Samhain | ||
---|---|---|
<<< Previous | FAQ — Frequently Asked Questions | Next >>> |
samhain fails to resolve the self-address of the host. This is most probably due to some mistake in the /etc/hosts file.
Correct
127.0.0.1 localhost xxx.xxx.xxx.xxx myhost.mydomain.tld myhost |
Wrong
127.0.0.1 myhost.mydomain.tld localhost xxx.xxx.xxx.xxx myhost.mydomain.tld myhost |
Wrong
127.0.0.1 localhost myhost xxx.xxx.xxx.xxx myhost.mydomain.tld myhost |
See above.
Because you can use all log facilities in parallel. You should switch off in the config file what you don't want/need:
[Log] # local log file LogSeverity=none |
This happens because some backup applications reset the atime/mtime timestamps, which causes the ctime timestamp to be modified (rootkits avoid this by temporarily resetting the system clock to the original ctime ...).
To fix this problem, read the manual of your backup application, or redefine the ReadOnly policy to not check the ctime timestamp:
[Misc] RedefReadOnly=-CTM |
![]() | NOTE |
---|---|
You must first redefine ReadOnly before you use it in the config file ! |
If you keep the file signature database on the server, the database is supposed to be updated on the server, using the beltane web-based console and the log messages from the client. However, currently only an alpha release of beltane exists, which is not recommended for production use.
Alternatively, you can update by scp the database to the client, run samhain -t update -l none (you need to avoid logging because otherwise you will get in conflict with the running samhain daemon), and then scp the database back to the server. Actually, with a properly set up ssh, using RSA/DSA authentication and ssh-agent you could write a script to automate this.
<<< Previous | Home | Next >>> |
FAQ — Frequently Asked Questions | Up | Server |