[Aide] I (ignore changed filename) woes

Virolainen Pablo pablo at cs.tut.fi
Mon Nov 7 13:35:17 EET 2005


On Sun, 6 Nov 2005, Marc Haber wrote:

> On Fri, Nov 04, 2005 at 07:34:06PM +0100, Marc Haber wrote:
>> I have diffed pablo's source with yours, and because of diff size have
>> restrained myself to only diff the files that pablo touched in his
>> original patch. The patch he suggested to aide.h is not present any
>> more in his current source, and the resulting patch against aide
>> 0.11rc2 is attached.
>>
>> The resulting binary does not segfault in the situation on my
>> "productive test" system where the last patched version used to
>> segfault. I hope that's a good sign.
>
> Unfortunately, the segfault now happens again. A core thrown by a
> non-stripped binary is available by private mail on request.
>
> Downgrading to an unpatched 0.11rc2, and removing the "+ANF"-Clauses
> from the configuration stopped the segfaults from happening.
>
> So, either Pablos current version did _not_ solve the segfault issue,
> or I have broken other things by applying the patch I mailed here.

Thanks for the help (config-file,core and binary). The Bug was where I 
suspected. The new patch should fix that problem.

Duke NEMO / C.O.M.A
alias pablo the pallo virolainen
-------------- next part --------------
diff -Nru aide-cvs/include/aide.h aide-with-ANF/include/aide.h
--- aide-cvs/include/aide.h	Wed Aug 10 12:37:00 2005
+++ aide-with-ANF/include/aide.h	Mon Nov  7 13:29:26 2005
@@ -24,6 +24,19 @@
 #include "report.h"
 #include "db_config.h"
 #include <stdlib.h>
+#include <unistd.h>
+
+#ifndef TEMP_FAILURE_RETRY
+/* Evaluate EXPRESSION, and repeat as long as it returns -1 with errno'
+   set to EINTR.  */
+
+# define TEMP_FAILURE_RETRY(expression) \
+   (__extension__                                                              \
+     ({ long int __result;                                                     \
+        do __result = (long int) (expression);                                 \
+        while (__result == -1L && errno == EINTR);                             \
+        __result; }))
+#endif
 
 #ifdef HAVE_SNPRINTF
 #if !defined(HAVE_C99_SNPRINTF) || !defined(HAVE_C99_VSNPRINTF)
diff -Nru aide-cvs/include/db_config.h aide-with-ANF/include/db_config.h
--- aide-cvs/include/db_config.h	Thu Apr 28 13:53:05 2005
+++ aide-with-ANF/include/db_config.h	Mon Nov  7 13:29:26 2005
@@ -102,6 +102,7 @@
    db_rdev,                     /* "rdev"     */
    db_dev,                      /* "dev"      */
    db_checkmask,                /* "checkmask"*/
+   db_allownewfile,		/* "allownewfile */
    db_unknown } DB_FIELD; 	/* "unknown"  */
 
 /* db_unknown must be last because it is used to determine size of
@@ -142,7 +143,7 @@
 #define DB_CHECKMASK (1<<25)    /* "checkmask"*/
 #define DB_SIZEG     (1<<26)	/* "unknown"  */
 #define DB_CHECKINODE (1<<27) /* "checkinode"*/
-
+#define DB_NEWFILE    (1<<28) /* "allow new file" */
 
 #define DB_HASHES    (DB_MD5|DB_SHA1|DB_RMD160|DB_TIGER|DB_CRC32|DB_HAVAL| \
 		      DB_GOST|DB_CRC32B)
@@ -174,7 +175,8 @@
    "rdev",
    "dev",
    "checkmask",
-   "unknown" } ; 
+   "unknown",
+   "allownewfiles"} ; 
 
 const static int db_value[] = { 
    db_filename, 	/* "name",   */ 
@@ -203,6 +205,7 @@
    db_rdev,             /* "rdev"     */
    db_dev,              /* "dev"      */
    db_checkmask,	/* "checkmask" */
+   db_allownewfile,	/* "allownewfile" */
    db_unknown };	/* "unknown"  */
 
