File ossec-hids-location.patch of Package ossec-hids
Index: ossec-hids-3.6.0/BUGS
===================================================================
--- ossec-hids-3.6.0.orig/BUGS
+++ ossec-hids-3.6.0/BUGS
@@ -7,7 +7,7 @@ Copyright (C) 2019 Trend Micro Inc.
Please, make sure to include the following information:
-OSSEC version number.
--Content of /etc/ossec-init.conf
+-Content of /etc/sysconfig/ossec-hids
-Content of /var/ossec/etc/ossec.conf
-Content of /var/ossec/logs/ossec.log
-Operating system name/version (uname -a if Unix)
Index: ossec-hids-3.6.0/INSTALL
===================================================================
--- ossec-hids-3.6.0.orig/INSTALL
+++ ossec-hids-3.6.0/INSTALL
@@ -33,12 +33,12 @@ Fast way steps:
1- Run the script ./install.sh. It will guide you through the
installation process.
-2- The script will create everything in /var/ossec and try to
+2- The script will create everything in /var/lib/ossec and try to
create the initialization script in your system (/etc/rc.local
- or /etc/rc.d/init.d/ossec). If the init script is not created,
+ or /etc/init.d/ossec). If the init script is not created,
make sure to follow the instructions from the install.sh to make
OSSEC HIDS start during the boot. To start it by hand, just run
- /var/ossec/bin/ossec-control start
+ /var/lib/ossec/bin/ossec-control start
3- If you are running it on multiple clients, make sure to install
the server first. Use the manage_agents tool
@@ -52,7 +52,7 @@ Fast way steps:
By Hand Installation steps:
-1- Create the necessary directories (by default /var/ossec).
+1- Create the necessary directories (by default /var/lib/ossec).
2- Move the necessary files to the ossec directory.
3- Compile everything.
4- Move the binaries to the default directory.
Index: ossec-hids-3.6.0/contrib/ossec-eps.sh
===================================================================
--- ossec-hids-3.6.0.orig/contrib/ossec-eps.sh
+++ ossec-hids-3.6.0/contrib/ossec-eps.sh
@@ -3,11 +3,11 @@
# Author Michael Starks ossec [at] michaelstarks [dot] com
# License: GPLv3
-if [ ! -e /etc/ossec-init.conf ]; then
+if [ ! -e /etc/sysconfig/ossec-hids ]; then
echo OSSEC does not appear to be installed on this system. Goodbye.
exit 1
else
- grep -q agent /etc/ossec-init.conf && echo This script can only be run on the manager. Goodbye. && exit 1
+ grep -q agent /etc/sysconfig/ossec-hids && echo This script can only be run on the manager. Goodbye. && exit 1
fi
#Reset counters
@@ -15,7 +15,7 @@ COUNT=0
EPSSUM=0
EPSAVG=0
#Source OSSEC Dir
-. /etc/ossec-init.conf
+. /etc/sysconfig/ossec-hids
for i in $(grep 'Total events for day' ${DIRECTORY}/stats/totals/*/*/ossec-totals-*.log | cut -d: -f3); do
COUNT=$((COUNT+1))
Index: ossec-hids-3.6.0/contrib/renumber_agent.sh
===================================================================
--- ossec-hids-3.6.0.orig/contrib/renumber_agent.sh
+++ ossec-hids-3.6.0/contrib/renumber_agent.sh
@@ -10,12 +10,12 @@ if [ $# -ne 2 ]; then
exit 1
fi
-if ! [ -e /etc/ossec-init.conf ]; then
+if ! [ -e /etc/sysconfig/ossec-hids ]; then
echo ossec-init.conf not found. Exiting...
