I think this patch should fix the inotify problem.
Not sure how to work on the geoip stuff, I think OpenBSD dropped the
ports for the old library.
On Sun, Jan 31, 2021 at 12:11 PM Carlos Lopez <clo...@outlook.com> wrote:
>
> Hi all,
>
>
>
> I am trying to install Ossec 3.6.0 under an OpenBSD 6.8 hosts to act as an
> ossec-server, but the following errors appears:
>
>
>
> root@obsdtst:/tmp/ossec-hids-3.6.0/src# gmake TARGET=server PCRE2_SYSTEM=yes
> ZLIB_SYSTEM=yes USE_INOTIFY=yes USE_GEOIP=1
>
> …………………
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_regex/os_regex_execute.c -o
> os_regex/os_regex_execute.o
>
> os_regex/os_regex_execute.c:57:34: warning: comparison of integers of
> different signs: 'size_t' (aka 'unsigned long') and 'int' [-Wsign-compare]
>
> if (sub_string_start != -1) {
>
> ~~~~~~~~~~~~~~~~ ^ ~~
>
> 1 warning generated.
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_regex/os_regex_free_pattern.c -o
> os_regex/os_regex_free_pattern.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_regex/os_regex_free_substrings.c -o
> os_regex/os_regex_free_substrings.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_regex/os_regex_maps.c -o
> os_regex/os_regex_maps.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_regex/os_regex_match.c -o
> os_regex/os_regex_match.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_regex/os_regex_startswith.c -o
> os_regex/os_regex_startswith.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_regex/os_regex_str.c -o
> os_regex/os_regex_str.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_regex/os_regex_strbreak.c -o
> os_regex/os_regex_strbreak.o
>
> ar -crs os_regex.a os_regex/os_converter.o os_regex/os_match.o
> os_regex/os_match_compile.o os_regex/os_match_execute.o
> os_regex/os_match_free_pattern.o os_regex/os_pcre2.o
> os_regex/os_pcre2_compile.o os_regex/os_pcre2_execute.o
> os_regex/os_pcre2_free_pattern.o os_regex/os_pcre2_free_substrings.o
> os_regex/os_regex.o os_regex/os_regex_compile.o os_regex/os_regex_execute.o
> os_regex/os_regex_free_pattern.o os_regex/os_regex_free_substrings.o
> os_regex/os_regex_maps.o os_regex/os_regex_match.o
> os_regex/os_regex_startswith.o os_regex/os_regex_str.o
> os_regex/os_regex_strbreak.o
>
> ranlib os_regex.a
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_xml/os_xml.c -o os_xml/os_xml.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_xml/os_xml_access.c -o os_xml/os_xml_access.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_xml/os_xml_node_access.c -o
> os_xml/os_xml_node_access.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_xml/os_xml_variables.c -o
> os_xml/os_xml_variables.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ -c os_xml/os_xml_writer.c -o os_xml/os_xml_writer.o
>
> ar -crs os_xml.a os_xml/os_xml.o os_xml/os_xml_access.o
> os_xml/os_xml_node_access.o os_xml/os_xml_variables.o os_xml/os_xml_writer.o
>
> ranlib os_xml.a
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall
> -Wextra -I./ -I./headers/ os_maild/config.o os_maild/mail_list.o
> os_maild/maild.o os_maild/os_maild_client.o os_maild/sendcustomemail.o
> os_maild/sendmail.o os_dns/os_dns.o os_crypto.a config.a shared.a os_net.a
> os_regex.a os_xml.a -lm -L/usr/local/lib -lpcre2-8 -lGeoIP -lssl -lcrypto
> -lz -lutil -levent -o ossec-maild
>
> ld: error: unable to find library -lGeoIP
>
> cc: error: linker command failed with exit code 1 (use -v to see invocation)
>
>
>
> Due to this error I have tried a second time withput GEOIP support enabled:
>
>
>
> root@obsdtst:/tmp/ossec-hids-3.6.0/src# gmake TARGET=server PCRE2_SYSTEM=yes
> ZLIB_SYSTEM=yes USE_INOTIFY=yes
>
>
>
> …………………………………………
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -I./util -DARGV0=\"utils\" -c util/syscheck_control.c -o
