From osiris-devel at lemmin.gs Sun Apr 4 08:14:05 2004 From: osiris-devel at lemmin.gs (osiris-devel at lemmin.gs) Date: Sun, 4 Apr 2004 22:14:05 +1000 Subject: [osiris-devel] osiris-4.0 beta released In-Reply-To: <79BF5577-8316-11D8-B33C-000393578C14@shmoo.com> References: <79BF5577-8316-11D8-B33C-000393578C14@shmoo.com> Message-ID: <20040404121405.GB25573@digger.lemmin.gs> Hi, Attached are 2 new initscripts for Red Hat/Fedora based systems. Please place in src/install/linux. emmanuel -------------- next part -------------- #!/bin/bash # # osirisd Osiris scan agent. # # chkconfig: 345 99 99 # description: Osiris integrity monitoring system scan agent. # processname: osirisd # Source function library. . /etc/rc.d/init.d/functions if [ -f /etc/sysconfig/osirisd ]; then . /etc/sysconfig/osirisd fi prog=osirisd osirisd="@INSTALLDIR@/osirisd" RETVAL=0 start() { echo -n $"Starting $prog: " daemon $osirisd -r @OSIRISDIR@ $OPTIONS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/osirisd return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc $osirisd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f /var/lock/subsys/osirisd } restart() { stop # XXX FIXME dodgy avoid race. sleep 3 start } # See how we were called. case "$1" in start) start ;; stop) stop ;; restart) stop start ;; reload) echo -n $"Reloading $prog:" killproc osirisd -HUP RETVAL=$? ;; condrestart) if [ -f /var/lock/subsys/osirisd ] ; then restart fi ;; status) status $osirisd RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}" RETVAL=1 esac exit $RETVAL -------------- next part -------------- #!/bin/bash # # osirismd Osiris management daemon # # chkconfig: 345 98 98 # description: Osiris integrity monitoring system management daemon # processname: osirismd # Source function library. . /etc/rc.d/init.d/functions if [ -f /etc/sysconfig/osirismd ]; then . /etc/sysconfig/osirismd fi prog=osirismd osirismd="@INSTALLDIR@/osirismd" RETVAL=0 start() { echo -n $"Starting $prog: " daemon $osirismd -r @OSIRISDIR@ $OPTIONS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/osirismd return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc $osirismd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f /var/lock/subsys/osirismd } restart() { stop # XXX FIXME dodgy avoid race. sleep 3 start } # See how we were called. case "$1" in start) start ;; stop) stop ;; restart) stop start ;; reload) echo -n $"Reloading $prog:" killproc osirismd -HUP RETVAL=$? ;; condrestart) if [ -f /var/lock/subsys/osirismd ] ; then restart fi ;; status) status $osirismd RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}" RETVAL=1 esac exit $RETVAL From osiris-devel at lemmin.gs Sun Apr 4 08:16:32 2004 From: osiris-devel at lemmin.gs (osiris-devel at lemmin.gs) Date: Sun, 4 Apr 2004 22:16:32 +1000 Subject: [osiris-devel] osiris 4.0 beta install script patch Message-ID: <20040404121631.GC25573@digger.lemmin.gs> Hello, Patch attached to make the installer script more friendly for packagers. emmanuel -------------- next part -------------- --- osiris-4.0.0-beta/src/install/install.sh.in.orig 2004-03-31 04:18:26.000000000 +1000 +++ osiris-4.0.0-beta/src/install/install.sh.in 2004-04-04 18:47:53.000000000 +1000 @@ -26,8 +26,11 @@ USER_EXISTS=0 INSTALL_OSIRISM=0 +INTERACTIVE=1 +PACKAGE_MODE=0 -INSTALL_DIR="@prefix@/sbin" +SBIN_DIR="@prefix@/sbin" +INSTALL_DIR="${DESTDIR}${SBIN_DIR}" OSIRIS_DIR="@with_root_dir@" # --------------------------------------------------------------------------- @@ -36,6 +39,11 @@ create_user_and_group() { + if [ ${PACKAGE_MODE} -eq 1 ]; then + echo "==> Skipping user/group creation." + return + fi + case `uname -s` in Linux|OpenBSD) @@ -211,6 +219,11 @@ set_permissions() { + if [ ${PACKAGE_MODE} -eq 1 ]; then + echo "==> Skipping permission setting." + return + fi + if [ `uname -s` = 'SunOS' ]; then ${CHOWN} ${USER} ${OSIRIS_DIR} ${CHGRP} ${GROUP} ${OSIRIS_DIR} @@ -271,7 +284,7 @@ Linux*) if [ "${DISTRO}" = "" ]; then if [ -e /proc/version ]; then - DISTRO=`cat /proc/version | grep -oi -e 'SuSE' -e 'Red Hat' -e 'Redhat' -e 'Debian'` + DISTRO=`cat /proc/version | grep -oi -e 'SuSE' -e 'Red Hat' -e 'Redhat' -e 'Debian' | tr A-Z a-z` if [ "${DISTRO}" = "red hat" ]; then DISTRO="redhat" @@ -368,6 +381,7 @@ # CLI management app. if [ $INSTALL_OSIRISM != 0 -a -f ./osiris ]; then + ${MKDIR} -p ${INSTALL_DIR} ${CP} ./osiris ${INSTALL_DIR} echo "==> installed osiris CLI: ${INSTALL_DIR}/osiris" fi @@ -375,6 +389,7 @@ # scanning agent. if [ -f ./osirisd ]; then + ${MKDIR} -p ${INSTALL_DIR} ${CP} ./osirisd ${INSTALL_DIR} echo "==> installed scan agent: ${INSTALL_DIR}/osirisd" fi @@ -382,6 +397,7 @@ # management console. if [ $INSTALL_OSIRISM != 0 -a -f ./osirismd ]; then + ${MKDIR} -p ${INSTALL_DIR} ${CP} ./osirismd ${INSTALL_DIR} echo "==> installed management console ${INSTALL_DIR}/osirismd" @@ -390,8 +406,8 @@ # and then copy over the default configs. if [ -d ./configs ]; then - ${MKDIR} -p ${OSIRIS_DIR}/configs - ${CP} -rf ./configs/default.* ${OSIRIS_DIR}/configs + ${MKDIR} -p ${DESTDIR}${OSIRIS_DIR}/configs + ${CP} -rf ./configs/default.