Package Details: ossec-local 2.9.0-1

Git Clone URL: (read-only)
Package Base: ossec-local
Description: Open Source Host-based Intrusion Detection System
Upstream URL:
Licenses: GPL3
Submitter: stativ
Maintainer: None
Last Packager: stativ
Votes: 15
Popularity: 0.006246
First Submitted: 2007-09-29 15:40
Last Updated: 2017-05-05 21:41

Latest Comments

stativ commented on 2017-05-14 20:21

2.9.0 is the latest stable:!topic/ossec-list/4iHTRtcca9Y

BTW, I already did most of the heavy-lifting to make 2.9.0 compile and install cleanly. I'm sure it's missing just some minor bits to make it work (maybe only a configuration update). However I can't be bothered to actually work on that, it's no longer worth the effort for me.

plp commented on 2017-05-14 19:06

Should we revert to 2.8.3 until someone does?

stativ commented on 2017-05-05 21:43

I did some of the work required for bumping it to 2.9.0, but I'm still not able to make it work nicely.

So I'm disowning this package, hopefully someone will be able to make it work.

GI_Jack commented on 2015-04-29 14:39

/usr/bin/ld: ../external/libz.a(compress.o): relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with -fPIC
../external/libz.a: error adding symbols: Bad value

stativ commented on 2011-09-01 14:24

Finally an update. I found a way how to bypass the handling of permissions in this package to make sure everything is installed properly (ie. no more errors similar to the ones in the log posted by evaryont).

evaryont commented on 2011-03-13 11:24

If you would please, update the package descriptions to be a bit more descriptive of why there are 3 different ossec packages (had to run the installer manually just to figure out the differences.)

Also, I'm getting a *lot* of installer errors, among them the group/user stuff but that's already known. See here:

It seems that the folder is r-x, and the script is later adding a bunch of files, but being read-only, it fails.

Anonymous comment on 2010-07-26 11:21

FYI, i requested the groups/user to be added to the <>

Anonymous comment on 2010-07-26 11:09

... yeah, you are right. i should have been drinking some coffee before trying to think :)

thanks for the support :)

stativ commented on 2010-07-26 10:47

Finkregh: OSSEC needs several users and groups to exist for proper function. Because it's improbable that OSSEC gets it's way into the official distribution it's not possible to reserve the group and user names names in the official /etc/group and /etc/passwd. For that reason I chose the group and user ID's which are not likely to be used. The OSSEC's install script not only sets the file permissions according to these setting but also tries to create specified groups and users (which has to fail unless you are building as root). Necessary groups and users (with the exactly same ID's) are created during installation (see the install script).

According to the other errors you can ignore these safely too.

Anonymous comment on 2010-07-26 08:56

groupadd: '525' is not a valid group name
useradd: group '525' does not exist
useradd: group '525' does not exist
useradd: group '525' does not exist
cp: cannot create regular file `/var/ossec/tmp/yaourt-tmp-root/aur-ossec-local/pkg/etc/ossec-init.conf': No such file or directory
chmod: cannot access `/var/ossec/tmp/yaourt-tmp-root/aur-ossec-local/pkg/etc/ossec-init.conf': No such file or directory

hmm... :)

All comments