On Fri, Mar 8, 2013 at 3:39 PM, hays <[email protected]> wrote: > > > Ok, part of the answer to that is that Apple deprecated gcc at 4.2 a few > years ago, if you go to Xcode, Preferences in the components tab, you can > download the command line tools and that will put gcc in: > /Applications/Xcode.app/Contents/Developer/usr/bin/gcc > > So I did that, then hacked the install.sh script to set CC to that path, ran > it again and got the same kind of error: > > *** Making os_crypto *** > > /Applications/Xcode.app/Contents/Developer/usr/bin/gcc -g -Wall -I../../ > -I../../headers -DDEFAULTDIR=\"/var/ossec\" -DCLIENT -DUSE_OPENSSL -DDarwin > -DHIGHFIRST -DARGV0=\"blowfish_op\" -DXML_VAR=\"var\" -DOSSECHIDS -c > bf_op.c bf_skey.c bf_enc.c > > ar cru bf_op.a bf_op.o bf_skey.o bf_enc.o > ranlib bf_op.a > /Applications/Xcode.app/Contents/Developer/usr/bin/gcc -g -Wall -I../../ > -I../../headers -DDEFAULTDIR=\"/var/ossec\" -DCLIENT -DUSE_OPENSSL -DDarwin > -DHIGHFIRST -DARGV0=\"md5_op\" -DXML_VAR=\"var\" -DOSSECHIDS -c md5.c > md5_op.c > > ar cru md5_op.a md5_op.o md5.o > ranlib md5_op.a > /Applications/Xcode.app/Contents/Developer/usr/bin/gcc -g -Wall -I../../ > -I../../headers -DDEFAULTDIR=\"/var/ossec\" -DCLIENT -DUSE_OPENSSL -DDarwin > -DHIGHFIRST -DARGV0=\"sha1_op\" -DXML_VAR=\"var\" -DOSSECHIDS -c > sha1_op.c > > In file included from sha1_op.c:28: > sha_locl.h: In function ‘sha1_block_host_order’: > sha_locl.h:262: error: unsupported inline asm: input constraint with a > matching output constraint of incompatible type! > ... > > sha_locl.h:346: error: unsupported inline asm: input constraint with a > matching output constraint of incompatible type! > sha_locl.h:346: error: unsupported inline asm: input constraint with a > matching output constraint of incompatible type! > make[2]: *** [sha1] Error 1 > make[1]: *** [os_crypto] Error 2 > > Error Making os_crypto > make: *** [all] Error 1 > > Error 0x5. > Building error. Unable to finish the installation. > > Thinking that perhaps 4.2 is too old, I next installed mac ports and used
4.2 definitely works. I generally compile OSSEC with 4.2, just not on OS X. > that to install GNU gcc 4.7, following this guide: > http://www.ficksworkshop.com/blog/14-coding/65-installing-gcc-on-mac > > The line: > sudo port select --set gcc mp-gcc47 > > removed /bin/gcc and now /opt/local/bin/gcc is in the path. > > (sudo port select --set gcc llvm-gcc42) restores it so that's not bad > really). > > Replaced the hack line (in the checkDependencies section, after the which cc > bits) with > > CC="/opt/local/bin/gcc" > > That let it build, so the basic problem seems to be the gcc version from > Apple is just too old. > > But when I try to start it I get this: > root:~/Downloads/ossec-hids-2.7$ /var/ossec/bin/ossec-control start > Starting OSSEC HIDS v2.7 (by Trend Micro Inc.)... > 2013/03/08 15:32:37 ossec-execd(1203): ERROR: Invalid user '' or group > 'ossec' given. > > I checked /etc/passwd, no ossec user. I've got a script to create arbitrary > users, I'll see if I can get past that issue next week. I'll also rough out > a patch for osx to go into the install.sh file. Should I keep this issue > here or take it to the developer's maillist? > dev is usually easier (IMO), but here is fine too. I'm definitely interested in what is failing WRT creating users. I feel like that was updated not too long ago. > Thanks for the help, the program's rather nice for linux/windows, but I want > to avoid using syslog for the macs if I can, > bil > > > > > -- > _______________________ > bil hays > Infrastructure Manager > Computer Science, UNC CH > www.cs.unc.edu/~hays > > -- > > --- You received this message because you are subscribed to the Google > Groups "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