* ${DESTDIR}${OSIRIS_DIR}/configs echo "==> installed default scan configs." fi @@ -463,6 +479,11 @@ post_install() { + if [ ${PACKAGE_MODE} -eq 1 ]; then + echo "==> Skipping post install." + return + fi + # now give some instructions on how to start daemons for those that need it. echo "" @@ -476,8 +497,7 @@ default="y" prompt="Start management console now? (y/n) [${default}] " - printf "%s" "$prompt " - read answer + ask "$prompt" if [ -z "${answer}" ] ; then answer=$default @@ -495,8 +515,7 @@ default="y" prompt="Start scan agent now? (y/n) [${default}] " -printf "%s" "$prompt " -read answer +ask "$prompt" if [ -z "${answer}" ] ; then answer=$default @@ -523,6 +542,22 @@ } # --------------------------------------------------------------------------- +# FUNCTION: ask +# --------------------------------------------------------------------------- + +ask() +{ + prompt=$1 + printf "%s" "$prompt " + if [ $INTERACTIVE -eq 1 ]; then + read answer + else + echo + answer='' + fi +} + +# --------------------------------------------------------------------------- # FUNCTION: prompts # --------------------------------------------------------------------------- @@ -530,8 +565,7 @@ { default="y" prompt="Continue with installation? (y/n) [${default}] " - printf "%s" "$prompt " - read answer + ask "$prompt" if [ -z "${answer}" ] ; then answer=$default @@ -550,8 +584,7 @@ if [ -f ./osirismd ]; then default="y" prompt="Install management console? (y/n) [${default}] " - printf "%s" "$prompt " - read answer + ask "$prompt" if [ -z "${answer}" ] ; then answer=$default @@ -570,11 +603,9 @@ # prompt user for installation directory. prompt="Installation directory for binaries: [$INSTALL_DIR]" - printf "%s" "$prompt " + ask "$prompt" # read and remove any trailing slash. - - read answer INSTALL_DIR=`expr "${INSTALL_DIR}" : '\(.*[^/]\)/*$'` if [ "$answer" != "" ]; then @@ -586,9 +617,9 @@ ${MKDIR} ${INSTALL_DIR} fi - if [ ! -d ${OSIRIS_DIR} ]; then + if [ ! -d ${DESTDIR}${OSIRIS_DIR} ]; then echo "Osiris root directory doesn't exist, creating." - ${MKDIR} ${OSIRIS_DIR} + ${MKDIR} ${DESTDIR}${OSIRIS_DIR} fi } @@ -608,27 +639,27 @@ echo ${RC_DESC} if [ -d /etc/init.d ]; then - INIT_D="/etc/init.d" + INIT_D="${DESTDIR}/etc/init.d" elif [ -d /etc/rc.d/init.d ]; then - INIT_D="/etc/rc.d/init.d" + INIT_D="${DESTDIR}/etc/rc.d/init.d" elif [ -d /etc/rc.d ]; then - INIT_D="/etc/rc.d" + INIT_D="${DESTDIR}/etc/rc.d" else INIT_D="" fi if [ -d /etc/rc3.d ]; then - RC_D="/etc" + RC_D="${DESTDIR}/etc" elif [ -d /etc/rc.d/rc3.d ]; then - RC_D="/etc/rc.d" + RC_D="${DESTDIR}/etc/rc.d" elif [ -f "/etc/rc.d/rc.sysvinit" ]; then - RC_D="/etc/rc.d" + RC_D="${DESTDIR}/etc/rc.d" for runlevel in 3 4 5 ; do dir="${RC_D}/rc${runlevel}.d" if [ ! -d "$dir" ]; then - mkdir "$dir" - chmod 0755 "$dir" + ${MKDIR} "$dir" + ${CHMOD} 0755 "$dir" fi done @@ -637,10 +668,10 @@ fi if [ -f ./osirisd ]; then - ${SED} "s#@INSTALLDIR@#${INSTALL_DIR}#" < ./linux/${OSIRISD_RC} > ${INIT_D}/osirisd.tmp - ${SED} "s#@OSIRISDIR@#${OSIRIS_DIR}#" < ${INIT_D}/osirisd.tmp > ${INIT_D}/osirisd + ${MKDIR} -p ${INIT_D} + ${SED} "s#@INSTALLDIR@#${SBIN_DIR}#;s#@OSIRISDIR@#${OSIRIS_DIR}#" \ + < ./linux/${OSIRISD_RC} > ${INIT_D}/osirisd ${CHMOD} 555 ${INIT_D}/osirisd - ${RM} ${INIT_D}/osirisd.tmp ${RM} -rf ${RC_D}/rc3.d/S80osirisd ${RM} -rf ${RC_D}/rc4.d/S80osirisd @@ -652,10 +683,8 @@ fi if [ $INSTALL_OSIRISM != 0 -a -f ./osirismd ]; then - ${SED} "s#@INSTALLDIR@#${INSTALL_DIR}#" < ./linux/${OSIRISMD_RC} > ${INIT_D}/osirismd.tmp - ${SED} "s#@OSIRISDIR@#${OSIRIS_DIR}#" < ${INIT_D}/osirismd.tmp > ${INIT_D}/osirismd + ${SED} "s#@INSTALLDIR@#${SBIN_DIR}#;s#@OSIRISDIR@#${OSIRIS_DIR}#" < ./linux/${OSIRISMD_RC} > ${INIT_D}/osirismd ${CHMOD} 555 ${INIT_D}/osirismd - ${RM} ${INIT_D}/osirismd.tmp ${RM} -rf ${RC_D}/rc3.d/S80osirismd ${RM} -rf ${RC_D}/rc4.d/S80osirismd @@ -678,7 +707,7 @@ if [ ! -f /etc/rc.conf.local ]; then echo "==> creating /etc/rc.conf.local" touch /etc/rc.conf.local - chmod 644 /etc/rc.conf.local + ${CHMOD} 644 /etc/rc.conf.local fi if [ ! -f /etc/rc.conf.local ]; then @@ -903,6 +932,13 @@ esac } + +# Change behaviour if we are creating packages. +if [ -n "$DESTDIR" ]; then + PACKAGE_MODE=1 + INTERACTIVE=0 +fi + # --------------------------------------------------------------------------- # call installer functions. # --------------------------------------------------------------------------- From brian at shmoo.com Sun Apr 4 17:33:18 2004 From: brian at shmoo.com (Brian Wotring) Date: Sun, 4 Apr 2004 15:33:18 -0600 Subject: [osiris-devel] osiris-4.0 beta released In-Reply-To: <20040404121405.GB25573@digger.lemmin.gs> References: <79BF5577-8316-11D8-B33C-000393578C14@shmoo.com> <20040404121405.GB25573@digger.lemmin.gs> Message-ID: These have been looked over, tested, and added. Thanks! On Apr 4, 2004, at 6:14 AM, osiris-devel at lemmin.gs wrote: > Hi, > > Attached are 2 new initscripts for Red Hat/Fedora based systems. > Please place in src/install/linux. > > emmanuel > ______________________________________ > _________ -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From brian at shmoo.com Sun Apr 4 17:56:29 2004 From: brian at shmoo.com (Brian Wotring) Date: Sun, 4 Apr 2004 15:56:29 -0600 Subject: [osiris-devel] osiris 4.0 beta install script patch In-Reply-To: <20040404121631.GC25573@digger.lemmin.gs> References: <20040404121631.GC25573@digger.lemmin.gs> Message-ID: This looks good. I tested it on all our platforms