latest stable 2.8.3 neither openbsd_initify from your repository compiles.
ldconfig -r | fgrep inotify
linotify.2.0 => /usr/local/lib/inotify/libinotify.so.2.0
Thank you
If you need anything else let me know
2016-09-30 17:25 GMT-03:00 dan (ddp) <ddp...@gmail.com>:
> On Sep 30, 2016 3:44 PM, "R0me0 ***" <knight....@gmail.com> wrote:
> >
> > Dan I haved cloned openbsd_inotify
> >
> > and isnt compile
> >
> > + -I/usr/local/include/inotify
> >
> >
> >
> >
> > ifeq (${uname_S},OpenBSD)
> > # DEFINES+=-DOpenBSD
> > DEFINES+=-pthread
> > LUA_PLAT=posix
> > CFLAGS+=-I/usr/local/include
> -I/usr/local/include/inotify
> > OSSEC_LDFLAGS+=-L/usr/local/lib
> >
> >
> >
> >
> >
> > shared.a(validate_op.o): In function `OS_IsValidIP':
> > validate_op.c:(.text+0xa9b): warning: warning: strcpy() is almost always
> misused, please use strlcpy()
> > shared.a(hash_op.o): In function `OSHash_setSize':
> > hash_op.c:(.text+0x366): warning: warning: random() may return
> deterministic values, is that what you want?
> > syscheckd/run_realtime.o: In function `realtime_start':
> > run_realtime.c:(.text+0x5e): undefined reference to `inotify_init'
> > syscheckd/run_realtime.o: In function `realtime_adddir':
> > run_realtime.c:(.text+0x131): undefined reference to `inotify_add_watch'
> > collect2: ld returned 1 exit status
> > gmake: *** [Makefile:975: ossec-syscheckd] Error 1
> >
> > Error 0x5.
> > Building error. Unable to finish the installation.
> >
> >
> >
> > same error from OSSEC 2.9 RC3
> >
> >
> > From OpenBSD 6.0 AMD64 Pkg's -> /var/db/pkg/libinotify-20160503
> >
> >
>
> Make aure libinotify ahows up when you `ldconfig -r`
>
> Other than that, I'll have to take a closer look later
>
> >
> >
> >
> >
> >
> >
> >
> > 2016-09-30 15:52 GMT-03:00 R0me0 *** <knight....@gmail.com>:
> >>
> >> I am using 2.8.3 version and is a little bit different. Anyway I have
> made all changes in sources files without success.
> >>
> >> Another very interesting point is:
> >>
> >> report_changes=yes
> >>
> >> isnt reporting the diff's just sum changes.
> >>
> >> Thank you guys ! really really appreciated your help !
> >>
> >> :)
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> 2016-09-30 13:13 GMT-03:00 dan (ddp) <ddp...@gmail.com>:
> >>>
> >>> On Fri, Sep 30, 2016 at 11:07 AM, R0me0 *** <knight....@gmail.com>
> wrote:
> >>> > Taking a better look within Makeall file the flag to compile is: cho
> >>> > "EEXTRA=-DUSEINOTIFY" >> Config.OS
> >>> >
> >>> > tmp/ossec-hids-2.8.3/src/syscheckd/run_realtime.c:172: undefined
> reference
> >>> > to `inotify_add_watch'
> >>> > collect2: ld returned 1 exit status
> >>> > *** Error 1 in syscheckd (Makefile:15 'syscheck')
> >>> >
> >>>
> >>> I'm using MASTER from github, but here are the changes I made to get
> >>> it to compile:
> >>> https://github.com/ddpbsd/ossec-hids/commits/openbsd_inotify
> >>>
> >>>
> >>> >
> >>> >
> >>> > 2016-09-30 11:46 GMT-03:00 dan (ddp) <ddp...@gmail.com>:
> >>> >>
> >>> >> On Fri, Sep 30, 2016 at 9:49 AM, R0me0 *** <knight....@gmail.com>
> wrote:
> >>> >> > @dann I already set CFLAGS including include directory of
> inotify.h
> >>> >> > without
> >>> >> > success
> >>> >> >
> >>> >>
> >>> >> I've gotten it to compile and not give me errors, but I also don't
> see
> >>> >> any realtime alerts.
> >>> >> I'll have to find a simple inotify testing program or something to
> see
> >>> >> if it even works.
> >>> >>
> >>> >> > @Victor without success
> >>> >> >
> >>> >> > :(
> >>> >> >
> >>> >> > I'll keep researching
> >>> >> >
> >>> >> > Thank you guys
> >>> >> >
> >>> >> >
> >>> >> > 2016-09-30 8:12 GMT-03:00 Victor Fernandez <vic...@wazuh.com>:
> >>> >> >>
> >>> >> >> Hello,
> >>> >> >>
> >>> >> >> I've never done this on OpenBSD, but try to force the inotify
> support
> >>> >> >> with
> >>> >> >> Make:
> >>> >> >>
> >>> >> >> cd src
> >>> >> >> make TARGET=agent USE_INOTIFY=yes
> >>> >> >>
> >>> >> >> Hope it helps.
