Re: [ossec-list] Get error when i try to use OSSEC webui on CentOS 5

Wed, 01 Dec 2010 07:41:42 -0800

I fix the error but now i'm getting "No agent available", how i can get my local alert about my server ? 
is it a permission problem ?

Le 01/12/2010 15:21, Jean-Paul Lesein a écrit :

Okay,
i see my log and i get this error
opendir(/var/ossec) [<a href='function.opendir'>function.opendir</a>]: failed to open dir: Operation not permitted in /var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs/ossec-wui-0.3/lib/os_lib_handle.php on line 94, referer: http://monitoring.mydomain.com/ossec-wui-0.3/index.php?f=i
[<a href='function.opendir'>function.opendir</a>]: open_basedir restriction in effect. File(/var/ossec) is not within the allowed path(s): (/var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs:/tmp) in /var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs/ossec-wui-0.3/lib/os_lib_handle.php on line 94, referer: http://monitoring.mydomain.com/ossec-wui-0.3/index.php?f=i 



Le 01/12/2010 15:10, dan (ddp) a écrit :
On Wed, Dec 1, 2010 at 9:01 AM, Jean-Paul Lesein<jp.les...@ipo-sa.com> wrote: 
Thanks for your answer my

SELinux status: disabled
Ossec group is ok : ossec:x:2523:apache

How i can verify apache isn't chrooted to another location ?
Make sure you add the apache user to the ossec group (and restart apache). 
Make sure SELinux isn't blocking the access. : my
Make sure apache isn't chrooted to another location.



I'm not sure of an easy way to check really. Is this a default Centos
apache? I don't think they chroot it.

Only other things that I can think of to check are the webserver and
system logs to see if there is a proper error to go with the one you
get in the wui.


Le 01/12/2010 14:55, dan (ddp) a écrit :

On Wed, Dec 1, 2010 at 8:48 AM, Jean-Paul Lesein<jp.les...@ipo-sa.com>
  wrote:

Hi,

OSSEC is installed successfully
i try to use OSSEC webui on CentOS 5 with plesk but when i connect to
OSSEC
webui i get this error

"Unable to access ossec directory"

My safe_mode in "Off" and i fix the user who is apache on CentOS

dr-xr-x---  3 root  ossec    16 Oct 13 16:06 active-response
dr-xr-x---  2 root  ossec  4096 Dec  1 11:12 agentless
dr-xr-x---  2 root  ossec  4096 Dec  1 14:03 bin
dr-xr-x---  4 root  ossec   136 Dec  1 14:03 etc
drwxr-x---  5 ossec ossec    92 Oct 13 16:06 logs
dr-xr-x--- 11 root  ossec   127 Oct 13 16:06 queue
dr-xr-x---  3 root  ossec  4096 Dec  1 11:12 rules
drwxr-x---  5 ossec ossec    61 Dec  1 11:13 stats
drwxrwx---  2 root  apache    6 Dec  1 11:12 tmp
dr-xr-x---  3 root  ossec    16 Dec  1 14:13 var

If someone can help me, i would be very happy
Make sure you add the apache user to the ossec group (and restart apache). 
Make sure SELinux isn't blocking the access.
Make sure apache isn't chrooted to another location.

Reply via email to