to make sure it did not alter the install, however, I did not try to use it while building an RPM. Thanks. On Apr 4, 2004, at 6:16 AM, osiris-devel at lemmin.gs wrote: > Hello, > > Patch attached to make the installer script more friendly > for packagers. > > emmanuel > installer.patch>_______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From Alexei_Roudnev at exigengroup.com Mon Apr 5 16:38:28 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Mon, 5 Apr 2004 13:38:28 -0700 Subject: [osiris-devel] osiris-4.0 beta released References: <79BF5577-8316-11D8-B33C-000393578C14@shmoo.com> Message-ID: <005701c41b4d$f3c85240$2c7f300a@sjc.exigengroup.com> 1) What about Debug build for windows? It is required to use a debugger (Visual Studio is a mess, but Visual Studio Debugger is a good thing. Unfortunately, it requires all libraries to be a Debug mode libraries /including ssl/) and require Debug run-time environment. 2) What are branch names in CVS for all branches? (btw, do you know, that main tree have branch name, which is _Import tag_ name?) > - - The source now builds under MinGW. As a result, the build system on > Windows is no longer the cumbersome pain that it was. The Visual > Studio > project files have all been removed, with joy. Hmm, I never see any big multy-platform project which could stay with Studio for a long -:). Btw, what is MinGW? (I used gnu make and cygwin on my projects)? > > - - new make targets: "agent" and "console" now create installation > packages > for the scan agent and the management console that can be run from > read-only media. From Alexei_Roudnev at exigengroup.com Mon Apr 5 16:40:06 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Mon, 5 Apr 2004 13:40:06 -0700 Subject: [osiris-devel] Configuration issues References: <200403301516.58612.thomas.jones@linux-howtos.com> Message-ID: <005f01c41b4e$2e167800$2c7f300a@sjc.exigengroup.com> May be, it is not 'NoEntry have not influence' but 'NoEntry format is not the same as Exclude file("") format' (very common error in configurations)? NoEntry works fine. > Brian, > > I have been playing with various "small" configuration changes and documenting > the results. I've noticed some peculiar behaviors. Jason Frisvold had brought > up documentation inconsistencies invloving the NoEntry directive. I found > that the following to be true for the 3.0.4-current release: > > - NoEntry has no effect on the scanners direction. i.e. with or without is no > difference. > > - However, the Exclude file ("whatever") directive does the job of removing a > directory and it contents from a scan. I believe that this may be a > documentation issue. > > - I ran a scan with the following rule: Exclude header ("63 30 31") and it > produced checksum errors on completely unrelated files??? I don't know about > this one. I will check the logs more closely. > > - The exclusion directive( and probably inclusion as well) is NOT > case-sensitive. This could be a BIG issue later. I was attempting to exclude > the System.map-2.4.21-199-athlon file from the /boot directory. I put in the > following rule - Exclude file ("S"). This removes ALL files with "S" or "s" > in it. Equivalent to [Ss]. > > - I went ahead and manually changed the rule to both ("Sy") and ("sy") to see > changes ---- it now only removed the file i wanted System.map*. But with both > rules it does the same. So it seems broken. Or maybe that's the intended > behavior. > > I have all the logs and databases from my tests. And i documented each case in > my configuration file. So if you need these; it should help out alot. > > ;( > Thomas > > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel > From brian at shmoo.com Mon Apr 5 21:13:41 2004 From: brian at shmoo.com (Brian Wotring) Date: Mon, 5 Apr 2004 19:13:41 -0600 Subject: [osiris-devel] osiris-4.0 beta released In-Reply-To: <005701c41b4d$f3c85240$2c7f300a@sjc.exigengroup.com> References: <79BF5577-8316-11D8-B33C-000393578C14@shmoo.com> <005701c41b4d$f3c85240$2c7f300a@sjc.exigengroup.com> Message-ID: On Apr 5, 2004, at 2:38 PM, Alexei_Roudnev wrote: > 1) What about Debug build for windows? It is required to use a debugger > (Visual Studio is a mess, but Visual Studio Debugger is a good thing. > Unfortunately, it requires all libraries to be a Debug mode libraries > /including ssl/) and require Debug run-time environment. You should be able to use gdb. > 2) What are branch names in CVS for all branches? (btw, do you know, > that > main tree have branch name, which is _Import tag_ name?) http://cvs.shmoo.com/view/projects/osiris/ Scroll to the bottom and you'll see a combo box with all of the branch/tag names. -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From Alexei_Roudnev at exigengroup.com Mon Apr 5 22:07:32 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Mon, 5 Apr 2004 19:07:32 -0700 Subject: [osiris-devel] osiris-4.0 beta released References: <79BF5577-8316-11D8-B33C-000393578C14@shmoo.com><005701c41b4d$f3c85240$2c7f300a@sjc.exigengroup.com> Message-ID: <012901c41b7b$ec1939a0$2c7f300a@sjc.exigengroup.com> Brian, please, do not force people to use cli gdb, when good and very effective VC Debugger exists. Moreover, Windows Debug mode have much more benefits - it have many internal checks (so it catch memory problems on early stages), have dr. Watson features and so on. // gdb is not bad - on Unix. > > On Apr 5, 2004, at 2:38 PM, Alexei_Roudnev wrote: > > > 1) What about Debug build for windows? It is required to use a debugger > > (Visual Studio is a mess, but Visual Studio Debugger is a good thing. > > Unfortunately, it requires all libraries to be a Debug mode libraries > > /including ssl/) and require Debug run-time environment. > > You should be able to use gdb. > > > 2) What are branch names in CVS for all branches? (btw, do you know, > > that > > main tree have branch name, which is _Import tag_ name?) > > http://cvs.shmoo.com/view/projects/osiris/ > > Scroll to the bottom and you'll see a combo box with all of the > branch/tag names. > > -- > Brian Wotring ( brian at shmoo.com ) > PGP KeyID: 0x9674763D > > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel > From Alexei_Roudnev at exigengroup.com Wed Apr 7 00:54:40 2004 From: Alexei_Roudnev at exigengroup.com (Alexei Roudnev) Date: Tue, 6 Apr 2004 21:54:40 -0700 Subject: [osiris-devel] Strange behavior / possible bug Message-ID: <03eb01c41c5c$6f77aee0$6601a8c0@exigengroup.com> Hi. I saw a strange osiris behavior. In most cases, I can see changes next day after they are made (on any of our ~~ 100 systems). But today, I receive the very first report of one system, and report indicated change, dne March-26 (more than 1 week ago). Configuration (host config) looks absolutely normal - scan every 1440 minutes (once a day). Everything looks as, by some reason, system was not scanned for a long time, then everything restored. It is very strange, so I report it here as a possible bug (version is 2.4.4., manager on Win2K, client on Solaris 5.7). -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040406/8ab8f6a3/attachment.htm From thomas.jones at linux-howtos.com Tue Apr 6 05:30:35 2004 From: thomas.jones at linux-howtos.com (Thomas Jones) Date: Tue, 6 Apr 2004 04:30:35 -0500 Subject: [osiris-devel] Documentation Standard Message-ID: <200404060430.35995.thomas.jones@linux-howtos.com> Hello all, I would like to see that all future/current documentation be standardized. More precisely this is what I propose: 1) Written in Docbook XML 2) Encoding theme = ISO-8859-1 3) DocumentType Definition = kdex.dtd - Standard KDE Documentation 4) Public ID = //KDE//DTD DocBook XML V4.2-Based Variant V1.1//EN This affords the project a great magnitude of capabilities to process ALL documents efficiently. We can generate almost any format docs upon completion. It is easily updated to new standards. Any future translation can be done externally and applied with a simple argument. This should provide the project with very nice, efficient documentation that "mirror" the efforts of other Open Source projects. Thus giving the end-user a more recognizable product. Any ideas/comments? Thomas From luke at responsys.com Wed Apr 7 05:17:42 2004 From: luke at responsys.com (Luke West) Date: Wed, 7 Apr 2004 02:17:42 -0700 Subject: [osiris-devel] Documentation Standard Message-ID: <3DD86CAAF0AFD211A88400508B8B3B530AF8E93E@ex-pa-u1.us.responsys.com> Sounds like a good idea. Would this include user documentation as well? L -----Original Message----- From: Thomas Jones [mailto:thomas.jones at linux-howtos.com] Sent: 06 April 2004 10:31 To: Osiris Developers Subject: [osiris-devel] Documentation Standard Hello all, I would like to see that all future/current documentation be standardized. More precisely this is what I propose: 1) Written in Docbook XML 2) Encoding theme = ISO-8859-1 3) DocumentType Definition = kdex.dtd - Standard KDE Documentation 4) Public ID = //KDE//DTD DocBook XML V4.2-Based Variant V1.1//EN This affords the project a great magnitude of capabilities to process ALL documents efficiently. We can generate almost any format docs upon completion. It is easily updated to new standards. Any future translation can be done externally and applied with a simple argument. This should provide the project with very nice, efficient documentation that "mirror" the efforts of other Open Source projects. Thus giving the end-user a more recognizable product. Any ideas/comments? Thomas _______________________________________________ osiris-devel mailing list osiris-devel at lists.shmoo.com https://lists.shmoo.com/mailman/listinfo/osiris-devel From thomas.jones at linux-howtos.com Tue Apr 6 12:23:03 2004 From: thomas.jones at linux-howtos.com (Thomas Jones) Date: Tue, 6 Apr 2004 11:23:03 -0500 Subject: [osiris-devel] Documentation Standard In-Reply-To: <3DD86CAAF0AFD211A88400508B8B3B530AF8E93E@ex-pa-u1.us.responsys.com> References: <3DD86CAAF0AFD211A88400508B8B3B530AF8E93E@ex-pa-u1.us.responsys.com> Message-ID: <200404061123.04032.thomas.jones@linux-howtos.com> On Wednesday 07 April 2004 04:17, Luke West wrote: > Sounds like a good idea. > > Would this include user documentation as well? > > L > Don't know --- what do you think? It's just an idea i was throwing out there. We by no means have to follow what i say. Maybe you would prefer SGML etc.......... Or maybe you don't like any of these. I'm really not sure if anybody here even uses it? I had thought about LDP compliant docbook. But thought that KDE was a little less