--- /usr/portage/app-forensics/aide/files/aide.cron 2005-09-30 17:19:38.000000000 +0200 +++ files/aide.cron 2008-03-31 22:04:50.000000000 +0200 @@ -29,6 +29,7 @@ LOGFILE="aide.log" CONFFILE="/etc/aide/aide.conf" ERRORLOG="aide_error.log" +MAILLOG="aide_mail.log" ERRORTMP=`tempfile --directory "/tmp" --prefix "$ERRORLOG"` [ -f /usr/bin/aide ] || exit 0 @@ -44,10 +45,13 @@ AIDEARGS="-V4" if [ ! -f $DATABASE ]; then - ( - echo "Fatal error: The AIDE database does not exist!" - echo "This may mean you haven't created it, or it may mean that someone has removed it." - ) | /bin/mail -s "Daily AIDE report for $FQDN" $MAILTO + /usr/sbin/sendmail $MAILTO < "$LOGDIR/$ERRORLOG" << EOF; + cat > "$LOGDIR/$ERRORLOG" << EOF ***************************************************************************** * aide returned a non-zero exit value * @@ -89,7 +95,7 @@ if [ -s "$LOGDIR/$ERRORLOG" ]; then errorlines=`wc -l "$LOGDIR/$ERRORLOG" | awk '{ print $1 }'` if [ ${errorlines:=0} -gt $LINES ]; then - cat << EOF; + cat << EOF **************************************************************************** * aide has returned many errors. * @@ -129,7 +135,7 @@ if [ -s "$NOISETMP" ]; then loglines=`< $NOISETMP wc -l | awk '{ print $1 }'` if [ ${loglines:=0} -gt $LINES ]; then - cat << EOF; + cat << EOF **************************************************************************** * aide has returned long output which has been truncated in this mail * @@ -155,7 +161,7 @@ if [ -s "$LOGDIR/$LOGFILE" ]; then loglines=`wc -l "$LOGDIR/$LOGFILE" | awk '{ print $1 }'` if [ ${loglines:=0} -gt $LINES ]; then - cat << EOF; + cat << EOF **************************************************************************** * aide has returned long output which has been truncated in this mail * @@ -172,4 +178,15 @@ else echo "AIDE detected no changes." fi -) | /bin/mail -s "Daily AIDE report for $FQDN" $MAILTO +) > ${MAILTMP} + +( +cat <