dataking
dataking
I don't know that _copying_ `jail.conf` to `jail.local` is the ideal recommendation. IIUC, settings in `jail.local` override settings in `jail.conf`. So one could merely put your customizations in `jail.local` and...
> Yes, but it's working as intended. Test before enabling. > > For example: > > https://linux-audit.com/increase-kernel-integrity-with-disabled-linux-kernel-modules-loading/: "Depending on your environment, you might be careful with using this option. It...
Tried ``` export PCRE2_SYSTEM=yes sudo ./install.sh ``` Still no joy. Did I miss something? untarring the tarball from the link in the first post to `.../src/external` works.
> @d4t4king Was there any output that might help track down the issue? > What OS/distro are you trying this on? > Were the PCRE2 packages installed? Are there dev/devel...
OK, a little more details. This is on Ubuntu 18.04. I removed the local git repo and recloned from github. `cd` into the local directory and ran `sudo ./install.sh`. ossec-hids...
> @d4t4king It looks like you're not using `PCRE2_SYSTEM=y` (and have the appropriate package installed), and you didn't download the pcre2 source. > > ``` > wget https://ftp.pcre.org/pub/pcre/pcre2-10.32.tar.gz > tar...
OK had a little time to poke at this. ``` # cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=18.04 DISTRIB_CODENAME=bionic DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS" ``` ``` # dpkg --get-selections | grep pcre libpcre2-16-0:amd64 install libpcre2-32-0:amd64...
> You may need to install libpcre3-dev as well. libpcre3-dev is the "old" (as in NOT PCRE2) PCRE library. It's a little counter-intuitive. I'll give it a try.
ok, it worked with the legacy pcre library (libpcre3-dev) installed, but then failed zlib. installing the zlib -dev library fixed that and it installed fine. So maybe PCRE2_SYSTEM should be...
> ddp@u18:~/src/ossec-hids/src$ PCRE2_SYSTEM=y make TARGET=local > blah blah blah > Done building local > ``` > Do I need to install a full system to reproduce this? I see you...