I think this patch should fix the inotify problem. Not sure how to work on the geoip stuff, I think OpenBSD dropped the ports for the old library.
On Sun, Jan 31, 2021 at 12:11 PM Carlos Lopez <clo...@outlook.com> wrote: > > Hi all, > > > > I am trying to install Ossec 3.6.0 under an OpenBSD 6.8 hosts to act as an > ossec-server, but the following errors appears: > > > > root@obsdtst:/tmp/ossec-hids-3.6.0/src# gmake TARGET=server PCRE2_SYSTEM=yes > ZLIB_SYSTEM=yes USE_INOTIFY=yes USE_GEOIP=1 > > ………………… > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_regex/os_regex_execute.c -o > os_regex/os_regex_execute.o > > os_regex/os_regex_execute.c:57:34: warning: comparison of integers of > different signs: 'size_t' (aka 'unsigned long') and 'int' [-Wsign-compare] > > if (sub_string_start != -1) { > > ~~~~~~~~~~~~~~~~ ^ ~~ > > 1 warning generated. > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_regex/os_regex_free_pattern.c -o > os_regex/os_regex_free_pattern.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_regex/os_regex_free_substrings.c -o > os_regex/os_regex_free_substrings.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_regex/os_regex_maps.c -o > os_regex/os_regex_maps.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_regex/os_regex_match.c -o > os_regex/os_regex_match.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_regex/os_regex_startswith.c -o > os_regex/os_regex_startswith.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_regex/os_regex_str.c -o > os_regex/os_regex_str.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_regex/os_regex_strbreak.c -o > os_regex/os_regex_strbreak.o > > ar -crs os_regex.a os_regex/os_converter.o os_regex/os_match.o > os_regex/os_match_compile.o os_regex/os_match_execute.o > os_regex/os_match_free_pattern.o os_regex/os_pcre2.o > os_regex/os_pcre2_compile.o os_regex/os_pcre2_execute.o > os_regex/os_pcre2_free_pattern.o os_regex/os_pcre2_free_substrings.o > os_regex/os_regex.o os_regex/os_regex_compile.o os_regex/os_regex_execute.o > os_regex/os_regex_free_pattern.o os_regex/os_regex_free_substrings.o > os_regex/os_regex_maps.o os_regex/os_regex_match.o > os_regex/os_regex_startswith.o os_regex/os_regex_str.o > os_regex/os_regex_strbreak.o > > ranlib os_regex.a > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_xml/os_xml.c -o os_xml/os_xml.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_xml/os_xml_access.c -o os_xml/os_xml_access.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_xml/os_xml_node_access.c -o > os_xml/os_xml_node_access.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_xml/os_xml_variables.c -o > os_xml/os_xml_variables.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ -c os_xml/os_xml_writer.c -o os_xml/os_xml_writer.o > > ar -crs os_xml.a os_xml/os_xml.o os_xml/os_xml_access.o > os_xml/os_xml_node_access.o os_xml/os_xml_variables.o os_xml/os_xml_writer.o > > ranlib os_xml.a > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBGEOIP_ENABLED -DLIBOPENSSL_ENABLED -Wall > -Wextra -I./ -I./headers/ os_maild/config.o os_maild/mail_list.o > os_maild/maild.o os_maild/os_maild_client.o os_maild/sendcustomemail.o > os_maild/sendmail.o os_dns/os_dns.o os_crypto.a config.a shared.a os_net.a > os_regex.a os_xml.a -lm -L/usr/local/lib -lpcre2-8 -lGeoIP -lssl -lcrypto > -lz -lutil -levent -o ossec-maild > > ld: error: unable to find library -lGeoIP > > cc: error: linker command failed with exit code 1 (use -v to see invocation) > > > > Due to this error I have tried a second time withput GEOIP support enabled: > > > > root@obsdtst:/tmp/ossec-hids-3.6.0/src# gmake TARGET=server PCRE2_SYSTEM=yes > ZLIB_SYSTEM=yes USE_INOTIFY=yes > > > > ………………………………………… > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -I./util -DARGV0=\"utils\" -c util/syscheck_control.c -o > util/syscheck_control.