Menu
▾
▴
[Os-sim-support] OSSIM OCS problem with VServer
|
From: John A. S. I. <jsu...@op...> - 2009-01-13 23:23:20
|
We are brand new to OSSIM and happily working through our first test
installation. We encountered a problem early on with OCS running on
VServer guests. Normally one wouldn't run OCS on a VServer guest as it
would simply inventory the same hardware as the VServer host. However,
in the case of OSSIM, it appears to make sense as we can use the
software inventory to correlate against attacks and vulnerability scans.
The problem is the inventory routine checks for read access to /dev/mem
and, if it cannot read /dev/mem, it fails. A VServer mail list thread
suggested the check is simply to ensure the user has root privileges and
the solution was to comment out the check. Perhaps I am ignorant but I
think I would rather still check for proper privileges rather than have
the routine inexplicably fail.
What I did instead was to edit ocsinventory-client.pl by changing
unless(-r "/dev/mem"){
die localtime()." => You don't have enough rights to
run this program\n";
}
to
unless(-w "/root"){
die localtime()." => You don't have enough rights to
run this program\n";
}
I would certainly prefer that someone who knows more about OCS take a
look at this to know if this is a wise approach.
Now I need to figure out how to embed this change in OSSIM. I'm
guessing I need to make a copy of the Linux client source, edit it, tar
it and add it to the downloads web page within OSSIM. It looks like the
source is in /home/ossim/dist/OCSNG_LINUX_AGENT_1.01/Ocsinventory but
the ocsinventory-client.pl script appears three times in that
subdirectory - directly in it, in blib/scripts, and in
blib/lib/Ocsinventory and the are not links. Do I change it in all
three?
Once I have the tar file, what is the best way to embed it in the
download web page so it is not overwritten by the next OSSIM
update/upgrade?
Thanks - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsu...@op...
http://www.spiritualoutreach.com
Making Christianity intelligible to secular society
|
