Назад | Перейти на главную страницу

ossec 2.7.1 не обновляется на серверах

Я пытаюсь обновить настройки компьютеров ossec как серверов с 2.6 и 2.7 до 2.7.1.

Я загружаю ossec-hids-2.7.1.tar.gz, распаковываю его и запускаю ./install.sh. Он распознает наличие предыдущей версии, спрашивает, хочу ли я обновить, а затем спрашивает, хочу ли я обновить правила. Я говорю да обоим, и он все компилирует и, кажется, успешно обновляется. Новая версия ossec создается в этом каталоге, но не записывается в / var / ossec. / var / ossec / bin / ossec-agentd -V по-прежнему показывает старую версию.

Это отлично работает при настройке компьютеров ossec в качестве агентов. Кажется довольно простым. Я не уверен, что делаю не так. Любые идеи?

Он не работает на Ubuntu 12.04 или CentOS 6.5

Я сброшу то, что вижу здесь: (я удалил некоторую компиляцию в середине b / c, у меня закончились символы в сообщении)

root@domain:~/initial_install/ossec-hids-2.7.1# ./install.sh 

  ** Para instalação em português, escolha [br].
  ** 要使用中文进行安装, 请选择 [cn].
  ** Fur eine deutsche Installation wohlen Sie [de].
  ** Για εγκατάσταση στα Ελληνικά, επιλέξτε [el].
  ** For installation in English, choose [en].
  ** Para instalar en Español , eliga [es].
  ** Pour une installation en français, choisissez [fr]
  ** A Magyar nyelvű telepítéshez válassza [hu].
  ** Per l'installazione in Italiano, scegli [it].
  ** 日本語でインストールします.選択して下さい.[jp].
  ** Voor installatie in het Nederlands, kies [nl].
  ** Aby instalować w języku Polskim, wybierz [pl].
  ** Для инструкций по установке на русском ,введите [ru].
  ** Za instalaciju na srpskom, izaberi [sr].
  ** Türkçe kurulum için seçin [tr].
  (en/br/cn/de/el/es/fr/hu/it/jp/nl/pl/ru/sr/tr) [en]: 


 OSSEC HIDS v2.7.1 Installation Script - http://www.ossec.net

 You are about to start the installation process of the OSSEC HIDS.
 You must have a C compiler pre-installed in your system.
 If you have any questions or comments, please send an e-mail
 to dcid@ossec.net (or daniel.cid@gmail.com).

  - System: Linux domain 3.5.0-44-generic
  - User: root
  - Host: domain


  -- Press ENTER to continue or Ctrl-C to abort. --


 - You already have OSSEC installed. Do you want to update it? (y/n): y
 - Do you want to update the rules? (y/n): y


2- Setting up the installation environment.


    - Installation will be made at  /var/ossec .

5- Installing the system
 - Running the Makefile
INFO: Little endian set.

 *** Making zlib (by Jean-loup Gailly and Mark Adler)  *** 
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/external/zlib-1.2.3'
gcc -c -g -Wall -I../../ -I../../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"zlib\" -DXML_VAR=\"var\" -DOSSECHIDS *.c
ar cru libz.a *.o 
ranlib libz.a
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/external/zlib-1.2.3'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/external/zlib-1.2.3'
cp -pr zlib.h zconf.h ../../headers/
cp -pr libz.a ../
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/external/zlib-1.2.3'



 *** Making os_xml *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_xml'
gcc -DXML_VAR=\"var\" -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"os_xml\" -DXML_VAR=\"var\" -DOSSECHIDS -c os_xml.c os_xml_access.c os_xml_node_access.c os_xml_variables.c os_xml_writer.c
os_xml_variables.c: In function ‘OS_ApplyVariables’:
os_xml_variables.c:119:33: warning: variable ‘final’ set but not used [-Wunused-but-set-variable]
ar cru os_xml.a os_xml.o os_xml_access.o os_xml_node_access.o os_xml_variables.o os_xml_writer.o
ranlib os_xml.a
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_xml'


 *** Making os_regex *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_regex'
gcc -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"os_regex\" -DXML_VAR=\"var\" -DOSSECHIDS -c *.c -Wall
ar cru os_regex.a *.o
ranlib os_regex.a
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_regex'


 *** Making os_net *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_net'
gcc -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"os_net\" -DXML_VAR=\"var\" -DOSSECHIDS -c os_net.c
ar cru os_net.a os_net.o
ranlib os_net.a
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_net'


