Trying to install OSSEC 3.6.0 under OpenBSD 6.8 fails

16 views
Skip to first unread message

Carlos Lopez

unread,
Jan 31, 2021, 12:11:00 PMJan 31
to ossec...@googlegroups.com

Hi all,

 

I am trying to install Ossec 3.6.0 under an OpenBSD 6.8 hosts to act as an ossec-server, but the following errors appears:

 

root@obsdtst:/tmp/ossec-hids-3.6.0/src# gmake TARGET=server PCRE2_SYSTEM=yes ZLIB_SYSTEM=yes USE_INOTIFY=yes USE_GEOIP=1

…………………

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_regex/os_regex_execute.c -o os_regex/os_regex_execute.o

os_regex/os_regex_execute.c:57:34: warning: comparison of integers of different signs: 'size_t' (aka 'unsigned long') and 'int' [-Wsign-compare]

            if (sub_string_start != -1) {

                ~~~~~~~~~~~~~~~~ ^  ~~

1 warning generated.

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_regex/os_regex_free_pattern.c -o os_regex/os_regex_free_pattern.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_regex/os_regex_free_substrings.c -o os_regex/os_regex_free_substrings.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_regex/os_regex_maps.c -o os_regex/os_regex_maps.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_regex/os_regex_match.c -o os_regex/os_regex_match.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_regex/os_regex_startswith.c -o os_regex/os_regex_startswith.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_regex/os_regex_str.c -o os_regex/os_regex_str.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_regex/os_regex_strbreak.c -o os_regex/os_regex_strbreak.o

ar -crs os_regex.a os_regex/os_converter.o os_regex/os_match.o os_regex/os_match_compile.o os_regex/os_match_execute.o os_regex/os_match_free_pattern.o os_regex/os_pcre2.o os_regex/os_pcre2_compile.o os_regex/os_pcre2_execute.o os_regex/os_pcre2_free_pattern.o os_regex/os_pcre2_free_substrings.o os_regex/os_regex.o os_regex/os_regex_compile.o os_regex/os_regex_execute.o os_regex/os_regex_free_pattern.o os_regex/os_regex_free_substrings.o os_regex/os_regex_maps.o os_regex/os_regex_match.o os_regex/os_regex_startswith.o os_regex/os_regex_str.o os_regex/os_regex_strbreak.o

ranlib os_regex.a

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_xml/os_xml.c -o os_xml/os_xml.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_xml/os_xml_access.c -o os_xml/os_xml_access.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_xml/os_xml_node_access.c -o os_xml/os_xml_node_access.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_xml/os_xml_variables.c -o os_xml/os_xml_variables.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -c os_xml/os_xml_writer.c -o os_xml/os_xml_writer.o

ar -crs os_xml.a os_xml/os_xml.o os_xml/os_xml_access.o os_xml/os_xml_node_access.o os_xml/os_xml_variables.o os_xml/os_xml_writer.o

ranlib os_xml.a

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ os_maild/config.o os_maild/mail_list.o os_maild/maild.o os_maild/os_maild_client.o os_maild/sendcustomemail.o os_maild/sendmail.o os_dns/os_dns.o os_crypto.a config.a shared.a os_net.a os_regex.a os_xml.a  -lm -L/usr/local/lib -lpcre2-8 -lGeoIP -lssl -lcrypto -lz -lutil -levent  -o ossec-maild

ld: error: unable to find library -lGeoIP

cc: error: linker command failed with exit code 1 (use -v to see invocation)

 

Due to this error I have tried a second time withput GEOIP support enabled:

 

root@obsdtst:/tmp/ossec-hids-3.6.0/src# gmake TARGET=server PCRE2_SYSTEM=yes ZLIB_SYSTEM=yes USE_INOTIFY=yes

 

…………………………………………

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -I./util  -DARGV0=\"utils\" -c util/syscheck_control.c -o util/syscheck_control.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/  -I./external/cJSON/ util/syscheck_control.o addagent/validate.o os_crypto.a config.a shared.a os_net.a os_regex.a os_xml.a os_zlib.a libcJSON.a  -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto -lz -o syscheck_control

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -I./util  -DARGV0=\"utils\" -c util/rootcheck_control.c -o util/rootcheck_control.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/  -I./external/cJSON/ util/rootcheck_control.o addagent/validate.o os_crypto.a config.a shared.a os_net.a os_regex.a os_xml.a os_zlib.a libcJSON.a  -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto -lz -o rootcheck_control

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -I./util  -DARGV0=\"utils\" -c util/verify-agent-conf.c -o util/verify-agent-conf.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/  util/verify-agent-conf.o os_crypto.a config.a shared.a os_net.a os_regex.a os_xml.a os_zlib.a  -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto -lz -o verify-agent-conf

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -I./util  -DARGV0=\"utils\" -c util/ossec-regex.c -o util/ossec-regex.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/  util/ossec-regex.o os_crypto.a config.a shared.a os_net.a os_regex.a os_xml.a os_zlib.a  -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto -lz -o ossec-regex

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -I./util  -DARGV0=\"utils\" -c util/ossec-regex-convert.c -o util/ossec-regex-convert.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ util/ossec-regex-convert.o os_crypto.a config.a shared.a os_net.a os_regex.a os_xml.a os_zlib.a  -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto -lz -o ossec-regex-convert

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/config.c -o syscheckd/config.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/create_db.c -o syscheckd/create_db.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/run_check.c -o syscheckd/run_check.o

cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/run_realtime.c -o syscheckd/run_realtime.o

syscheckd/run_realtime.c:23:10: fatal error: 'sys/inotify.h' file not found

#include <sys/inotify.h>

         ^~~~~~~~~~~~~~~

1 error generated.

gmake: *** [Makefile:1104: syscheckd/run_realtime.o] Error 1

 

inotify.h file is installed in /usr/local/include/inotify/sys/inotify.h. The following packages are installed in this OpenBSD 6.8 host:

 

bzip2-1.0.8         block-sorting file compressor, unencumbered

geolite2-country-20191224p0 GeoIP2 GeoLite2 database: IPv4/v6 address to country

gettext-runtime-0.21 GNU gettext runtime libraries and programs

gmake-4.3           GNU make

intel-firmware-20200616v0 microcode update binaries for Intel CPUs

libiconv-1.16p0     character set conversion library

libinotify-20170711p0 kevent based inotify

libmagic-5.39       library to determine file type

libmaxminddb-1.4.3  library for MaxMind GeoIP2/GeoLite2 IP geolocation databases

pcre2-10.35         perl-compatible regular expression library, version 2

quirks-3.440        exceptions to pkg_add rules

 

And my LD_LIBRARY_PATH variable is:

KSH_VERSION='@(#)PD KSH v5.2.14 99/07/13.2'

LD_LIBRARY_PATH=/usr/lib:/usr/local/lib:/usr/local/lib/inotify

 

Any idea or trick?

 

Regards,

C. L. Martinez

dan (ddp)

unread,
Feb 1, 2021, 1:34:42 PMFeb 1
to ossec...@googlegroups.com
I think this patch should fix the inotify problem.
Not sure how to work on the geoip stuff, I think OpenBSD dropped the
ports for the old library.
> --
>
> ---
> You received this message because you are subscribed to the Google Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/7421B1DC-EA7E-413F-9740-4756F9B15ED7%40outlook.com.

dan (ddp)

unread,
Feb 1, 2021, 1:35:30 PMFeb 1
to ossec...@googlegroups.com
*ahem* _THIS_ patch.
Makefile.diff
Reply all
Reply to author
Forward
0 new messages