diff options
-rw-r--r-- | system/ossec-server/README | 2 | ||||
-rw-r--r-- | system/ossec-server/README.SLACKWARE | 8 | ||||
-rw-r--r-- | system/ossec-server/ossec-server.SlackBuild | 6 |
3 files changed, 13 insertions, 3 deletions
diff --git a/system/ossec-server/README b/system/ossec-server/README index 955a80fcad5af..f9733320313b6 100644 --- a/system/ossec-server/README +++ b/system/ossec-server/README @@ -1,3 +1,5 @@ OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. + +See README.SLACKWARE for installation instructions. diff --git a/system/ossec-server/README.SLACKWARE b/system/ossec-server/README.SLACKWARE index e07808bfc66d9..14aba4be39bcd 100644 --- a/system/ossec-server/README.SLACKWARE +++ b/system/ossec-server/README.SLACKWARE @@ -1,3 +1,11 @@ +These users and group need to be added: + + groupadd -g 333 ossec + useradd -u 333 -g 333 -d /var/ossec -s /bin/false ossec + useradd -u 334 -g 333 -d /var/ossec -s /bin/false ossecm + useradd -u 335 -g 333 -d /var/ossec -s /bin/false ossecr + + You may wish to add these lines to /etc/rc.d/rc.local to start the service: if [ -x /etc/rc.d/rc.ossec ]; then diff --git a/system/ossec-server/ossec-server.SlackBuild b/system/ossec-server/ossec-server.SlackBuild index 84fb6e79137fb..d2a554b447a45 100644 --- a/system/ossec-server/ossec-server.SlackBuild +++ b/system/ossec-server/ossec-server.SlackBuild @@ -62,7 +62,7 @@ USERID_REMOTE=${USERID_REMOTE:-335} GROUPID=${GROUPID:-333} if ! grep ^ossec: /etc/group 2>&1 > /dev/null \ -|| ! grep -E '^(ossec|ossecm|ossecr):' /etc/passwd 2>&1 > /dev/null; then + || ! grep -E '^(ossec|ossecm|ossecr):' /etc/passwd 2>&1 > /dev/null; then echo -e "\n You must have ossec users and a group to run this script\n" fi @@ -86,9 +86,9 @@ if ! grep ^ossecr: /etc/passwd 2>&1 > /dev/null; then fi if ! grep ^ossec: /etc/group 2>&1 > /dev/null \ -|| ! grep -E '^(ossec|ossecm|ossecr):' /etc/passwd 2>&1 > /dev/null; then + || ! grep -E '^(ossec|ossecm|ossecr):' /etc/passwd 2>&1 > /dev/null; then echo - exit + exit 1 fi set -e |