Package Details: ossec-local 2.8.3-1

Git Clone URL: https://aur.archlinux.org/ossec-local.git (read-only)
Package Base: ossec-local
Description: Open Source Host-based Intrusion Detection System
Upstream URL: http://www.ossec.net/
Licenses: GPL3
Submitter: stativ
Maintainer: stativ
Last Packager: stativ
Votes: 14
Popularity: 0.769473
First Submitted: 2007-09-29 15:40
Last Updated: 2016-01-21 19:27

Latest Comments

GI_Jack commented on 2015-04-29 14:39

/usr/bin/ld: ../external/libz.a(compress.o): relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with -fPIC
../external/libz.a: error adding symbols: Bad value

stativ commented on 2011-09-01 14:24

Finally an update. I found a way how to bypass the handling of permissions in this package to make sure everything is installed properly (ie. no more errors similar to the ones in the log posted by evaryont).

evaryont commented on 2011-03-13 11:24

If you would please, update the package descriptions to be a bit more descriptive of why there are 3 different ossec packages (had to run the installer manually just to figure out the differences.)

Also, I'm getting a *lot* of installer errors, among them the group/user stuff but that's already known. See here: http://pastebin.com/qpM6kyAN

It seems that the folder is r-x, and the script is later adding a bunch of files, but being read-only, it fails.

Anonymous comment on 2010-07-26 11:21

FYI, i requested the groups/user to be added to the <http://wiki.archlinux.org/index.php/Talk:DeveloperWiki:UID_/_GID_Database#Ossec>

Anonymous comment on 2010-07-26 11:09

... yeah, you are right. i should have been drinking some coffee before trying to think :)

thanks for the support :)

stativ commented on 2010-07-26 10:47

Finkregh: OSSEC needs several users and groups to exist for proper function. Because it's improbable that OSSEC gets it's way into the official distribution it's not possible to reserve the group and user names names in the official /etc/group and /etc/passwd. For that reason I chose the group and user ID's which are not likely to be used. The OSSEC's install script not only sets the file permissions according to these setting but also tries to create specified groups and users (which has to fail unless you are building as root). Necessary groups and users (with the exactly same ID's) are created during installation (see the install script).

According to the other errors you can ignore these safely too.

Anonymous comment on 2010-07-26 08:56

groupadd: '525' is not a valid group name
useradd: group '525' does not exist
useradd: group '525' does not exist
useradd: group '525' does not exist
cp: cannot create regular file `/var/ossec/tmp/yaourt-tmp-root/aur-ossec-local/pkg/etc/ossec-init.conf': No such file or directory
chmod: cannot access `/var/ossec/tmp/yaourt-tmp-root/aur-ossec-local/pkg/etc/ossec-init.conf': No such file or directory

hmm... :)

stativ commented on 2010-05-27 15:31

New updated PKGBUILD is out!

* generated rules should be correct now (thanks to somebody who pointed that out before the comments on AUR were lost)
* it is possible to change some of the settings in the config file (eg. e-mail notification)
* startup script is now colored (thanks Yorokobi)

stativ commented on 2010-04-24 18:00

Thank you for the suggestion. I'll take a look at it later, because I've to redesign PKGBUILD a bit. I had some reports that installed rules doesn't work properly.

Anonymous comment on 2010-04-24 17:57

Suggestion for ossec.rc: add '. /etc/rc.conf' before '. /etc/rc.d/functions' to enabled colorful stat_{busy|done}