exit 1
fi
-. /etc/ossec-init.conf
+. /etc/sysconfig/ossec-hids
KEYFILE=$DIRECTORY/etc/client.keys
# Get the IP address from the key file
@@ -26,7 +26,7 @@ if [ -z ${IPADDR} ]; then
fi
# stop OSSEC
-/var/ossec/bin/ossec-control stop
+/var/lib/ossec/bin/ossec-control stop
# Update the key record
sed -i $KEYFILE -e "s/${IPADDR}/${2}/"
@@ -56,4 +56,4 @@ if [ -e "syscheck/.(${1}) ${IPADDR}->sys
fi
# Restart OSSEC
-/var/ossec/bin/ossec-control start
+/var/lib/ossec/bin/ossec-control start
Index: ossec-hids-3.6.0/contrib/util.sh
===================================================================
--- ossec-hids-3.6.0.orig/contrib/util.sh
+++ ossec-hids-3.6.0/contrib/util.sh
@@ -10,12 +10,12 @@ ACTION=$1
FILE=$2
FORMAT=$3
-if ! [ -e /etc/ossec-init.conf ]; then
+if ! [ -e /etc/sysconfig/ossec-hids ]; then
echo OSSEC Manager not found. Exiting...
exit 1
fi
-. /etc/ossec-init.conf
+. /etc/sysconfig/ossec-hids
if [ "X$FILE" = "X" ]; then
echo "$0: addfile <filename> [<format>]"
Index: ossec-hids-3.6.0/etc/ossec-agent.conf
===================================================================
--- ossec-hids-3.6.0.orig/etc/ossec-agent.conf
+++ ossec-hids-3.6.0/etc/ossec-agent.conf
@@ -27,8 +27,8 @@
</syscheck>
<rootcheck>
- <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
- <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
+ <rootkit_files>/var/lib/ossec/etc/shared/rootkit_files.txt</rootkit_files>
+ <rootkit_trojans>/var/lib/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
</rootcheck>
<localfile>
@@ -48,7 +48,7 @@
<localfile>
<log_format>syslog</log_format>
- <location>/var/log/secure</location>
+ <location>/var/log/firewall</location>
</localfile>
<localfile>
@@ -58,16 +58,16 @@
<localfile>
<log_format>syslog</log_format>
- <location>/var/log/maillog</location>
+ <location>/var/log/mail</location>
</localfile>
<localfile>
<log_format>apache</log_format>
- <location>/var/www/logs/access_log</location>
+ <location>/var/log/apache2/access_log</location>
</localfile>
<localfile>
<log_format>apache</log_format>
- <location>/var/www/logs/error_log</location>
+ <location>/var/log/apache2/error_log</location>
</localfile>
</ossec_config>
Index: ossec-hids-3.6.0/etc/ossec-local.conf
===================================================================
--- ossec-hids-3.6.0.orig/etc/ossec-local.conf
+++ ossec-hids-3.6.0/etc/ossec-local.conf
@@ -101,8 +101,8 @@
</syscheck>
<rootcheck>
- <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
- <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
+ <rootkit_files>/var/lib/ossec/etc/shared/rootkit_files.txt</rootkit_files>
+ <rootkit_trojans>/var/lib/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
</rootcheck>
<global>
@@ -183,7 +183,7 @@
<localfile>
<log_format>syslog</log_format>
- <location>/var/log/secure</location>
+ <location>/var/log/firewall</location>
</localfile>
<localfile>
@@ -193,16 +193,16 @@
<localfile>
<log_format>syslog</log_format>
- <location>/var/log/maillog</location>
+ <location>/var/log/mail</location>
</localfile>
<localfile>
<log_format>apache</log_format>
- <location>/var/www/logs/access_log</location>
+ <location>/var/log/apache2/access_log</location>
</localfile>
<localfile>
<log_format>apache</log_format>
- <location>/var/www/logs/error_log</location>
+ <location>/var/log/apache2/error_log</location>
</localfile>
