[Pkg-ossec-devel] [SCM] Git repository for pkg-ossec branch, debian, updated. f89fb2c00b1a2606035e5cd0e35b4ebe99f049ac

Javier Fernandez-Sanguino jfs at debian.org
Wed Aug 29 12:57:54 UTC 2012


The following commit has been merged in the debian branch:
commit dd5e6bebf66da1d35ad45a525ada0ac643125359
Author: Javier Fernandez-Sanguino <jfs at debian.org>
Date:   Wed Aug 29 14:51:59 2012 +0200

    Describe how to setup the chroot with the scripts provided by the Debian maintainers

diff --git a/debian/README.Debian b/debian/README.Debian
index 48624f4..5fab49f 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -17,12 +17,31 @@ OSSEC for Debian
   The Debian maintainers acknowledge that this control enhances system's
   security. The command line options introduced make it possible for users
   to enable this behaviour. In order to run OSSEC in a chroot environment 
-  the system administrator needs to first setup a chroot (manually or
-  using the 'makejail' program) for OSSEC and configure (in the ossec-init.conf
-  file) the location of the chroot directory.
+  the system administrator needs to first setup a chroot for OSSEC and
+  configure (in the ossec-init.conf file) the location of the chroot directory.
 
   To setup the chroot you can use /var/ossec as a basis, but remember to
   change the symbolic links with the actual files/directories they point to.
 
+  The Debian maintainers provide two scripts that can be used to create and
+  setup the chroot. These script are:
+
+    - /usr/lib/ossec/ossec-hids-create-chroot: Creates a chroot using the
+       contents distributed in the package, copying /var/ossec and replacing
+       symlinks with the actual files. By default it is created under
+       /var/chroot/ossec
+
+    - /usr/lib/ossec/ossec-hids-update-chroot: Updates a chroot using the
+       contents distributed in the package.
+
+  To setup the chroot using these scripts you need to
+
+    1.- Run /usr/lib/ossec/ossec-hids-create-chroot
+    2.- Edit /etc/ossec-init.conf and change DIRECTORY to /var/chroot/ossec
+ 
+  When the package is upgraded you have to run the /usr/lib/ossec/ossec-hids-update-chroot
+  manually to update the binaries in the chroot
+
+
 
  -- Javier Fernández-Sanguino <jfs at debian.org>  Sun, 26 Aug 2012 13:04:23 +0200

-- 
Git repository for pkg-ossec



More information about the Pkg-ossec-devel mailing list