[Aide] Convergence?

GARY GENDEL ggendel at sarnoff.com
Wed Sep 14 14:46:57 EEST 2005 

The output of Aide goes where you told it in the configuration file.
database_out = <url>
database_new = <url>

As an example in the aide.conf file:
---------------
gzip_dbout = yes
database = file:///var/aide/aide.db.gz
database_out = file:///var/aide/aide.db.new.gz
database_new = file:///var/aide/aide.db/new.gz

I have scripts that perform the actions I want interactively.  For
example to update the database you can have a script like this:
-----------------------update----------------------------
#!/bin/sh

/var/aide/aide --u -c /var/aide/aide.conf

echo new db created.  You should do:
echo mv aide.db.new.gz aide.db.gz
---------------------------------------------------------
Notice the message echoed at the end.  It reminds me to replace the old
database with the new one.

you should use a rule that doesn't check the database itself and should
put it on a read-only or at least only mount it only when aide is running.

In the example script above, I would have a rule:

!/var/aide/.*gz

to ignore the databases.  Hope this helps.

Gary

gentuxx wrote:
> Well, I've been watching this list from the sidelines for a while, and
> it seems to be going through some bit of inactivity.  Be that as it
> may, I thought I would give this a shot.
> 
> I've been off and on with AIDE, and have only recently decided to give
> it another shot.  So, call me a newb if you want.
> 
> I seemed to have reached some sort of logic loop with the databases.
> I run "aide --init" to initialize the database (DB).  Then I run "aide
> -C" just as a double-check.  I get differences in the DB file itself,
> that seem to be somewhat expected.  So, I run "aide --update", which
> finds differences in aide.db and aide.db.new.
> 
> Does "aide --update" update aide.db or aide.db.new?  How do I get the
> "everything is happy" baseline?  (The only differences I can't seem to
> configure are the ones with the databases.)
> 
> Thanks.
> 
> --
> gentux
> echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
> 
> gentux's gpg fingerprint ==> 34CE 2E97 40C7 EF6E EC40  9795 2D81 924A
> 6996 0993

_______________________________________________
Aide mailing list
Aide at cs.tut.fi
https://mailman.cs.tut.fi/mailman/listinfo/aide

More information about the Aide mailing list