</ossec_config>
Index: ossec-hids-3.6.0/etc/ossec-server.conf
===================================================================
--- ossec-hids-3.6.0.orig/etc/ossec-server.conf
+++ ossec-hids-3.6.0/etc/ossec-server.conf
@@ -93,15 +93,15 @@
<ignore>/etc/random-seed</ignore>
<ignore>/etc/random.seed</ignore>
<ignore>/etc/adjtime</ignore>
- <ignore>/etc/httpd/logs</ignore>
+ <ignore>/etc/apache2</ignore>
<!-- Check the file, but never compute the diff -->
<nodiff>/etc/ssl/private.key</nodiff>
</syscheck>
<rootcheck>
- <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
- <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
+ <rootkit_files>/var/lib/ossec/etc/shared/rootkit_files.txt</rootkit_files>
+ <rootkit_trojans>/var/lib/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
</rootcheck>
<global>
@@ -187,7 +187,7 @@
<localfile>
<log_format>syslog</log_format>
- <location>/var/log/secure</location>
+ <location>/var/log/firewall</location>
</localfile>
<localfile>
@@ -197,17 +197,17 @@
<localfile>
<log_format>syslog</log_format>
- <location>/var/log/maillog</location>
+ <location>/var/log/mail</location>
</localfile>
<localfile>
<log_format>apache</log_format>
- <location>/var/www/logs/access_log</location>
+ <location>/var/log/apache2/access_log</location>
</localfile>
<localfile>
<log_format>apache</log_format>
- <location>/var/www/logs/error_log</location>
+ <location>/var/log/apache2/error_log</location>
</localfile>
<localfile>
Index: ossec-hids-3.6.0/etc/ossec.conf
===================================================================
--- ossec-hids-3.6.0.orig/etc/ossec.conf
+++ ossec-hids-3.6.0/etc/ossec.conf
@@ -50,15 +50,15 @@
<ignore>/etc/random-seed</ignore>
<ignore>/etc/random.seed</ignore>
<ignore>/etc/adjtime</ignore>
- <ignore>/etc/httpd/logs</ignore>
+ <ignore>/etc/apache2</ignore>
<!-- Check the file, but never compute the diff -->
<nodiff>/etc/ssl/private.key</nodiff>
</syscheck>
<rootcheck>
- <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
- <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
+ <rootkit_files>/var/lib/ossec/etc/shared/rootkit_files.txt</rootkit_files>
+ <rootkit_trojans>/var/lib/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
</rootcheck>
<global>
@@ -144,7 +144,7 @@
<localfile>
<log_format>syslog</log_format>
- <location>/var/log/secure</location>
+ <location>/var/log/firewall</location>
</localfile>
<localfile>
@@ -154,16 +154,16 @@
<localfile>
<log_format>syslog</log_format>
- <location>/var/log/maillog</location>
+ <location>/var/log/mail</location>
</localfile>
<localfile>
<log_format>apache</log_format>
- <location>/var/www/logs/access_log</location>
+ <location>/var/log/apache2/access_log</location>
</localfile>
<localfile>
<log_format>apache</log_format>
- <location>/var/www/logs/error_log</location>
+ <location>/var/log/apache2/error_log</location>
</localfile>
</ossec_config>
Index: ossec-hids-3.6.0/etc/templates/config/rootcheck.template
===================================================================
--- ossec-hids-3.6.0.orig/etc/templates/config/rootcheck.template
+++ ossec-hids-3.6.0/etc/templates/config/rootcheck.template
@@ -3,16 +3,16 @@
<frequency>36000</frequency>
<!-- Local of the rootkit_files and rootkit_trojans files -->
- <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
- <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
