"ossec-hids-local-2.7" on FreeBSD 10
Robin Brocks
robin.brocks at brocks.de
Wed Jan 29 11:57:11 UTC 2014
Hello Ports Team,
since the port "ossec-hids-local-2.7" does not have a maintainer, i am
using this mail address instead.
Currently i am not sure if i have a individual problem, but for me it
seems it could be a general problem with the port or the project OSSEC
itself.
I can not make OSSEC "ossec-hids-local-2.7" run on FreeBSD 10.
I always get the error message
2014/01/29 09:32:26 ossec-rootcheck(1210): ERROR: Queue
'/usr/local/ossec-hids/queue/ossec/queue' not accessible: 'Socket
operation on non-socket'.
when starting syscheckd.
I already deleted the file "queue", chmodded it to 666 or 777, but
nothing changed. "ossec" owns the complete folder tree. Any idea?
I am pretty sure it has something to do with the FBSD Version 10, when
is was running FBSD 9.1, those problems did not occur.
> /usr/local/ossec-hids/bin/ossec-control start
Starting OSSEC HIDS v2.7 (by Trend Micro Inc.)...
ossec-analysisd: Configuration error. Exiting.
> /usr/local/ossec-hids/bin/ossec-control enable debug
> /usr/local/ossec-hids/bin/ossec-analysisd
> /usr/local/ossec-hids/bin/ossec-syscheckd
2014/01/29 10:00:49 ossec-syscheckd(1210): ERROR: Queue
'/usr/local/ossec-hids/queue/ossec/queue' not accessible: 'Socket
operation on non-socket'.
2014/01/29 10:00:49 ossec-rootcheck(1210): ERROR: Queue
'/usr/local/ossec-hids/queue/ossec/queue' not accessible: 'Socket
operation on non-socket'.
2014/01/29 10:00:57 ossec-syscheckd(1210): ERROR: Queue
'/usr/local/ossec-hids/queue/ossec/queue' not accessible: 'Socket
operation on non-socket'.
2014/01/29 10:00:57 ossec-rootcheck(1210): ERROR: Queue
'/usr/local/ossec-hids/queue/ossec/queue' not accessible: 'Socket
operation on non-socket'.
2014/01/29 10:01:10 ossec-syscheckd(1210): ERROR: Queue
'/usr/local/ossec-hids/queue/ossec/queue' not accessible: 'Socket
operation on non-socket'.
2014/01/29 10:01:10 ossec-rootcheck(1211): ERROR: Unable to access
queue: '/usr/local/ossec-hids/queue/ossec/queue'. Giving up..
> whoami
root
> file /usr/local/ossec-hids/queue/ossec/queue
/usr/local/ossec-hids/queue/ossec/queue: empty
> ls -al
total 16
drwxrwx--- 2 ossec ossec 512 Jan 29 09:25 .
dr-xr-x--- 11 root ossec 512 Jan 28 14:05 ..
-rwxrwxrwx 1 ossec ossec 0 Jan 29 09:25 queue
Any hint or idea? Anyone maintaining this port who could help?
best regards,
Robin
More information about the freebsd-ports
mailing list