Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 12828 - Aide fails to initialize databases making it useless on this platform
Summary: Aide fails to initialize databases making it useless on this platform
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: Sparc Linux
: Normal major (vote)
Assignee: Sparc Porters
Depends on:
Reported: 2002-12-28 01:45 UTC by a-wall
Modified: 2003-08-17 07:28 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description a-wall 2002-12-28 01:45:08 UTC
All versions of aide in the portage tree fail when trying to create a proper 
database when running "aide --init" to create a database "aide.db" to check the
systems with. 

Since aide is the only intrusion detector i am aware in the portage tree i feel
it is a high priority.

Comment 1 Jason Wever (RETIRED) gentoo-dev 2003-01-05 09:46:13 UTC
In testing aide-0.9, it seems that this is fixed.  aide-0.9 is currently marked
~sparc in portage. Aaron, let me know if this works for you and if so, I will
change the keyword to sparc.
Comment 2 Jason Wever (RETIRED) gentoo-dev 2003-01-15 14:00:07 UTC
Marked aide-0.8 as -sparc as aide --init is broken and changed aide-0.9's
keyword from ~sparc to sparc as it works here.
Comment 3 Jason Wever (RETIRED) gentoo-dev 2003-01-15 20:50:09 UTC
Apparently, it's not fixed in all cases.  A config that works on x86 does not
work on sparc.  Looking into it further.
Comment 4 a-wall 2003-01-28 15:44:35 UTC
Works for me but i am not working with the default gentoo aide.conf 
i think perhaps that should be changed to the one that is on the aide site.

config as follows
#AIDE conf

   # Here are all the things we can check - these are the default rules
   #p:      permissions
   #i:      inode
   #n:      number of links
   #u:      user
   #g:      group
   #s:      size
   #b:      block count
   #m:      mtime
   #a:      atime
   #c:      ctime
   #S:      check for growing size
   #md5:    md5 checksum
   #sha1:   sha1 checksum
   #rmd160: rmd160 checksum
   #tiger:  tiger checksum
   #R:      p+i+n+u+g+s+m+c+md5
   #L:      p+i+n+u+g
   #E:      Empty group
   #>:      Growing logfile p+u+g+i+n+S

   # You can alse create custom rules - my home made rule definition goes like this
   MyRule = p+i+n+u+g+s+b+m+c+md5+sha1

   # Next decide what directories/files you want in the database

   /    MyRule #check only permissions, inode, user and group for etc
 #  /bin MyRule      # apply the custom rule to the files in bin
 #  /sbin MyRule     # apply the same custom rule to the files in sbin
 #  /var MyRule
 #  /home/MyRule
   !/var/log/.*     # ignore the log dir it changes too often
   !/var/spool/.*   # ignore spool dirs as they change too often
   !/var/log/wtmp$  # ignore the file /var/adm/utmp
Comment 5 Jason Wever (RETIRED) gentoo-dev 2003-08-17 07:28:24 UTC