- <system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit>
- <system_audit>/var/ossec/etc/shared/cis_rhel5_linux_rcl.txt</system_audit>
- <system_audit>/var/ossec/etc/shared/cis_rhel6_linux_rcl.txt</system_audit>
- <system_audit>/var/ossec/etc/shared/cis_rhel7_linux_rcl.txt</system_audit>
- <system_audit>/var/ossec/etc/shared/cis_debian_linux_rcl.txt</system_audit>
- <system_audit>/var/ossec/etc/shared/cis_rhel_linux_rcl.txt</system_audit>
- <system_audit>/var/ossec/etc/shared/cis_sles11_linux_rcl.txt</system_audit>
- <system_audit>/var/ossec/etc/shared/cis_sles12_linux_rcl.txt</system_audit>
- <system_audit>/var/ossec/etc/shared/system_audit_ssh.txt</system_audit>
+ <rootkit_files>/var/lib/ossec/etc/shared/rootkit_files.txt</rootkit_files>
+ <rootkit_trojans>/var/lib/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
+ <system_audit>/var/lib/ossec/etc/shared/system_audit_rcl.txt</system_audit>
+ <system_audit>/var/lib/ossec/etc/shared/cis_rhel5_linux_rcl.txt</system_audit>
+ <system_audit>/var/lib/ossec/etc/shared/cis_rhel6_linux_rcl.txt</system_audit>
+ <system_audit>/var/lib/ossec/etc/shared/cis_rhel7_linux_rcl.txt</system_audit>
+ <system_audit>/var/lib/ossec/etc/shared/cis_debian_linux_rcl.txt</system_audit>
+ <system_audit>/var/lib/ossec/etc/shared/cis_rhel_linux_rcl.txt</system_audit>
+ <system_audit>/var/lib/ossec/etc/shared/cis_sles11_linux_rcl.txt</system_audit>
+ <system_audit>/var/lib/ossec/etc/shared/cis_sles12_linux_rcl.txt</system_audit>
+ <system_audit>/var/lib/ossec/etc/shared/system_audit_ssh.txt</system_audit>
</rootcheck>
Index: ossec-hids-3.6.0/install.sh
===================================================================
--- ossec-hids-3.6.0.orig/install.sh
+++ ossec-hids-3.6.0/install.sh
@@ -119,7 +119,7 @@ Install()
cd ../
- # Generate the /etc/ossec-init.conf
+ # Generate the /etc/sysconfig/ossec-hids
VERSION_FILE="./src/VERSION"
VERSION=`cat ${VERSION_FILE}`
chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
Index: ossec-hids-3.6.0/src/LOCATION
===================================================================
--- ossec-hids-3.6.0.orig/src/LOCATION
+++ ossec-hids-3.6.0/src/LOCATION
@@ -1 +1 @@
-DIR="/var/ossec"
+DIR="/var/lib/ossec"
Index: ossec-hids-3.6.0/src/Makefile
===================================================================
--- ossec-hids-3.6.0.orig/src/Makefile
+++ ossec-hids-3.6.0/src/Makefile
@@ -12,7 +12,7 @@ LUA_ENABLE?=no
MAXAGENTS?=2048
REUSE_ID?=no
# XXX Becareful NO EXTRA Spaces here
-PREFIX?=/var/ossec
+PREFIX?=/var/lib/ossec
PG_CONFIG?=pg_config
MY_CONFIG?=mysql_config
PRELUDE_CONFIG?=libprelude-config
@@ -545,7 +545,7 @@ help: failtarget
@echo "General options: "
@echo " make V=1 Display full compiler messages"
@echo " make DEBUG=1 Build with symbols and without optimization"
- @echo " make PREFIX=/path Install OSSEC to '/path'. Defaults to /var/ossec"
+ @echo " make PREFIX=/path Install OSSEC to '/path'. Defaults to /var/lib/ossec"
@echo " make MAXAGENTS=NUMBER Set the number of maximum agents to NUMBER. Defaults to 2048"
@echo " make REUSE_ID=yes Enables agent ID re-use"
@echo
Index: ossec-hids-3.6.0/src/agentlessd/README
===================================================================
--- ossec-hids-3.6.0.orig/src/agentlessd/README
+++ ossec-hids-3.6.0/src/agentlessd/README
@@ -3,7 +3,7 @@ Agentless Daemon.