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -I./external/cJSON/ util/syscheck_control.o addagent/validate.o > os_crypto.a config.a shared.a os_net.a os_regex.a os_xml.a os_zlib.a > libcJSON.a -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto -lz -o > syscheck_control > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -I./util -DARGV0=\"utils\" -c util/rootcheck_control.c -o > util/rootcheck_control.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -I./external/cJSON/ util/rootcheck_control.o > addagent/validate.o os_crypto.a config.a shared.a os_net.a os_regex.a > os_xml.a os_zlib.a libcJSON.a -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto > -lz -o rootcheck_control > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -I./util -DARGV0=\"utils\" -c util/verify-agent-conf.c -o > util/verify-agent-conf.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ util/verify-agent-conf.o os_crypto.a config.a shared.a os_net.a > os_regex.a os_xml.a os_zlib.a -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto > -lz -o verify-agent-conf > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -I./util -DARGV0=\"utils\" -c util/ossec-regex.c -o > util/ossec-regex.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ util/ossec-regex.o os_crypto.a config.a shared.a os_net.a > os_regex.a os_xml.a os_zlib.a -lm -L/usr/local/lib -lpcre2-8 -lssl -lcrypto > -lz -o ossec-regex > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -I./util -DARGV0=\"utils\" -c util/ossec-regex-convert.c -o > util/ossec-regex-convert.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ util/ossec-regex-convert.o os_crypto.a config.a shared.a > os_net.a os_regex.a os_xml.a os_zlib.a -lm -L/usr/local/lib -lpcre2-8 -lssl > -lcrypto -lz -o ossec-regex-convert > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/config.c -o > syscheckd/config.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/create_db.c -o > syscheckd/create_db.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/run_check.c -o > syscheckd/run_check.o > > cc -I/usr/local/include -DMAX_AGENTS=2048 -DOSSECHIDS > -DDEFAULTDIR=\"/var/ossec\" -DUSER=\"ossec\" -DREMUSER=\"ossecr\" > -DGROUPGLOBAL=\"ossec\" -DMAILUSER=\"ossecm\" -DOpenBSD -pthread > -DZLIB_SYSTEM -DINOTIFY_ENABLED -DLIBOPENSSL_ENABLED -Wall -Wextra -I./ > -I./headers/ -DARGV0=\"ossec-syscheckd\" -c syscheckd/run_realtime.c -o > syscheckd/run_realtime.o > > syscheckd/run_realtime.c:23:10: fatal error: 'sys/inotify.h' file not found > > #include <sys/inotify.h> > > ^~~~~~~~~~~~~~~ > > 1 error generated. > > gmake: *** [Makefile:1104: syscheckd/run_realtime.o] Error 1 > > > > inotify.h file is installed in /usr/local/include/inotify/sys/inotify.h. The > following packages are installed in this OpenBSD 6.8 host: > > > > bzip2-1.0.8 block-sorting file compressor, unencumbered > > geolite2-country-20191224p0 GeoIP2 GeoLite2 database: IPv4/v6 address to > country > > gettext-runtime-0.21 GNU gettext runtime libraries and programs > > gmake-4.3 GNU make > > intel-firmware-20200616v0 microcode update binaries for Intel CPUs > > libiconv-1.16p0 character set conversion library > > libinotify-20170711p0 kevent based inotify > > libmagic-5.39 library to determine file type > > libmaxminddb-1.4.3 library for MaxMind GeoIP2/GeoLite2 IP geolocation > databases > > pcre2-10.35 perl-compatible regular expression library, version 2 > > quirks-3.440 exceptions to pkg_add rules > > > > And my LD_LIBRARY_PATH variable is: > > KSH_VERSION='@(#)PD KSH v5.2.14 99/07/13.2' > > LD_LIBRARY_PATH=/usr/lib:/usr/local/lib:/usr/local/lib/inotify > > > > Any idea or trick? > > > > Regards, > > C. L. Martinez > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ossec-list/7421B1DC-EA7E-413F-9740-4756F9B15ED7%40outlook.com. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/CAMyQvMp3-04GssaO6gVKS6Q9xyxSrGxJjz3m4pMdZPUkrTSrHA%40mail.gmail.com.