manage_agents(1203)

Skip to first unread message

Dimitri

unread,
Oct 29, 2009, 5:04:38 PM10/29/09
to ossec list
Hi gys.

One question... WTF?.

$ sudo /var/www/var/ossec/bin/manage_agents
2009/10/29 17:46:03 manage_agents(1203): ERROR: Invalid user '' or group 'ossec' given.

OSSEC run on OpenBSD 4.5 and until today is OK, but I tried add a new client and display this error.

any idea?

thanks.

Dimitri.-
http://deoxyt2.livejournal.com
OpenBSD - Free, Functional & Secure



dan (ddp)

unread,
Oct 29, 2009, 9:20:16 PM10/29/09
to ossec...@googlegroups.com

Haven't had that problem. Check to make sure all users an groups are
present, and the binaries are owned by the correct users.
Users:
ossec
ossecm
ossecr

Group: ossec

Michael Starks

unread,
Nov 1, 2009, 4:32:24 PM11/1/09
to ossec...@googlegroups.com
Dimitri wrote:

> $ sudo /var/www/var/ossec/bin/manage_agents
> 2009/10/29 17:46:03 manage_agents(1203): ERROR: Invalid user '' or group 'ossec' given.
>
> OSSEC run on OpenBSD 4.5 and until today is OK, but I tried add a new client and display this error.

It probably has something to do either with the chroot or environment
while running under sudo. Maybe it will work if you run it as the ossec
user (pass it as an option to sudo).

Dimitri

unread,
Nov 2, 2009, 8:41:24 AM11/2/09
to ossec...@googlegroups.com
mmmm ok.

I treated this options:
whit, for example, ossec wui user is user4:

$ sudo -u user4 /var/www/var/ossec/bin/manage_agents
Password:
2009/11/02 10:06:31 manage_agents(1203): ERROR: Invalid user '' or group 'ossec' given.


$ sudo -u user4 /var/www/var/ossec/bin/ossec-control start
Starting OSSEC HIDS v2.1 (by Trend Micro Inc.)...
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
cat: /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
/var/www/var/ossec/bin/ossec-control[303]: cannot create /var/www/var/ossec/var/start-script-lock/pid: No such file or directory
2009/11/02 10:00:28 ossec-maild(1203): ERROR: Invalid user 'ossecm' or group 'ossec' given.
ossec-maild: Configuration error. Exiting

OK, now I treat whit ossecm user, ossec user, ossec group but the error is same.

Dimitri.-
http://deoxyt2.livejournal.com
OpenBSD - Free, Functional & Secure


--- El dom, 1/11/09, Michael Starks <ossec...@michaelstarks.com> escribió:

Daniel Cid

unread,
Nov 5, 2009, 11:14:10 AM11/5/09
to ossec...@googlegroups.com
Hi Dimitri,

The manage_agents must be executed as root, since it will try to
chroot/setuid before running.

Same thing with the ossec-control script, since it must be started as
root. That's why you are getting
all these weird errors.

Thanks,

--
Daniel B. Cid
dcid ( at ) ossec.net

Dimitri

unread,
Nov 9, 2009, 9:11:01 AM11/9/09
to ossec...@googlegroups.com
Friend.

How root the error is same.

# /var/www/var/ossec/bin/ossec-control restart
ossec-monitord not running ..
ossec-logcollector not running ..
ossec-remoted not running ..
ossec-syscheckd not running ..
ossec-analysisd not running ..
ossec-maild not running ..
ossec-execd not running ..
OSSEC HIDS v2.1 Stopped


Starting OSSEC HIDS v2.1 (by Trend Micro Inc.)...

2009/11/09 10:51:30 ossec-maild(1203): ERROR: Invalid user 'ossecm' or group 'ossec' given.
ossec-maild: Configuration error. Exiting
var/ossec/bin/manage_agents <
2009/11/09 10:51:48 manage_agents(1203): ERROR: Invalid user '' or group 'ossec' given.
#

This is really strange

Regards.

Dimitri.-
http://deoxyt2.livejournal.com
OpenBSD - Free, Functional & Secure


--- El jue, 5/11/09, Daniel Cid <danie...@gmail.com> escribió:

Reply all
Reply to author
Forward
0 new messages