248656 – security/wazuh-agent: ossec-syscheckd fails to run due to missing directory: ERROR: Couldn't create SQLite database

Bug 248656 - security/wazuh-agent: ossec-syscheckd fails to run due to missing directory: ERROR: Couldn't create SQLite database

Summary: security/wazuh-agent: ossec-syscheckd fails to run due to missing directory: ...

Status:	Open

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	freebsd-ports-bugs (Nobody)

URL:
Keywords:	needs-patch, needs-qa

Depends on:
Blocks:

Reported:	2020-08-14 13:24 UTC by Felipe Zipitria
Modified:	2020-08-26 10:01 UTC (History)
CC List:	1 user (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (m.muenz) koobs: merge-quarterly?

Attachments
fix folder (1.24 KB, patch) 2020-08-26 10:01 UTC, Michael Muenz	m.muenz: maintainer-approval+	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Felipe Zipitria 2020-08-14 13:24:57 UTC

root@<myhost>:/var/ossec # tail logs/ossec.log 
2020/08/13 12:59:22 ossec-syscheckd: INFO: (6206): Ignore 'file' entry '/var/ossec/var'
2020/08/13 12:59:22 ossec-syscheckd: INFO: (6206): Ignore 'file' entry '/var/ossec/tmp'
2020/08/13 12:59:22 ossec-syscheckd: INFO: (6206): Ignore 'file' entry '/var/ossec/stats'
2020/08/13 12:59:22 ossec-syscheckd: INFO: (6207): Ignore 'file' sregex '.log$|.swp$'
2020/08/13 12:59:22 ossec-syscheckd: ERROR: Couldn't create SQLite database '/var/ossec/queue/fim/db/fim.db': unable to open database file
2020/08/13 12:59:22 ossec-syscheckd: CRITICAL: (6698): Creating Data Structure: sqlite3 db. Exiting.
2020/08/13 12:59:51 ossec-agentd: INFO: Agent is restarting due to shared configuration changes.
2020/08/13 12:59:52 ossec-agentd: INFO: (1225): SIGNAL [(15)-(Terminated)] Received. Exit Cleaning...
2020/08/13 12:59:52 ossec-execd: INFO: (1314): Shutdown received. Deleting responses.
2020/08/13 12:59:52 ossec-execd: INFO: (1225): SIGNAL [(15)-(Terminated)] Received. Exit Cleaning...

Creating the directory solves this problem:

mkdir -p /var/ossec/queue/fim/db
chown -R ossec:ossec /var/ossec/queue/fim

So I guess this could be done by the package itself. Will send a patch.

Comment 1 Michael Muenz 2020-08-22 13:46:05 UTC

Dear Felipe,

Thanks for your report, I was on vacation.
Do you plan to send a patch or shall I fix this in Makefile?

Best,
Michael

Comment 2 Michael Muenz 2020-08-26 10:01:41 UTC

Created attachment 217535 [details]
fix folder

Enclosed a patch for the reported error