[Aide] Convergence?
gentuxx
gentuxx at gmail.com
Thu Sep 15 00:14:36 EEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
GARY GENDEL wrote:
>The output of Aide goes where you told it in the configuration file.
>database_out = <url>
>database_new = <url>
>
>As an example in the aide.conf file:
>---------------
>gzip_dbout = yes
>database = file:///var/aide/aide.db.gz
>database_out = file:///var/aide/aide.db.new.gz
>database_new = file:///var/aide/aide.db/new.gz
>
>I have scripts that perform the actions I want interactively. For
>example to update the database you can have a script like this:
>-----------------------update----------------------------
>#!/bin/sh
>
>/var/aide/aide --u -c /var/aide/aide.conf
>
>echo new db created. You should do:
>echo mv aide.db.new.gz aide.db.gz
>---------------------------------------------------------
>Notice the message echoed at the end. It reminds me to replace the old
>database with the new one.
>
>you should use a rule that doesn't check the database itself and should
>put it on a read-only or at least only mount it only when aide is running.
>
>In the example script above, I would have a rule:
>
>!/var/aide/.*gz
>
>to ignore the databases. Hope this helps.
>
>Gary
>
>gentuxx wrote:
>
>>Well, I've been watching this list from the sidelines for a while, and
>>it seems to be going through some bit of inactivity. Be that as it
>>may, I thought I would give this a shot.
>>
>>I've been off and on with AIDE, and have only recently decided to give
>>it another shot. So, call me a newb if you want.
>>
>>I seemed to have reached some sort of logic loop with the databases.
>>I run "aide --init" to initialize the database (DB). Then I run "aide
>>-C" just as a double-check. I get differences in the DB file itself,
>>that seem to be somewhat expected. So, I run "aide --update", which
>>finds differences in aide.db and aide.db.new.
>>
>>Does "aide --update" update aide.db or aide.db.new? How do I get the
>>"everything is happy" baseline? (The only differences I can't seem to
>>configure are the ones with the databases.)
>>
>>Thanks.
>>
>>--
>>gentux
>>echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
>>
>>gentux's gpg fingerprint ==> 34CE 2E97 40C7 EF6E EC40 9795 2D81 924A
>>6996 0993
>
>
So, essentially what you're saying is that I shouldn't let AIDE check
it's own database. I guess that makes sense.
I had planned to use a series of scripts to check and update, but I
hadn't gotten that far yet. I was still in the configuration phase.
Thanks.
- --
gentux
echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
gentux's gpg fingerprint ==> 34CE 2E97 40C7 EF6E EC40 9795 2D81 924A
6996 0993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDKJK8LYGSSmmWCZMRAgOVAJ0cX0L/b18q2UmhPeZUFZFkhqTw6gCg7Y8G
3HvXhHdhamCFm/qbF7yL9dY=
=tpVX
-----END PGP SIGNATURE-----
More information about the Aide
mailing list