Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Syscheck warning on missing directory specified in ossec agent configuration #2960

Closed
emkll opened this issue Feb 2, 2018 · 0 comments
Closed

Syscheck warning on missing directory specified in ossec agent configuration #2960

emkll opened this issue Feb 2, 2018 · 0 comments
Labels
bug OSSEC
Milestone
0.6

Comments

@emkll
Copy link
Contributor

emkll commented Feb 2, 2018

Bug

Description

As of release 0.5.2, ossec logs contain a large number of the following warning message:

2018/02/02 14:12:46 ossec-syscheckd: WARN: Error opening directory: '/var/lib/tor/services/hostname': No such file or directory

Steps to Reproduce

  • ssh into mon
  • cat /var/ossec/logs/ossec.log
  • observe a large amount of the following warning message:
2018/02/02 14:12:46 ossec-syscheckd: WARN: Error opening directory: '/var/lib/tor/services/hostname': No such file or directory

Expected Behavior

Warning should not appear in ossec logs, ossec configuration should specify files/folder that exist.

Actual Behavior

Warning appears in ossec logs, ossec configuration does not contain files/folders that exist.

Comments

https://github.com/freedomofpress/securedrop/blob/develop/install_files/securedrop-ossec-agent/var/ossec/etc/ossec.conf#L16 specifies the path, which has likely been removed as of tor 0.3.2.*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug OSSEC
Projects
None yet
Milestone
0.6
Development

No branches or pull requests
2 participants
@redshiftzero @emkll