Arch Linux User Repository

@ruidc: If you use this package, please adopt it so others can benefit as well.

I got past my problems, the key issue was that the owner on /var/ossec was still root and should have been ossec

trying to run the agent i get:
ERROR: Queue '/var/ossec/queue/ossec/queue' not accessible: 'Queue not found'.

And indeed the last 'queue' file/folder is not there. My understanding is that this should be created upon running ossec-analysisd but that is not part of this package. Do I need to also install the ossec-server package even though i only want an agent here?

@testtube: great, thanks!

@static thanks, I don't have time to test it but the manage_agents is fixed:
$/var/ossec/bin/manage_agents
****************************************
* OSSEC HIDS v2.8.3 Agent manager. *
* The following options are available: *
****************************************
(I)mport key from the server (I).
(Q)uit.

Can some of you guys using the ossec agent installation whether the manage_agents works in this version? I think I have finally found why it was compiled for server rather than for agent and fixed it appropriately. Thx.

this package is still broken as below, indeed the provided manage_agents is for server not agent:
$ /var/ossec/bin/manage_agents -i xxxxxxxxxxxxxx
2015/xx/xx xx:xx:xx manage_agents: You can't import keys on the manager.

Note: ossec appears to require (optional?) the 'host' command for installation. If so, could you please include the bind-tools package as a dependency?

Regarding the previous posted problems, a manual installation outside of this package appears to work fine. Have you discovered why this package won't work?

Note: ossec appears to require (optional?) the 'host' command for installation. If so, could you please include the bind-utils package as a dependency?

Regarding the previous posted problems, a manual installation outside of this package appears to work fine. Have you discovered why this package won't work?

Hi stativ,

Two errors, first is a blocker:

1) This ossec-agent package produces a /var/ossec/bin/manage_agents that is supposed to be for the ossec-server package. ossec-agent's manage_agent should have different functionality and the ability to import keys as seen here: https://ossec-docs.readthedocs.org/en/latest/programs/manage_agents.html

Even with the -i switch, the current manage_agents in the ossec-agent's package does not work for clients/agents. As of writing, I cannot use ossec at all because of this problem.

2) The following message appears when building

"5- Installing the system
- Running the Makefile
cp: failed to access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied
chmod: cannot access ‘/var/ossec/tmp/makepkg/ossec-agent/pkg/ossec-agent/etc/ossec-init.conf’: Permission denied

- Unknown system. No init script added.
- Configuration finished properly."

This scripts says that it finished properly, but did it really? Note: /tmp/makepkg would be my current build directory for makepkg.

I wonder if these are Arch issues or upstream issues. As a whole, I find this project a little scattered and erratic, especially with documentation, so if I missed something, my apologies.