Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.0

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
231232233234235236237238239240
Messages
Agent Messages
Appendix F
223
Agent Messages
NOTE These messages are produced by the agent processes. If you see a message that is not
described and you cannot resolve, contact HP support.
idsagent: another idsagent (PID:
pid
) process is running
Or a stale lockfile /var/opt/ids/idsagent.pid exists
Remove it and attempt to restart - exiting
Meaning: You attempted to start idsagent and it is already running. Or idsagent
halted abnormally, leaving the lock file in place.
Action: See if the agent is already running (ps -ef|grep idsagent). If it is, and you
need to restart it, see “Halting HP-UX HIDS Agents” on page 53 and “Starting
HP-UX HIDS Agents” on page 52. If it isn’t, delete the lock file and restart the agent.
idsagent: agent processes must NOT be run as root - exiting
Meaning: You are currently executing as superuser (root). For security reasons,
HP-UX HIDS programs will not run as superuser.
Action: Switch to user ids.
idsagent: a critical error occurred on the agent; halting schedule execution
Meaning: If idsagent encounters an unexpected error, it will halt the currently
active surveillance schedule.
Action: This error often occurs if the IDDS driver in the kernel is not configured
correctly. Run the IDS_checkInstall script. Contact HP support.
idsagent: access checking on configuration file
cfile
failed
Meaning: Security checks on the configuration file
cfile
have failed.
Action: idsagent will refuse to open the configuration file if it is not owned by
user:group ids:ids, is not readable by user ids, or if it is world-writable.
idsagent: alert log creation failed
Meaning: idsagent failed to create the /var/opt/ids/alert.log local alert logfile.
Action: Check that the directory exists, that it is owned by user:group ids:ids; that
it has permissions 700; and that the /var partition has free space available.
idsagent: cannot access its base directory:
dir
Meaning: idsagent failed to change its current working directory to
dir
Action: Ensure that
dir
exists; that it is owned by user:group ids:ids; and that it is
readable and executable by user ids.
idsagent: cannot open configuration file
cfile
Meaning: idsagent cannot open the configuration file
cfile
.