regulated/restrictive. ???????????? Thomas From Alexei_Roudnev at exigengroup.com Wed Apr 7 16:39:47 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Wed, 7 Apr 2004 13:39:47 -0700 Subject: [osiris-devel] Documentation Standard References: <3DD86CAAF0AFD211A88400508B8B3B530AF8E93E@ex-pa-u1.us.responsys.com> Message-ID: <026101c41ce0$779d8340$2c7f300a@sjc.exigengroup.com> I prefer to have a docs with a _good_ content, than to have a docs in a good format. For now, docs are in a _sufficient_ format, but content is not perfect yet. Changing format will not create any value, except if it simplify making changes. (It's not about development docs, which are reasonable to be in automated format). ----- Original Message ----- From: "Luke West" To: "'Osiris Developers'" Sent: Wednesday, April 07, 2004 2:17 AM Subject: RE: [osiris-devel] Documentation Standard > Sounds like a good idea. > > Would this include user documentation as well? > > L > > -----Original Message----- > From: Thomas Jones [mailto:thomas.jones at linux-howtos.com] > Sent: 06 April 2004 10:31 > To: Osiris Developers > Subject: [osiris-devel] Documentation Standard > > > Hello all, > > I would like to see that all future/current documentation be standardized. > > More precisely this is what I propose: > > 1) Written in Docbook XML > 2) Encoding theme = ISO-8859-1 > 3) DocumentType Definition = kdex.dtd - Standard KDE Documentation > 4) Public ID = //KDE//DTD DocBook XML V4.2-Based Variant V1.1//EN > > This affords the project a great magnitude of capabilities to process ALL > documents efficiently. We can generate almost any format docs upon > completion. It is easily updated to new standards. Any future translation > can > be done externally and applied with a simple argument. > > This should provide the project with very nice, efficient documentation that > > "mirror" the efforts of other Open Source projects. Thus giving the end-user > > a more recognizable product. > > Any ideas/comments? > > Thomas > > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel > From Alexei_Roudnev at exigengroup.com Wed Apr 7 21:13:00 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Wed, 7 Apr 2004 18:13:00 -0700 Subject: [osiris-devel] Bug in mail messages (2.4.4, possible in all versions) Message-ID: <032a01c41d06$a2cd7680$2c7f300a@sjc.exigengroup.com> There is a small (but very unconvenient) bug in mail messages. They creates links as https://secmon1.amc.portera.com:2267?action=v&host=pamprodfe02&base_db=3&log=log.temp Instead of https://secmon1.amc.portera.com:2267/?action=v&host=pamprodfe02&base_db=3&log=log.temp (difference is in / after port number). This results in extra '/' in the end of link, when they are processed by some mail clients. (Version - 2.4.4). -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040407/23e50959/attachment.htm From brian at shmoo.com Wed Apr 7 22:47:41 2004 From: brian at shmoo.com (Brian Wotring) Date: Wed, 7 Apr 2004 20:47:41 -0600 Subject: [osiris-devel] Bug in mail messages (2.4.4, possible in all versions) In-Reply-To: <032a01c41d06$a2cd7680$2c7f300a@sjc.exigengroup.com> References: <032a01c41d06$a2cd7680$2c7f300a@sjc.exigengroup.com> Message-ID: <1B0B4DE8-8907-11D8-86CB-000393578C14@shmoo.com> You're correct. Since the path is empty, it should be represented with "/". On Apr 7, 2004, at 7:13 PM, Alexei_Roudnev wrote: > There is a small (but very unconvenient) bug in mail messages. They > creates links as > ? > https://secmon1.amc.portera.com:2267? > action=v&host=pamprodfe02&base_db=3&log=log.temp > > Instead of > > https://secmon1.amc.portera.com:2267/? > action=v&host=pamprodfe02&base_db=3&log=log.temp > > (difference is in / after port number). > ? > This results in extra '/' in the end of link, when they are processed > by some mail clients. > ? > (Version - 2.4.4). -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From thomas.jones at linux-howtos.com Tue Apr 13 12:32:03 2004 From: thomas.jones at linux-howtos.com (Thomas Jones) Date: Tue, 13 Apr 2004 11:32:03 -0500 Subject: [osiris-devel] Development Previews Message-ID: <200404131132.03341.thomas.jones@linux-howtos.com> Hello all, Here are a few snapshots to preview some possible projects. The first is the Greeter for lack of a better name. It simply is a GUI interface to new installations of Osiris Management functions ( not scanning agents). The second is a proposed User's Handbook. It has been integrated with the KDE Help Center; as well as SuSEhelp. So the entire document ( as well as other doc's --- CHANGELOG etc.......) can be indexed by htdig and searched conveniently. Comments are encouraged. Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: snapshot2.png Type: image/png Size: 92146 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040413/d33d120b/attachment.png -------------- next part -------------- A non-text attachment was scrubbed... Name: snapshot1.png Type: image/png Size: 128356 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040413/d33d120b/attachment-0001.png From Alexei_Roudnev at exigengroup.com Wed Apr 14 13:14:32 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Wed, 14 Apr 2004 10:14:32 -0700 Subject: [osiris-devel] Development Previews References: <200404131132.03341.thomas.jones@linux-howtos.com> Message-ID: <016601c42243$f4448160$2c7f300a@sjc.exigengroup.com> Do we plan to have any 'batch' mode for configuration? Allowing to import / export hosts configuration, and permitting easy inter-release migration? GUI and CLI are not proper interfaces, if you need to add / delete 100 servers into osiris. Alex ----- Original Message ----- From: "Thomas Jones" To: "Osiris Developers" Sent: Tuesday, April 13, 2004 9:32 AM Subject: [osiris-devel] Development Previews > Hello all, > > Here are a few snapshots to preview some possible projects. > > The first is the Greeter for lack of a better name. It simply is a GUI > interface to new installations of Osiris Management functions ( not scanning > agents). > > The second is a proposed User's Handbook. It has been integrated with the KDE > Help Center; as well as SuSEhelp. So the entire document ( as well as other > doc's --- CHANGELOG etc.......) can be indexed by htdig and searched > conveniently. > > Comments are encouraged. > Thomas > > ---------------------------------------------------------------------------- ---- > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel From thomas.jones at linux-howtos.com Wed Apr 14 01:18:24 2004 From: thomas.jones at linux-howtos.com (Thomas Jones) Date: Wed, 14 Apr 2004 00:18:24 -0500 Subject: [osiris-devel] Development Previews In-Reply-To: <016601c42243$f4448160$2c7f300a@sjc.exigengroup.com> References: <200404131132.03341.thomas.jones@linux-howtos.com> <016601c42243$f4448160$2c7f300a@sjc.exigengroup.com> Message-ID: <200404140018.24221.thomas.jones@linux-howtos.com> On Wednesday 14 April 2004 12:14, Alexei_Roudnev wrote: > Do we plan to have any 'batch' mode for configuration? Allowing to import / > export hosts configuration, and > permitting easy inter-release migration? > > GUI and CLI are not proper interfaces, if you need to add / delete 100 > servers into osiris. > > Alex The interface is not for installation itself; but to compliment a package installation (rpm,deb.etc.....) with a GUI representation of what is available to the end-user. For instance, as you can see from the pics; there are URL's both local and external that will point the end-user to many of the available resources to get started in utilization of their system with Osiris. It simply "greets" the end-user, congratulates them on choosing osiris, and gives them an idea of what they may want to do next. Pretty much just eye-candy! Thomas From thomas.jones at linux-howtos.com Sat Apr 17 21:41:33 2004 From: thomas.jones at linux-howtos.com (Thomas Jones) Date: Sat, 17 Apr 2004 20:41:33 -0500 Subject: [osiris-devel] modular interface In-Reply-To: References: Message-ID: <200404172041.33695.thomas.jones@linux-howtos.com> On Monday 22 March 2004 20:50, Brian Wotring wrote: > The next major release of Osiris (version 4.0) will be a merge of the > 2.x and the 3.x branches. For all of the changes that will be going > into 4.0, see the ChangeLog file. The biggest difference with this > release will be the modular interface for the scan agent. For more > information, go here: > > http://osiris.shmoo.com/modules/ > > The changes to the Windows build system that are needed to support > modules has not been completed, but for all other systems, the code is > checked into the top of the source tree. > > Comments and suggestions are welcome. I had a problem building the mod_uptime module. Here's my unified diff. Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: mod_uptime.diff Type: text/x-diff Size: 378 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040417/30f917bb/attachment.diff From brian at shmoo.com Sun Apr 18 09:25:17 2004 From: brian at shmoo.com (Brian Wotring) Date: Sun, 18 Apr 2004 07:25:17 -0600 Subject: [osiris-devel] modular interface In-Reply-To: <200404172041.33695.thomas.jones@linux-howtos.com> References: <200404172041.33695.thomas.jones@linux-howtos.com> Message-ID: I've made a couple changes in addition to this one. A new version of this module has been posted. Thanks. On Apr 17, 2004, at 7:41 PM, Thomas Jones wrote: > On Monday 22 March 2004 20:50, Brian Wotring wrote: >> The next major release of Osiris (version 4.0) will be a merge of the >> 2.x and the 3.x branches. For all of the changes that will be going >> into 4.0, see the ChangeLog file. The biggest difference with this >> release will be the modular interface for the scan agent. For more >> information, go here: >> >> http://osiris.shmoo.com/modules/ >> >> The changes to the Windows build system that are needed to support >> modules has not been completed, but for all other systems, the code is >> checked into the top of the source tree. >> >> Comments and suggestions are welcome. > > > I had a problem building the mod_uptime module. Here's my unified diff. > > Thomas > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From brian at shmoo.com Tue Apr 20 09:01:54 2004 From: brian at shmoo.com (Brian Wotring) Date: Tue, 20 Apr 2004 07:01:54 -0600 Subject: [osiris-devel] osiris-4.0.0 release candidate Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Osiris version 4.0.0 release candidate - ---------------------------------------------------- Osiris - Host Integrity Monitoring http://osiris.shmoo.com This release of Osiris contains