It will use the connection type specified in the configuration to access
a remote box and do integrity checking or log analysis.
-The connection types are specified at /var/ossec/agentless .
+The connection types are specified at /var/lib/ossec/agentless .
Example of config:
Index: ossec-hids-3.6.0/src/analysisd/compiled_rules/register_rule.sh
===================================================================
--- ossec-hids-3.6.0.orig/src/analysisd/compiled_rules/register_rule.sh
+++ ossec-hids-3.6.0/src/analysisd/compiled_rules/register_rule.sh
@@ -32,19 +32,19 @@ if [ "x$1" = "xlist" ]; then
exit 0;
elif [ "x$1" = "xsave" ]; then
- ls -la /etc/ossec-init.conf > /dev/null 2>&1
+ ls -la /etc/sysconfig/ossec-hids > /dev/null 2>&1
if [ ! $? = 0 ]; then
echo "ERROR: Unable to save rules. You must have OSSEC installed to do so."
exit 1;
fi
- cat /etc/ossec-init.conf > /dev/null 2>&1
+ cat /etc/sysconfig/ossec-hids > /dev/null 2>&1
if [ ! $? = 0 ]; then
echo "ERROR: Unable to save rules. You must be root to do so."
exit 1;
fi
- . /etc/ossec-init.conf
+ . /etc/sysconfig/ossec-hids
ls ${DIRECTORY}/compiled_rules > /dev/null 2>&1
if [ ! $? = 0 ]; then
@@ -71,19 +71,19 @@ elif [ "x$1" = "xsave" ]; then
elif [ "x$1" = "xrestore" ]; then
- ls -la /etc/ossec-init.conf > /dev/null 2>&1
+ ls -la /etc/sysconfig/ossec-hids > /dev/null 2>&1
if [ ! $? = 0 ]; then
echo "ERROR: Unable to restore rules. You must have OSSEC installed to do so."
exit 1;
fi
- cat /etc/ossec-init.conf > /dev/null 2>&1
+ cat /etc/sysconfig/ossec-hids > /dev/null 2>&1
if [ ! $? = 0 ]; then
echo "ERROR: Unable to restore rules. You must be root to do so."
exit 1;
fi
- . /etc/ossec-init.conf
+ . /etc/sysconfig/ossec-hids
ls ${DIRECTORY}/compiled_rules/function_list > /dev/null 2>&1
if [ ! $? = 0 ]; then
Index: ossec-hids-3.6.0/src/headers/defs.h
===================================================================
--- ossec-hids-3.6.0.orig/src/headers/defs.h
+++ ossec-hids-3.6.0/src/headers/defs.h
@@ -156,7 +156,7 @@ http://www.ossec.net/main/license/\n"
/* Syscheck restart */
#ifndef WIN32
-#define SYSCHECK_RESTART "/var/run/.syscheck_run"
+#define SYSCHECK_RESTART "/run/.syscheck_run"
#define SYSCHECK_RESTART_PATH DEFAULTDIR SYSCHECK_RESTART
#else
#define SYSCHECK_RESTART "syscheck/.syscheck_run"
Index: ossec-hids-3.6.0/src/init/ossec-client.sh
===================================================================
--- ossec-hids-3.6.0.orig/src/init/ossec-client.sh
+++ ossec-hids-3.6.0/src/init/ossec-client.sh
@@ -14,7 +14,7 @@ NAME="OSSEC HIDS"
VERSION="v3.6.0"
DAEMONS="ossec-logcollector ossec-syscheckd ossec-agentd ossec-execd"
-[ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf
+[ -f /etc/sysconfig/ossec-hids ] && . /etc/sysconfig/ossec-hids
## Locking for the start/stop
LOCK="${DIR}/var/start-script-lock"