 *** Making os_crypto *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto'
make[2]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/blowfish'
gcc -g -Wall -I../../ -I../../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"blowfish_op\" -DXML_VAR=\"var\" -DOSSECHIDS -c bf_op.c bf_skey.c bf_enc.c
ar cru bf_op.a bf_op.o bf_skey.o bf_enc.o
ranlib bf_op.a
make[2]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/blowfish'
make[2]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/md5'
gcc -g -Wall -I../../ -I../../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"md5_op\" -DXML_VAR=\"var\" -DOSSECHIDS -c md5.c md5_op.c
ar cru md5_op.a md5_op.o md5.o
ranlib md5_op.a
make[2]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/md5'
make[2]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/sha1'
gcc -g -Wall -I../../ -I../../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"sha1_op\" -DXML_VAR=\"var\" -DOSSECHIDS -c sha1_op.c
ar cru sha1_op.a sha1_op.o
ranlib sha1_op.a
make[2]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/sha1'
make[2]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/md5_sha1'
gcc -g -Wall -I../../ -I../../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"md5_sha1_op\" -DXML_VAR=\"var\" -DOSSECHIDS -c ../md5/md5.c md5_sha1_op.c
ar cru md5_op.a md5_sha1_op.o ../md5/md5.o
ranlib md5_op.a
make[2]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/md5_sha1'
make[2]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/shared'
gcc -g -Wall -I../../ -I../../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"shared\" -DXML_VAR=\"var\" -DOSSECHIDS -c *.c
ar cru shared.a *.o
ranlib shared.a
make[2]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto/shared'
ar cru os_crypto.a blowfish/bf_op.o blowfish/bf_skey.o blowfish/bf_enc.o md5/md5_op.o md5/md5.o sha1/sha1_op.o md5_sha1/md5_sha1_op.o shared/*.o
ranlib os_crypto.a
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_crypto'


 *** Making shared *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/shared'
gcc -c -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"shared-libs\" -DXML_VAR=\"var\" -DOSSECHIDS *.c
read-agents.c: In function ‘_do_print_rootcheck’:
read-agents.c:570:12: warning: variable ‘c_time’ set but not used [-Wunused-but-set-variable]
read-agents.c: In function ‘get_agent_info’:
read-agents.c:1280:10: warning: variable ‘tmp_file’ set but not used [-Wunused-but-set-variable]
ar cru lib_shared.a *.o 
ranlib lib_shared.a
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/shared'


 *** Making config *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/config'
gcc -c -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"ossec-config\" -DXML_VAR=\"var\" -DOSSECHIDS *.c
ar cru lib_config.a *.o 
ranlib lib_config.a
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/config'


 *** Making os_maild *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_maild'
gcc -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"ossec-maild\" -DXML_VAR=\"var\" -DOSSECHIDS  maild.c config.c os_maild_client.c sendmail.c mail_list.c ../config/lib_config.a ../shared/lib_shared.a ../os_net/os_net.a ../os_regex/os_regex.a ../os_xml/os_xml.a -o ossec-maild
maild.c: In function ‘OS_Run’:
maild.c:198:9: warning: variable ‘today’ set but not used [-Wunused-but-set-variable]
sendmail.c: In function ‘OS_Sendmail’:
sendmail.c:288:10: warning: variable ‘additional_to’ set but not used [-Wunused-but-set-variable]
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_maild'


 *** Making os_dbd *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_dbd'
Compiling DB support with: 
gcc -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"ossec-dbd\" -DXML_VAR=\"var\" -DOSSECHIDS   *.c ../config/lib_config.a ../shared/lib_shared.a ../os_net/os_net.a ../os_regex/os_regex.a ../os_xml/os_xml.a -o ossec-dbd 
db_op.c: In function ‘none_osdb_connect’:
db_op.c:402:11: warning: variable ‘tmp’ set but not used [-Wunused-but-set-variable]
db_op.c: In function ‘none_osdb_close’:
db_op.c:414:11: warning: variable ‘tmp’ set but not used [-Wunused-but-set-variable]
db_op.c: In function ‘none_osdb_query_insert’:
db_op.c:422:11: warning: variable ‘tmp’ set but not used [-Wunused-but-set-variable]
db_op.c: In function ‘none_osdb_query_select’:
db_op.c:431:11: warning: variable ‘tmp’ set but not used [-Wunused-but-set-variable]
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_dbd'