 /* db_namealias && db_aliasvalue are here to support earlier database 
diff -Nru aide-cvs/src/aide.c aide-with-ANF/src/aide.c
--- aide-cvs/src/aide.c	Tue Oct 25 15:29:05 2005
+++ aide-with-ANF/src/aide.c	Mon Nov  7 13:29:26 2005
@@ -329,7 +329,7 @@
 
   conf->start_time=time(&(conf->start_time));
 
-  
+  do_groupdef("ANF",DB_NEWFILE);
   do_groupdef("p",DB_PERM);
   do_groupdef("i",DB_INODE);
   do_groupdef("I",DB_CHECKINODE);
diff -Nru aide-cvs/src/gen_list.c aide-with-ANF/src/gen_list.c
--- aide-cvs/src/gen_list.c	Thu Nov  3 13:18:06 2005
+++ aide-with-ANF/src/gen_list.c	Mon Nov  7 13:30:53 2005
@@ -696,10 +696,10 @@
   if(!((retval&16)==16)){
     retval|=16;
     top=1;
-  } else{
+  } else {
     top=0;
   }
-    
+  
   /* if no deeper match found */
   if(!((retval&8)==8)&&!((retval&4)==4)){
     if(!check_list_for_match(node->equ_rx_lst,text,attr)){
@@ -1020,7 +1020,7 @@
   if(!node){
     node=new_seltree_node(tree,file->filename,0,NULL);
   }
-
+  
   if(file==NULL){
     error(0, "add_file_to_tree was called with NULL db_line\n");
   }
@@ -1087,36 +1087,42 @@
     /* Check if file was moved (same inode, different name in the other DB)*/
     db_line *oldData;
     db_line *newData;
-    seltree* moved_node=get_seltree_inode(tree,file,db==DB_OLD?DB_NEW:DB_OLD);
-    
-    if(moved_node == NULL || moved_node == node) {
-      /* There's mo match for inode or it matches the node with the same name.
-       * In first case we don't have a match to compare with.
-       * In the second - we already compared those files. */
-      return;
-    }
+    seltree* moved_node;
 
-    if(db == DB_NEW) {
-      newData = node->new_data;
-      oldData = moved_node->old_data;
-    } else {
-      newData = moved_node->new_data;
-      oldData = node->old_data;
-    }
+    moved_node=get_seltree_inode(tree,file,db==DB_OLD?DB_NEW:DB_OLD);
+    if(!(moved_node == NULL || moved_node == node)) {
+        /* There's mo match for inode or it matches the node with the same name.
+         * In first case we don't have a match to compare with.
+         * In the second - we already compared those files. */
+      if(db == DB_NEW) {
+        newData = node->new_data;
+        oldData = moved_node->old_data;
+      } else {
+        newData = moved_node->new_data;
+        oldData = node->old_data;
+      }
 
-    localignorelist=(oldData->attr^newData->attr);
-    if (localignorelist!=0) {
-      error(5,"File %s in databases has different attributes, %i,%i\n",
-	    oldData->filename,oldData->attr,newData->attr);
-    }
+      localignorelist=(oldData->attr^newData->attr);
+
+      if (localignorelist!=0) {
+        error(5,"File %s in databases has different attributes, %i,%i\n",
+  	    oldData->filename,oldData->attr,newData->attr);
+      }
     
-    localignorelist|=ignorelist|DB_CTIME;
+      localignorelist|=ignorelist|DB_CTIME;
 
-    /* Free the data if same else leave as is for report_tree */
-    if(compare_dbline(oldData, newData, localignorelist)==RETOK){
-      node->checked |= db==DB_NEW ? NODE_MOVED_IN : NODE_MOVED_OUT;
-      moved_node->checked |= db==DB_NEW ? NODE_MOVED_OUT : NODE_MOVED_IN;
+      /* Free the data if same else leave as is for report_tree */
+      if(compare_dbline(oldData, newData, localignorelist)==RETOK){
+        node->checked |= db==DB_NEW ? NODE_MOVED_IN : NODE_MOVED_OUT;
+        moved_node->checked |= db==DB_NEW ? NODE_MOVED_OUT : NODE_MOVED_IN;
+      }
     }
+  }
+  if( (db == DB_NEW) &&
+      (file->attr & DB_NEWFILE) && 
+      (node->new_data!=NULL) &&
+      (node->old_data==NULL)) {
+	 node->checked|=DB_NEW;
   }
 }
 


More information about the Aide mailing list