Bug 12828 - Aide fails to initialize databases making it useless on this platform
Bug#: 12828 Product:  Gentoo Linux Version: 1.4_rc1 Platform: Sparc
OS/Version: Linux Status: CLOSED Severity: major Priority: P3
Resolution: WORKSFORME Assigned To: sparc@gentoo.org Reported By: a-wall@qwest.net
Component: Applications
URL: 
Summary: Aide fails to initialize databases making it useless on this platform
Keywords:  
Status Whiteboard: 
Opened: 2002-12-28 01:45 0000
Description:   Opened: 2002-12-28 01:45 0000 
All versions of aide in the portage tree fail when trying to create a proper 
database when running "aide --init" to create a database "aide.db" to check the
systems with. 

Since aide is the only intrusion detector i am aware in the portage tree i feel
it is a high priority.


thanks,
-aaron

------- Comment #1 From Jason Wever (RETIRED) 2003-01-05 09:46:13 0000 ------- 
In testing aide-0.9, it seems that this is fixed.  aide-0.9 is currently marked
~sparc in portage. Aaron, let me know if this works for you and if so, I will
change the keyword to sparc.

------- Comment #2 From Jason Wever (RETIRED) 2003-01-15 14:00:07 0000 ------- 
Marked aide-0.8 as -sparc as aide --init is broken and changed aide-0.9's
keyword from ~sparc to sparc as it works here.

------- Comment #3 From Jason Wever (RETIRED) 2003-01-15 20:50:09 0000 ------- 
Apparently, it's not fixed in all cases.  A config that works on x86 does not
work on sparc.  Looking into it further.

------- Comment #4 From a-wall@qwest.net 2003-01-28 15:44:35 0000 ------- 
Works for me but i am not working with the default gentoo aide.conf 
i think perhaps that should be changed to the one that is on the aide site.


config as follows
--------------------------------------snip------------------------------
#AIDE conf

   # Here are all the things we can check - these are the default rules
   #
   #p:      permissions
   #i:      inode
   #n:      number of links
   #u:      user
   #g:      group
   #s:      size
   #b:      block count
   #m:      mtime
   #a:      atime
   #c:      ctime
   #S:      check for growing size
   #md5:    md5 checksum
   #sha1:   sha1 checksum
   #rmd160: rmd160 checksum
   #tiger:  tiger checksum
   #R:      p+i+n+u+g+s+m+c+md5
   #L:      p+i+n+u+g
   #E:      Empty group
   #>:      Growing logfile p+u+g+i+n+S

   # You can alse create custom rules - my home made rule definition goes like this
   #
   MyRule = p+i+n+u+g+s+b+m+c+md5+sha1

   # Next decide what directories/files you want in the database

   /    MyRule #check only permissions, inode, user and group for etc
 #  /bin MyRule      # apply the custom rule to the files in bin
 #  /sbin MyRule     # apply the same custom rule to the files in sbin
 #  /var MyRule
 #  /home/MyRule
   !/var/log/.*     # ignore the log dir it changes too often
   !/var/spool/.*   # ignore spool dirs as they change too often
   !/var/log/wtmp$  # ignore the file /var/adm/utmp
---------------------snip---------------------------------------

------- Comment #5 From Jason Wever (RETIRED) 2003-08-17 07:28:24 0000 ------- 
Closing