> >>> >> >> Regards.
> >>> >> >>
> >>> >> >>
> >>> >> >> On Friday, September 30, 2016 at 12:38:30 AM UTC+2, dan (ddpbsd)
> wrote:
> >>> >> >>>
> >>> >> >>> On Sep 29, 2016 4:10 PM, "R0me0 ***" <knigh...@gmail.com>
> wrote:
> >>> >> >>> >
> >>> >> >>> > Hello guys.
> >>> >> >>> >
> >>> >> >>> > I'm trying to use real monitoring.
> >>> >> >>> >
> >>> >> >>> > I have installed inotify-tools from OpenBSD packages
> >>> >> >>> >
> >>> >> >>> > Initially I guess something related with run_realtime.c and I
> point
> >>> >> >>> > inotify.h path.
> >>> >> >>> >
> >>> >> >>> > But I still without be able to use Real monitoring with the
> follow
> >>> >> >>> > error in ossec.conf
> >>> >> >>> >
> >>> >> >>> > ( OpenBSD - OSSEC AGENT )
> >>> >> >>> >
> >>> >> >>> > ossec-syscheckd: WARN: Ignoring flag for real time monitoring
> on
> >>> >> >>> > directory: '/etc/pf'.
> >>> >> >>> >
> >>> >> >>> > Anyone has this setup working ? Any directions will be really
> >>> >> >>> > appreciated
> >>> >> >>> >
> >>> >> >>> > Thanks in advance,
> >>> >> >>> >
> >>> >> >>>
> >>> >> >>> I spent some time messing with it awhile back, but never got it
> >>> >> >>> working.
> >>> >> >>> There are some Makefile changes you have to make, as well as
> possible
> >>> >> >>> src
> >>> >> >>> changes.
> >>> >> >>>
> >>> >> >>> >
> >>> >> >>> >
> >>> >> >>> >
> >>> >> >>> > --
> >>> >> >>> >
> >>> >> >>> > ---
> >>> >> >>> > You received this message because you are subscribed to the
> Google
> >>> >> >>> > Groups "ossec-list" group.
> >>> >> >>> > To unsubscribe from this group and stop receiving emails from
> it,
> >>> >> >>> > send
> >>> >> >>> > an email to ossec-list+...@googlegroups.com.
> >>> >> >>> > For more options, visit https://groups.google.com/d/optout.
> >>> >> >>
> >>> >> >> --
> >>> >> >>
> >>> >> >> ---
> >>> >> >> You received this message because you are subscribed to the
> Google
> >>> >> >> Groups
> >>> >> >> "ossec-list" group.
> >>> >> >> To unsubscribe from this group and stop receiving emails from
> it, send
> >>> >> >> an
> >>> >> >> email to ossec-list+unsubscr...@googlegroups.com.
> >>> >> >> For more options, visit https://groups.google.com/d/optout.
> >>> >> >
> >>> >> >
> >>> >> > --
> >>> >> >
> >>> >> > ---
> >>> >> > You received this message because you are subscribed to the Google
> >>> >> > Groups
> >>> >> > "ossec-list" group.
> >>> >> > To unsubscribe from this group and stop receiving emails from it,
> send
> >>> >> > an
> >>> >> > email to ossec-list+unsubscr...@googlegroups.com.
> >>> >> > For more options, visit https://groups.google.com/d/optout.
> >>> >>
> >>> >> --
> >>> >>
> >>> >> ---
> >>> >> You received this message because you are subscribed to the Google
> Groups
> >>> >> "ossec-list" group.
> >>> >> To unsubscribe from this group and stop receiving emails from it,
> send an
> >>> >> email to ossec-list+unsubscr...@googlegroups.com.
> >>> >> For more options, visit https://groups.google.com/d/optout.
> >>> >
> >>> >
> >>> > --
> >>> >
> >>> > ---
> >>> > You received this message because you are subscribed to the Google
> Groups
> >>> > "ossec-list" group.
> >>> > To unsubscribe from this group and stop receiving emails from it,
> send an
> >>> > email to ossec-list+unsubscr...@googlegroups.com.
> >>> > For more options, visit https://groups.google.com/d/optout.
> >>>
> >>> --
> >>>
> >>> ---
> >>> You received this message because you are subscribed to the Google
> Groups "ossec-list" group.
> >>> To unsubscribe from this group and stop receiving emails from it, send
> an email to ossec-list+unsubscr...@googlegroups.com.
> >>> For more options, visit https://groups.google.com/d/optout.
> >>
> >>
> >
> > --
> >
> > ---
> > You received this message because you are subscribed to the Google
> Groups "ossec-list" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to ossec-list+unsubscr...@googlegroups.com.
> > For more options, visit https://groups.google.com/d/optout.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
