manage_agents unable to access /dev/random due to chroot #425
Comments
|
For those dealing with this issue a quick temporary fix was to execute: cd /var/ossec/ And you'll be able to add new agents to /var/ossec/etc/client.keys Cheers. |
|
This is due to the new way we grab random data from /dev/random. But it must be done before chroot-ing. I am on mobile but should be easy to fix when I get to a computer. The fix is easy move srandom_init() before chroot. |
|
I have opened a Pull request to fix this, but I cannot test as I am still mobile. |
fixes #425 moves srandom before chroot
|
this issue 'seems' to be causing system wide effects?? I have a new server which is now no longer able to git clone or wget after doing the mount -o bind /dev dev/ from /var/ossec as root. git clone has the same issue. |
|
This issue still affects latest release candidate, I had to do the mount work around to get mass creation of agents working... It was also confusing not knowing it ran in the chroot trying to specify the file it was looking for as it's chrooted into /var/ossec and not the current dir of the bin. So when I placed the text file containing my agent names and IPs and attempted to do ./agent_list.txt was a bit odd. |
|
How are people triggering this? I don't see this behavior on OpenBSD or Ubuntu. I just tried a bulk add as well without issue. |
|
Is this with the latest Release RC 2.9.0 that you're not getting it @ddpbsd or is it the latest source? |
|
The latest source. I haven't tried RC3 yet, but I'll try to give it a shot this weekend. |
|
The issue I encountered was on the latest RC on an Ubuntu system, I didn't compile from source off git and try that yet but this is also a production system I'm working to upgrade/migrate due to other unexpected/unexplained issues. |
|
Ok, I'll give that a shot. How were you running manage_agents? |
|
Ok, got it: |
Hi,
OS: 14.10 (Utopic Unicorn)
Kernel: Linux 3.16.0-23-generic
OSSEC Version: snapshot from github an hour ago.
I installed OSSEC for the first time and was excited to get going. Once installed I tried to add an agent via manage_agents bin and got:
2014/10/31 09:34:55 manage_agents: ERROR: randombytes failed for all possible methods for accessing random data
Strace output:
[ output omitted for readability ]
setgroups(1, [1001]) = 0
setresgid(-1, 1001, -1) = 0
setgid(1001) = 0
chdir("/var/ossec") = 0
chroot("/var/ossec") = 0
chdir("/") = 0
[ .. more omittions ..]
open("/dev/urandom", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/dev/random", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, "2014/10/31 09:38:16 ", 202014/10/31 09:38:16 ) = 20
write(2, "manage_agents: ERROR: randombyte"..., 91manage_agents: ERROR: randombytes failed for all possible methods for accessing random data) = 91
write(2, "\n", 1
) = 1
exit_group(1) = ?
+++ exited with 1 +++
From what I gather manage_agents chroots itself, but doesn't take into account that it actually needs entropy from /dev/urandom and /dev/random.
If you need the entire strace log by all means just let me know.
The text was updated successfully, but these errors were encountered: