[Aide] Howto match kernel names with regular expressions?
Sonixxfx
sonixxfx at gmail.com
Tue Jan 9 20:21:09 EET 2007
Yes! The rule you've provided did the job.
Thanks Eric.
Regards,
Ben
2007/1/9, Sonixxfx <sonixxfx at gmail.com>:
>
> Thanks Eric! I am going to try it out this evening. I´ll let you know how
> it goes in a few ours.
>
> Regards,
>
> Ben
>
>
> 2007/1/9, Eric Webster <ewebster at 2co.com>:
> >
> > The rule in that conf only matches numbers and a dot, your the
> > directory for your kernel would have a hyphen in it.
> >
> > /lib/modules/[0-9\.\-]*/modules\.dep$
> >
> > Should do the trick. I'm not sure if the hyphen needs escaped or not,
> > try it and remove the slash if not.
> >
> >
> > Eric Webster
> > Enterprise Services
> > 2CheckOut.com
> >
> >
> > ------------------------------
> > *From:* aide-bounces at cs.tut.fi [mailto: aide-bounces at cs.tut.fi] *On
> > Behalf Of *Sonixxfx
> > *Sent:* Tuesday, January 09, 2007 3:21 AM
> > *To:* Aide user mailinglist
> > *Subject:* [Aide] Howto match kernel names with regular expressions?
> >
> >
> > Hi,
> >
> > I would like to monitor the kernel directories located under
> > /lib/modules. I am trying to create a rule with regular expressions so that
> > it matches all kind of kernel names. At the moment I am using
> > kernel-2.4.27-2-386 on Debian. Unfortunatly the rule from
> > /etc/aide.conf.d/31_aide_modules does not match this kernel. I have also
> > tried to create a rule myself but without success.
> >
> > So can someone show me what I can use to match these directories? I also
> > want to monitor 2.6 kernels.
> >
> > Thanks for the help.
> >
> >
> > _______________________________________________
> > Aide mailing list
> > Aide at cs.tut.fi
> > https://mailman.cs.tut.fi/mailman/listinfo/aide
> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.cs.tut.fi/pipermail/aide/attachments/20070109/b03300d7/attachment.html
More information about the Aide
mailing list