> util/syscheck_control.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -I./external/cJSON/ util/syscheck_control.o addagent/validate.o
> os_crypto.a config.a shared.a os_net.a os_regex.a os_xml.a os_zlib.a
> libcJSON.a -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto -lz -o
> syscheck_control
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -I./util -DARGV0=\"utils\" -c util/rootcheck_control.c -o
> util/rootcheck_control.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -I./external/cJSON/ util/rootcheck_control.o
> addagent/validate.o os_crypto.a config.a shared.a os_net.a os_regex.a
> os_xml.a os_zlib.a libcJSON.a -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto
> -lz -o rootcheck_control
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -I./util -DARGV0=\"utils\" -c util/verify-agent-conf.c -o
> util/verify-agent-conf.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ util/verify-agent-conf.o os_crypto.a config.a shared.a os_net.a
> os_regex.a os_xml.a os_zlib.a -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto
> -lz -o verify-agent-conf
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -I./util -DARGV0=\"utils\" -c util/ossec-regex.c -o
> util/ossec-regex.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ util/ossec-regex.o os_crypto.a config.a shared.a os_net.a
> os_regex.a os_xml.a os_zlib.a -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto
> -lz -o ossec-regex
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -I./util -DARGV0=\"utils\" -c util/ossec-regex-convert.c -o
> util/ossec-regex-convert.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ util/ossec-regex-convert.o os_crypto.a config.a shared.a
> os_net.a os_regex.a os_xml.a os_zlib.a -lm -L/usr/local/lib -lpcre2-8 -lssl
> -lcrypto -lz -o ossec-regex-convert
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/config.c -o
> syscheckd/config.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/create_db.c -o
> syscheckd/create_db.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/run_check.c -o
> syscheckd/run_check.o
>
> cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS
> -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\"
> -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread
> -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./
> -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/run_realtime.c -o
> syscheckd/run_realtime.o
>
> syscheckd/run_realtime.c:23:10: fatal error: 'sys/inotify.h' file not found
>
> #include <sys/inotify.h>
>
> ^~~~~~~~~~~~~~~
>
> 1 error generated.
>
> gmake: *** [Makefile:1104: syscheckd/run_realtime.o] Error 1
>
>
>
> inotify.h file is installed in /usr/local/include/inotify/sys/inotify.h. The
> following packages are installed in this OpenBSD 6.8 host:
>
>
>
> bzip2-1.0.8 block-sorting file compressor, unencumbered
>
> geolite2-country-20191224p0 GeoIP2 GeoLite2 database: IPv4/v6 address to
> country
>
> gettext-runtime-0.21 GNU gettext runtime libraries and programs
>
> gmake-4.3 GNU make
>
> intel-firmware-20200616v0 microcode update binaries for Intel CPUs
>
> libiconv-1.16p0 character set conversion library
>
> libinotify-20170711p0 kevent based inotify
>
> libmagic-5.39 library to determine file type
>
> libmaxminddb-1.4.3 library for MaxMind GeoIP2/GeoLite2 IP geolocation
> databases
>
> pcre2-10.35 perl-compatible regular expression library, version 2
>
> quirks-3.440 exceptions to pkg_add rules
>
>
>
> And my LD_LIBRARY_PATH variable is:
>
> KSH_VERSION='@(#)PD KSH v5.2.14 99/07/13.2'
>
> LD_LIBRARY_PATH=/usr/lib:/usr/local/lib:/usr/local/lib/inotify
>
>
>
> Any idea or trick?
>
>
>
> Regards,
>
> C. L. Martinez
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ossec-list/7421B1DC-EA7E-413F-9740-4756F9B15ED7%40outlook.com.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ossec-list/CAMyQvMp3-04GssaO6gVKS6Q9xyxSrGxJjz3m4pMdZPUkrTSrHA%40mail.gmail.com.