many new enhancements and fixes. The complete ChangeLog is included with the source. The 4.0 release will be the result of the merging of the stable and current branches in the code base. Out of all of the differences, the ones I would like to bring attention to: a) This release is NOT compatible with the 2.x or 3.x code releases. Although this is unfortunate the benefits associated with the changes outweighed compatibility. b) Support for modules: this is a new way for developers to extend what the scan agent monitors. See http://osiris.shmoo.com/modules for more details. c) Support for AIX (thanks to Duane Dunston) and IRIX (thanks to Karen Wieprecht). Please forward anything that looks like it needs attention to me or the development list so we can get it fixed before the release. Downloads: http://osiris.shmoo.com/data/osiris-4.0.0-rc.tar.gz http://osiris.shmoo.com/data/osiris-4.0.0-rc-win32.exe Checksums and Signatures: MD5(osiris-4.0.0-rc-win32.exe)= 4b8c0418308b30efcf633d3242e64b4f MD5(osiris-4.0.0-rc.tar.gz)= c9aef9515907289d8d1ffd4f7d81fed5 http://osiris.shmoo.com/data/osiris-4.0.0-rc.tar.gz.sig http://osiris.shmoo.com/data/osiris-4.0.0-rc-win32.exe.sig Please forward any questions or comments to the Osiris mailing list: osiris at lists.shmoo.com, and any questions related to development to the development list: osiris-devel at lists.shmoo.com - -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQIUfUg3seZ6WdHY9EQKHFQCeINpSItVl9uBGELDp3WX+QtGOTLEAoIFH 7r2ldcnORg3VORzNjBsEWfb9 =r7N/ -----END PGP SIGNATURE----- From brian at shmoo.com Wed Apr 21 10:42:38 2004 From: brian at shmoo.com (Brian Wotring) Date: Wed, 21 Apr 2004 08:42:38 -0600 Subject: [osiris-devel] database archiving options Message-ID: <2315DE69-93A2-11D8-8CB1-000393578C14@shmoo.com> Many users have stated on this list (and to me) that they would like to configure the management console to auto-accept changes (up the trusted database) as well as clean up old databases. I have come up with a solution and will present the idea here for comment. Currently, there are two options for dealing with databases, 1) archiving where every scan creates a new database and 2) non-archiving, where a new db is created only on detected changes thus saving a record of change to for that host, but not retaining a redundant archive. One problem with the non-archiving option is that the database store for a host can still grow and need to be purged if monitored elements are frequently changing. Another problem is that many people are configuring Osiris to monitor anticipated changes, and find it cumbersome to regularly have to accept these changes; they simply want logs/notifications for these events a single time. I feel strongly that the current use model should not be effected, only extended. That is, the options to archive and not archive will continue to behave in the same way, and an additional options for purging the previous database as well as auto-accepting changes be added. Those that don't wish to use the new options can ignore them. To add these two options, I propose changing the "archive_databases" flag in the OSI_HOST and OSI_HOST_BRIEF structures to a bit mask, similar to the way notification flags are stored. There will be three flags, initially: OSI_DB_ARCHIVE OSI_DB_PURGE OSI_DB_AUTOACCEPT Existing functionality will just make use of the archive flag, on or off. Upon completion of a scan, the db_flags for the host in question will be consulted and the trusted database reset if the autoaccept flag is set. If the purge flag is set, the previous database is deleted. These are minor changes, but will satisfy the many who have asked for this functionality while not impacting current use models in any way. Any changes will be made after 4.0 is released. As always, I'm open to comments, suggestions, criticisms, etc. -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From Alexei_Roudnev at exigengroup.com Wed Apr 21 15:51:19 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Wed, 21 Apr 2004 12:51:19 -0700 Subject: [osiris-devel] database archiving options References: <2315DE69-93A2-11D8-8CB1-000393578C14@shmoo.com> Message-ID: <069f01c427da$042f0280$2c7f300a@sjc.exigengroup.com> Short comment to the PURGE (agree with other things). It is better to specify NUMBER of databases, which should be stored before PURGING. '0' means 'No Purge'. > There will be three flags, initially: > > OSI_DB_ARCHIVE > OSI_DB_PURGE > OSI_DB_AUTOACCEPT > > Existing functionality will just make use of the archive flag, on or > off. Upon completion of a scan, the db_flags for the host in question > will be consulted and the trusted database reset if the autoaccept flag > is set. If the purge flag is set, the previous database is deleted. Not a previous, but -N back (so that we can keep N last databases). It allows to make a forensic and rollback actual database, if necessary. > > These are minor changes, but will satisfy the many who have asked for > this functionality while not impacting current use models in any way. > Any changes will be made after 4.0 is released. As always, I'm open to > comments, suggestions, criticisms, etc. > > -- > Brian Wotring ( brian at shmoo.com ) > PGP KeyID: 0x9674763D > > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel > From brian at shmoo.com Mon Apr 26 08:34:49 2004 From: brian at shmoo.com (Brian Wotring) Date: Mon, 26 Apr 2004 06:34:49 -0600 Subject: [osiris-devel] osiris-4.0.0 released Message-ID: <1BBB7F92-977E-11D8-BFAC-000393578C14@shmoo.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Osiris version 4.0.0 release - ---------------------------------------------------- Osiris - Host Integrity Monitoring http://osiris.shmoo.com This release of Osiris contains many new enhancements and fixes. The complete ChangeLog is included with the source. The 4.0 release will be the result of the merging of the stable and current branches in the code base. Out of all of the differences, the ones I would like to bring attention to: a) This release is NOT compatible with the 2.x or 3.x code releases. Although this is unfortunate the benefits associated with the changes outweighed compatibility. b) Support for modules: this is a new way for developers to extend what the scan agent monitors. See http://osiris.shmoo.com/modules for more details. c) Support for AIX (thanks to Duane Dunston) and IRIX (thanks to Karen Wieprecht). Please forward anything that looks like it needs attention on these platforms to me or the development list. Downloads: http://osiris.shmoo.com/data/osiris-4.0.0.tar.gz http://osiris.shmoo.com/data/osiris-4.0.0-win32.exe Checksums and Signatures: MD5(osiris-4.0.0-win32.exe)= 1947ac5ff6945cd6da3ede9fcf7d1995 MD5(osiris-4.0.0.tar.gz)= 9a342b5dc1a44ff66300bc651ef1a86d http://osiris.shmoo.com/data/osiris-4.0.0.tar.gz.sig http://osiris.shmoo.com/data/osiris-4.0.0-win32.exe.sig Please forward any questions or comments to the Osiris mailing list: osiris at lists.shmoo.com, and any questions related to development to the development list: osiris-devel at lists.shmoo.com - -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQI0B6Q3seZ6WdHY9EQJoDgCghcXRqYzcpezEIfgJTqswYnXkoNYAnRQU VEiIvKB2t7+53nk4B/NhvFB9 =xtKr -----END PGP SIGNATURE----- From osiris-devel at lemmin.gs Tue Apr 27 09:06:25 2004 From: osiris-devel at lemmin.gs (osiris-devel at lemmin.gs) Date: Tue, 27 Apr 2004 23:06:25 +1000 Subject: [osiris-devel] osiris-4.0.0 released In-Reply-To: <1BBB7F92-977E-11D8-BFAC-000393578C14@shmoo.com> References: <1BBB7F92-977E-11D8-BFAC-000393578C14@shmoo.com> Message-ID: <20040427130625.GA8669@digger.lemmin.gs> Hi Brian, Attached are 3 patches to make building of RPM packages easier. Please apply. emmanuel -------------- next part -------------- --- osiris-4.0.0-rc/src/install/install.sh.in.orig 2004-04-26 19:29:52.000000000 +1000 +++ osiris-4.0.0-rc/src/install/install.sh.in 2004-04-26 19:33:51.000000000 +1000 @@ -634,12 +634,12 @@ if [ ! -d ${INSTALL_DIR} ]; then echo "Installation directory doesn't exist, creating." - ${MKDIR} ${INSTALL_DIR} + ${MKDIR} -p ${INSTALL_DIR} fi if [ ! -d ${DESTDIR}${OSIRIS_DIR} ]; then echo "Osiris root directory doesn't exist, creating." - ${MKDIR} ${DESTDIR}${OSIRIS_DIR} + ${MKDIR} -p ${DESTDIR}${OSIRIS_DIR} fi } @@ -697,9 +697,13 @@ ${RM} -rf ${RC_D}/rc4.d/S80osirisd ${RM} -rf ${RC_D}/rc5.d/S80osirisd - ${LN} -s ${INIT_D}/osirisd ${RC_D}/rc3.d/S80osirisd - ${LN} -s ${INIT_D}/osirisd ${RC_D}/rc4.d/S80osirisd - ${LN} -s ${INIT_D}/osirisd ${RC_D}/rc5.d/S80osirisd + if [ ${PACKAGE_MODE} -eq 1 ]; then + echo "==> Skipping osirisd symlink creation." + else + ${LN} -s ${INIT_D}/osirisd ${RC_D}/rc3.d/S80osirisd + ${LN} -s ${INIT_D}/osirisd ${RC_D}/rc4.d/S80osirisd + ${LN} -s ${INIT_D}/osirisd ${RC_D}/rc5.d/S80osirisd + fi fi if [ $INSTALL_OSIRISM != 0 -a -f ./osirismd ]; then @@ -710,9 +714,13 @@ ${RM} -rf ${RC_D}/rc4.d/S80osirismd ${RM} -rf ${RC_D}/rc5.d/S80osirismd - ${LN} -s ${INIT_D}/osirismd ${RC_D}/rc3.d/S80osirismd - ${LN} -s ${INIT_D}/osirismd ${RC_D}/rc4.d/S80osirismd - ${LN} -s ${INIT_D}/osirismd ${RC_D}/rc5.d/S80osirismd + if [ ${PACKAGE_MODE} -eq 1 ]; then + echo "==> Skipping osirismd symlink creation." + else + ${LN} -s ${INIT_D}/osirismd ${RC_D}/rc3.d/S80osirismd + ${LN} -s ${INIT_D}/osirismd ${RC_D}/rc4.d/S80osirismd + ${LN} -s ${INIT_D}/osirismd ${RC_D}/rc5.d/S80osirismd + fi fi ;; -------------- next part -------------- --- osiris-4.0.0-rc/src/install/linux/osirisd.redhat.orig 2004-04-05 07:24:52.000000000 +1000 +++ osiris-4.0.0-rc/src/install/linux/osirisd.redhat 2004-04-26 20:34:45.000000000 +1000 @@ -15,11 +15,12 @@ prog=osirisd osirisd="@INSTALLDIR@/osirisd" +osirisd_root=${OSIRIS_ROOT- at OSIRISDIR@} RETVAL=0 start() { echo -n $"Starting $prog: " - daemon $osirisd -r @OSIRISDIR@ $OPTIONS + daemon $osirisd -r $osirisd_root $OPTIONS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/osirisd -------------- next part -------------- --- osiris-4.0.0-rc/src/install/linux/osirismd.redhat.orig 2004-04-05 07:24:52.000000000 +1000 +++ osiris-4.0.0-rc/src/install/linux/osirismd.redhat 2004-04-26 23:36:28.000000000 +1000 @@ -15,11 +15,13 @@ prog=osirismd osirismd="@INSTALLDIR@/osirismd" +osirismd_root=${OSIRIS_ROOT-/var/lib/osirismd} +osirismd_conf=${OSIRIS_CONF-/etc/osirismd/osirismd.conf} RETVAL=0 start() { echo -n $"Starting $prog: " - daemon $osirismd -r @OSIRISDIR@ $OPTIONS + daemon --user osirismd $osirismd -f $osirismd_conf -r $osirismd_root $OPTIONS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/osirismd