 *** Making monitord *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/monitord'
gcc -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"ossec-monitord\" -DXML_VAR=\"var\" -DOSSECHIDS  compress_log.c main.c manage_files.c monitor_agents.c monitord.c sign_log.c generate_reports.c ../os_maild/sendcustomemail.c ../config/lib_config.a ../shared/lib_shared.a ../os_net/os_net.a ../os_regex/os_regex.a ../os_xml/os_xml.a ../os_crypto/os_crypto.a ../os_zlib/os_zlib.c ../external/libz.a -o ossec-monitord
gcc -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"ossec-monitord\" -DXML_VAR=\"var\" -DOSSECHIDS  -UARGV0 -DARGV0=\"ossec-reportd\" report.c ../config/lib_config.a ../shared/lib_shared.a ../os_net/os_net.a ../os_regex/os_regex.a ../os_xml/os_xml.a ../os_crypto/os_crypto.a ../os_zlib/os_zlib.c ../external/libz.a -o ossec-reportd
report.c: In function ‘main’:
report.c:48:11: warning: variable ‘cfg’ set but not used [-Wunused-but-set-variable]
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/monitord'


 *** Making os_auth *** 

make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_auth'
gcc -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"ossec-authd\" -DXML_VAR=\"var\" -DOSSECHIDS  main-server.c ssl.c  ../addagent/validate.c ../config/lib_config.a ../shared/lib_shared.a ../os_net/os_net.a ../os_regex/os_regex.a ../os_crypto/os_crypto.a ../os_zlib/os_zlib.c ../external/libz.a  -o ossec-authd
gcc -g -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DLOCAL  -DUSEINOTIFY     -DARGV0=\"ossec-authd\" -DXML_VAR=\"var\" -DOSSECHIDS  main-client.c ssl.c  ../addagent/validate.c ../config/lib_config.a ../shared/lib_shared.a ../os_net/os_net.a ../os_regex/os_regex.a ../os_crypto/os_crypto.a ../os_zlib/os_zlib.c ../external/libz.a  -o agent-auth
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_auth'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_maild'
cp -pr ossec-maild ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_maild'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_dbd'
cp -pr ossec-dbd ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_dbd'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_csyslogd'
cp -pr ossec-csyslogd ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_csyslogd'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/agentlessd'
cp -pr ossec-agentlessd ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/agentlessd'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_execd'
cp -pr ossec-execd ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_execd'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/analysisd'
cp -pr ossec-analysisd ../../bin
cp -pr ossec-logtest ../../bin
cp -pr ossec-makelists ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/analysisd'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/logcollector'
cp -pr ossec-logcollector ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/logcollector'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/remoted'
cp -pr ossec-remoted ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/remoted'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/client-agent'
cp -pr ossec-agentd ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/client-agent'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/addagent'
cp -pr manage_agents ../../bin 
cp -pr manage_agents ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/addagent'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/util'
cp -pr syscheck_update clear_stats list_agents syscheck_control rootcheck_control agent_control verify-agent-conf ossec-regex ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/util'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/rootcheck'
make[1]: Nothing to be done for `build'.
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/rootcheck'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/syscheckd'
cp -pr ossec-syscheckd ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/syscheckd'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/monitord'
cp -pr ossec-monitord ../../bin
cp -pr ossec-reportd ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/monitord'
make[1]: Entering directory `/root/initial_install/ossec-hids-2.7.1/src/os_auth'
cp -pr ossec-authd ../../bin
cp -pr agent-auth ossec-authd ../../bin
make[1]: Leaving directory `/root/initial_install/ossec-hids-2.7.1/src/os_auth'
Killing ossec-monitord .. 
Killing ossec-logcollector .. 
Killing ossec-syscheckd .. 
Killing ossec-analysisd .. 
Killing ossec-maild .. 
Killing ossec-execd .. 
OSSEC HIDS v2.7.1 Stopped
Starting OSSEC HIDS v2.7.1 (by Trend Micro Inc.)...
Started ossec-maild...
Started ossec-execd...
Started ossec-analysisd...
Started ossec-logcollector...
Started ossec-syscheckd...
Started ossec-monitord...
Completed.

 - Configuration finished properly.

 - To start OSSEC HIDS:
        /var/ossec/bin/ossec-control start

 - To stop OSSEC HIDS:
        /var/ossec/bin/ossec-control stop

 - The configuration can be viewed or modified at /var/ossec/etc/ossec.conf


    Thanks for using the OSSEC HIDS.
    If you have any question, suggestion or if you find any bug,
    contact us at contact@ossec.net or using our public maillist at
    ossec-list@ossec.net
    ( http://www.ossec.net/main/support/ ).

    More information can be found at http://www.ossec.net

    ---  Press ENTER to finish (maybe more information below). ---


 - Update completed.

root@domain:~/initial_install/ossec-hids-2.7.1# /var/ossec/bin/ossec-agentd -V

OSSEC HIDS v2.7 - Trend Micro Inc.

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License (version 2) as 
published by the Free Software Foundation. For more details, go to 
http://www.ossec.net/main/license/