Index: ossec-hids-3.6.0/src/init/ossec-hids-suse.init
===================================================================
--- ossec-hids-3.6.0.orig/src/init/ossec-hids-suse.init
+++ ossec-hids-3.6.0/src/init/ossec-hids-suse.init
@@ -44,12 +44,12 @@ rc_reset
# Reading ossec init conf.
-if [ -f /etc/ossec-init.conf ]; then
- . /etc/ossec-init.conf
+if [ -f /etc/sysconfig/ossec-hids ]; then
+ . /etc/sysconfig/ossec-hids
fi
if [ "X${DIRECTORY}" = "X" ]; then
- DIRECTORY="/var/ossec"
+ DIRECTORY="/var/lib/ossec"
fi
Index: ossec-hids-3.6.0/src/init/ossec-server.sh
===================================================================
--- ossec-hids-3.6.0.orig/src/init/ossec-server.sh
+++ ossec-hids-3.6.0/src/init/ossec-server.sh
@@ -21,7 +21,7 @@ fi
NAME="OSSEC HIDS"
VERSION="v3.6.0"
-[ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf;
+[ -f /etc/sysconfig/ossec-hids ] && . /etc/sysconfig/ossec-hids;
DAEMONS="ossec-monitord ossec-logcollector ossec-remoted ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
Index: ossec-hids-3.6.0/src/init/shared.sh
===================================================================
--- ossec-hids-3.6.0.orig/src/init/shared.sh
+++ ossec-hids-3.6.0/src/init/shared.sh
@@ -20,7 +20,7 @@ else
ME=`whoami 2>/dev/null`
fi
-OSSEC_INIT="/etc/ossec-init.conf"
+OSSEC_INIT="/etc/sysconfig/ossec-hids"
HOST=`hostname`
NAMESERVERS=`cat /etc/resolv.conf | grep "^nameserver" | cut -d " " -sf 2`
NAMESERVERS2=`cat /etc/resolv.conf | grep "^nameserver" | cut -sf 2`
Index: ossec-hids-3.6.0/src/systemd/agent/ossec-agentd.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/agent/ossec-agentd.service
+++ ossec-hids-3.6.0/src/systemd/agent/ossec-agentd.service
@@ -3,8 +3,8 @@ Description=OSSEC Agent
PartOf=ossec-agent.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-agentd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-agentd -f
+ExecStartPre=${DIRECTORY}/bin/ossec-agentd -t
+ExecStart=${DIRECTORY}/bin/ossec-agentd -f
Index: ossec-hids-3.6.0/src/systemd/agent/ossec-execd.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/agent/ossec-execd.service
+++ ossec-hids-3.6.0/src/systemd/agent/ossec-execd.service
@@ -3,8 +3,8 @@ Description=OSSEC Execd
PartOf=ossec-agent.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-execd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-execd -f
+ExecStartPre=${DIRECTORY}/bin/ossec-execd -t
+ExecStart=${DIRECTORY}/bin/ossec-execd -f
Index: ossec-hids-3.6.0/src/systemd/agent/ossec-logcollector.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/agent/ossec-logcollector.service
+++ ossec-hids-3.6.0/src/systemd/agent/ossec-logcollector.service
@@ -3,8 +3,8 @@ Description=OSSEC Logcollector
PartOf=ossec-agent.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-logcollector -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-logcollector -f
+ExecStartPre=${DIRECTORY}/bin/ossec-logcollector -t
+ExecStart=${DIRECTORY}/bin/ossec-logcollector -f
Index: ossec-hids-3.6.0/src/systemd/agent/ossec-syscheckd.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/agent/ossec-syscheckd.service
+++ ossec-hids-3.6.0/src/systemd/agent/ossec-syscheckd.service
@@ -3,8 +3,8 @@ Description=OSSEC syscheckd
PartOf=ossec-agent.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-syscheckd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-syscheckd -f
+ExecStartPre=${DIRECTORY}/bin/ossec-syscheckd -t
+ExecStart=${DIRECTORY}/bin/ossec-syscheckd -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-agentless.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-agentless.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-agentless.service
@@ -3,8 +3,8 @@ Description=OSSEC Agentless
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-agentlessd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-agentlessd -f
\ No newline at end of file
+ExecStartPre=${DIRECTORY}/bin/ossec-agentlessd -t
+ExecStart=${DIRECTORY}/bin/ossec-agentlessd -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-analysisd.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-analysisd.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-analysisd.service
@@ -3,8 +3,8 @@ Description=OSSEC Analysisd
