
2009/11/09 10:51:30 ossec-maild(1203): ERROR: Invalid user 'ossecm' or group 'ossec' given.
ossec-maild: Configuration error. Exiting
var/ossec/bin/manage_agents <
2009/11/09 10:51:48 manage_agents(1203): ERROR: Invalid user '' or group 'ossec' given.
#
This is really strange
Regards.
Dimitri.-
http://deoxyt2.livejournal.com
OpenBSD - Free, Functional & Secure
--- El jue, 5/11/09, Daniel Cid <danie...@gmail.com> escribió: