Summary: | Aide fails to initialize databases making it useless on this platform | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | a-wall |
Component: | Current packages | Assignee: | Sparc Porters <sparc> |
Status: | VERIFIED WORKSFORME | ||
Severity: | major | ||
Priority: | Normal | ||
Version: | 1.4_rc1 | ||
Hardware: | Sparc | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
a-wall
2002-12-28 01:45:08 UTC
In testing aide-0.9, it seems that this is fixed. aide-0.9 is currently marked ~sparc in portage. Aaron, let me know if this works for you and if so, I will change the keyword to sparc. Marked aide-0.8 as -sparc as aide --init is broken and changed aide-0.9's keyword from ~sparc to sparc as it works here. Apparently, it's not fixed in all cases. A config that works on x86 does not work on sparc. Looking into it further. Works for me but i am not working with the default gentoo aide.conf i think perhaps that should be changed to the one that is on the aide site. config as follows --------------------------------------snip------------------------------ #AIDE conf # Here are all the things we can check - these are the default rules # #p: permissions #i: inode #n: number of links #u: user #g: group #s: size #b: block count #m: mtime #a: atime #c: ctime #S: check for growing size #md5: md5 checksum #sha1: sha1 checksum #rmd160: rmd160 checksum #tiger: tiger checksum #R: p+i+n+u+g+s+m+c+md5 #L: p+i+n+u+g #E: Empty group #>: Growing logfile p+u+g+i+n+S # You can alse create custom rules - my home made rule definition goes like this # MyRule = p+i+n+u+g+s+b+m+c+md5+sha1 # Next decide what directories/files you want in the database / MyRule #check only permissions, inode, user and group for etc # /bin MyRule # apply the custom rule to the files in bin # /sbin MyRule # apply the same custom rule to the files in sbin # /var MyRule # /home/MyRule !/var/log/.* # ignore the log dir it changes too often !/var/spool/.* # ignore spool dirs as they change too often !/var/log/wtmp$ # ignore the file /var/adm/utmp ---------------------snip--------------------------------------- Closing |