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-analysisd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-analysisd -f
+ExecStartPre=${DIRECTORY}/bin/ossec-analysisd -t
+ExecStart=${DIRECTORY}/bin/ossec-analysisd -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-csyslog.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-csyslog.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-csyslog.service
@@ -3,8 +3,8 @@ Description=OSSEC Syslog client
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-csyslogd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-csyslogd -f
\ No newline at end of file
+ExecStartPre=${DIRECTORY}/bin/ossec-csyslogd -t
+ExecStart=${DIRECTORY}/bin/ossec-csyslogd -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-dbd.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-dbd.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-dbd.service
@@ -3,8 +3,8 @@ Description=The OSSEC DBD
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-dbd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-dbd -f
+ExecStartPre=${DIRECTORY}/bin/ossec-dbd -t
+ExecStart=${DIRECTORY}/bin/ossec-dbd -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-execd.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-execd.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-execd.service
@@ -3,8 +3,8 @@ Description=OSSEC Execd
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-execd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-execd -f
+ExecStartPre=${DIRECTORY}/bin/ossec-execd -t
+ExecStart=${DIRECTORY}/bin/ossec-execd -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-logcollector.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-logcollector.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-logcollector.service
@@ -3,8 +3,8 @@ Description=OSSEC Logcollector
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-logcollector -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-logcollector -f
+ExecStartPre=${DIRECTORY}/bin/ossec-logcollector -t
+ExecStart=${DIRECTORY}/bin/ossec-logcollector -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-maild.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-maild.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-maild.service
@@ -3,8 +3,8 @@ Description=OSSEC Maild
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-maild -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-maild -f
+ExecStartPre=${DIRECTORY}/bin/ossec-maild -t
+ExecStart=${DIRECTORY}/bin/ossec-maild -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-monitord.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-monitord.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-monitord.service
@@ -3,8 +3,8 @@ Description=OSSEC monitord
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-monitord -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-monitord -f
+ExecStartPre=${DIRECTORY}/bin/ossec-monitord -t
+ExecStart=${DIRECTORY}/bin/ossec-monitord -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-remoted.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-remoted.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-remoted.service
@@ -4,8 +4,8 @@ PartOf=ossec-server.target
[Service]
Type=forking
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-remoted -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-remoted -f
+ExecStartPre=${DIRECTORY}/bin/ossec-remoted -t
+ExecStart=${DIRECTORY}/bin/ossec-remoted -f
Index: ossec-hids-3.6.0/src/systemd/server/ossec-syscheckd.service
===================================================================
--- ossec-hids-3.6.0.orig/src/systemd/server/ossec-syscheckd.service
+++ ossec-hids-3.6.0/src/systemd/server/ossec-syscheckd.service
@@ -3,8 +3,8 @@ Description=OSSEC syscheckd
PartOf=ossec-server.target
[Service]
-EnvironmentFile=/etc/ossec-init.conf
-Environment=DIRECTORY=/var/ossec
+EnvironmentFile=/etc/sysconfig/ossec-hids
+Environment=DIRECTORY=/var/lib/ossec
-ExecStartPre=/usr/bin/env ${DIRECTORY}/bin/ossec-syscheckd -t
-ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-syscheckd -f
+ExecStartPre=${DIRECTORY}/bin/ossec-syscheckd -t
+ExecStart=${DIRECTORY}/bin/ossec-syscheckd -f
