I fix the error but now i'm getting "No agent available", how i can get
my local alert about my server ?
is it a permission problem ?
Le 01/12/2010 15:21, Jean-Paul Lesein a écrit :
Okay,
i see my log and i get this error
opendir(/var/ossec) [<a
href='function.opendir'>function.opendir</a>]: failed to open dir:
Operation not permitted in
/var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs/ossec-wui-0.3/lib/os_lib_handle.php
on line 94, referer:
http://monitoring.mydomain.com/ossec-wui-0.3/index.php?f=i
[<a href='function.opendir'>function.opendir</a>]: open_basedir
restriction in effect. File(/var/ossec) is not within the allowed
path(s):
(/var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs:/tmp) in
/var/www/vhosts/mydomain.com/subdomains/monitoring/httpdocs/ossec-wui-0.3/lib/os_lib_handle.php
on line 94, referer:
http://monitoring.mydomain.com/ossec-wui-0.3/index.php?f=i
Le 01/12/2010 15:10, dan (ddp) a écrit :
On Wed, Dec 1, 2010 at 9:01 AM, Jean-Paul
Lesein<jp.les...@ipo-sa.com> wrote:
Thanks for your answer my
SELinux status: disabled
Ossec group is ok : ossec:x:2523:apache
How i can verify apache isn't chrooted to another location ?
Make sure you add the apache user to the ossec group (and restart
apache).
Make sure SELinux isn't blocking the access. : my
Make sure apache isn't chrooted to another location.
I'm not sure of an easy way to check really. Is this a default Centos
apache? I don't think they chroot it.
Only other things that I can think of to check are the webserver and
system logs to see if there is a proper error to go with the one you
get in the wui.
Le 01/12/2010 14:55, dan (ddp) a écrit :
On Wed, Dec 1, 2010 at 8:48 AM, Jean-Paul Lesein<jp.les...@ipo-sa.com>
wrote:
Hi,
OSSEC is installed successfully
i try to use OSSEC webui on CentOS 5 with plesk but when i connect to
OSSEC
webui i get this error
"Unable to access ossec directory"
My safe_mode in "Off" and i fix the user who is apache on CentOS
dr-xr-x--- 3 root ossec 16 Oct 13 16:06 active-response
dr-xr-x--- 2 root ossec 4096 Dec 1 11:12 agentless
dr-xr-x--- 2 root ossec 4096 Dec 1 14:03 bin
dr-xr-x--- 4 root ossec 136 Dec 1 14:03 etc
drwxr-x--- 5 ossec ossec 92 Oct 13 16:06 logs
dr-xr-x--- 11 root ossec 127 Oct 13 16:06 queue
dr-xr-x--- 3 root ossec 4096 Dec 1 11:12 rules
drwxr-x--- 5 ossec ossec 61 Dec 1 11:13 stats
drwxrwx--- 2 root apache 6 Dec 1 11:12 tmp
dr-xr-x--- 3 root ossec 16 Dec 1 14:13 var
If someone can help me, i would be very happy
Make sure you add the apache user to the ossec group (and restart
apache).
Make sure SELinux isn't blocking the access.
Make sure apache isn't chrooted to another location.