Hello,
I finally managed to get my ossec server running.
The last thing left is to get the ossec webui working.
At the moment when I got to my ossec URL, I get the folowing:
Here is my setup:
ossec server is in Host_ip: 192.168.1.185
ossec agent and webui is in Jail_ip: 192.168.1.125
As ossec webui reads data from server's /usr/local/ossec-hids directory on the host, I have to mounted it into my jail.
I then changed the mountpoint ownership to www using
All the webui file are in /www/mydomain_com/ossec/ossec-wui-0.8 directory on the jail
I set
On the FreeBSD jail and the FreeBSD host I also added the ossec user to the www group
On the jail I also changed the /www/mydomain_com/ossec/ossec-wui-0.8/ossec_conf.php so that it uses the mount point:
I know that the error that I get is due to permission issue but I must be missing something here.
Here is the error in the web server log
Could someone help me spot the problem?
I don't know if this is relevant but I use /www/hiawatha web server
I finally managed to get my ossec server running.
The last thing left is to get the ossec webui working.
At the moment when I got to my ossec URL, I get the folowing:
Code:
Unable to access ossec directory.
ossec server is in Host_ip: 192.168.1.185
ossec agent and webui is in Jail_ip: 192.168.1.125
As ossec webui reads data from server's /usr/local/ossec-hids directory on the host, I have to mounted it into my jail.
mount_nullfs -o rw /usr/local/ossec-hids /jails/webjail/usr/local/ossec-hids/ossecServer
I then changed the mountpoint ownership to www using
chown www:www ossecServer
All the webui file are in /www/mydomain_com/ossec/ossec-wui-0.8 directory on the jail
I set
chown -R www:www ossec-wui-0.8
On the FreeBSD jail and the FreeBSD host I also added the ossec user to the www group
pw usermod ossec -G www
On the jail I also changed the /www/mydomain_com/ossec/ossec-wui-0.8/ossec_conf.php so that it uses the mount point:
Code:
/* Ossec directory */
$ossec_dir="/usr/local/ossec-hids/ossecServer";
cd /www/mydomain_com/ossec/ossec-wui-0.8
Code:
ls -la
total 298
drwxr-xr-x 8 www www 20 Dec 30 11:44 .
drwxr-x--- 3 www www 3 Dec 29 09:37 ..
-rw-r--r-- 1 www www 147 Nov 13 2013 .hg_archival.txt
-rw-r--r-- 1 www www 46 Nov 13 2013 .hgtags
-rw-r--r-- 1 www www 302 Dec 30 10:57 .htaccess
-rw-r----- 1 www www 43 Dec 29 11:51 .htpasswd
-rwxr-xr-x 1 www www 317 Nov 13 2013 CONTRIB
-rw-r--r-- 1 www www 35745 Nov 13 2013 LICENSE
-rw-r--r-- 1 www www 1422 Nov 13 2013 README
-rw-r--r-- 1 www www 923 Nov 13 2013 README.search
drwxr-xr-x 3 www www 5 Nov 13 2013 css
-rw-r--r-- 1 www www 218 Nov 13 2013 htaccess_def.txt
drwxr-xr-x 2 www www 10 Nov 13 2013 img
-rwxr-xr-x 1 www www 5177 Nov 13 2013 index.php
drwxr-xr-x 2 www www 7 Nov 13 2013 js
drwxr-xr-x 3 www www 14 Dec 29 10:04 lib
-rw-r--r-- 1 www www 484 Dec 30 10:59 ossec_conf.php
-rwxr-xr-x 1 www www 2237 Nov 13 2013 setup.sh
drwxr-xr-x 2 www www 12 Dec 29 10:04 site
drw-rw-rw- 2 www www 3 Dec 29 10:04 tmp
cd /usr/local/ossec-hids/ossecServer
Code:
ls -la
total 163
dr-xr-x--- 13 www www 13 Dec 30 09:10 .
dr-xr-x--- 11 root ossec 11 Dec 30 10:48 ..
dr-xr-x--- 2 root ossec 2 Oct 7 14:59 .ssh
dr-xr-x--- 3 root ossec 3 Oct 7 14:59 active-response
dr-xr-x--- 2 root ossec 14 Oct 7 14:59 agentless
dr-xr-x--- 2 root ossec 30 Nov 28 16:45 bin
dr-xr-x--- 3 root ossec 10 Dec 30 09:50 etc
drwxr-x--- 5 ossec ossec 7 Dec 19 23:09 logs
dr-xr-x--- 11 ossec ossec 11 Oct 7 14:59 queue
dr-xr-x--- 2 root ossec 63 Oct 7 14:59 rules
drwxr-x--- 5 ossec ossec 5 Oct 7 14:59 stats
drwxrwx--- 2 ossec www 2 Oct 7 14:59 tmp
dr-xr-x--- 3 root ossec 3 Dec 29 21:41 var
I know that the error that I get is due to permission issue but I must be missing something here.
Here is the error in the web server log
Code:
193.128.224.45|Tue 30 Dec 2014 12:07:10 +0000|/www/mydomain_com/ossec/ossec-wui-0.8/index.php|PHP message: PHP Warning: opendir(/usr/local/ossec-hids/ossecServer/): failed to open dir: Permission denied in /www/mydomain_com/ossec/ossec-wui-0.8/lib/os_lib_handle.php on line 94
I don't know if this is relevant but I use /www/hiawatha web server