[Aide] Rules to exclude all files except one
Richard Dupuy
Richard.Dupuy at LA.GOV
Thu Nov 19 23:52:15 EET 2015
I've done something like this with some success:
!/opt/app/dir/[^o][^n][^e][^d][^i][^r][^/]
You might play around with find and grep/egrep to find the "just right" regular expression... I've played this game of "exclude all but..." with regular expressions before. It's very ugly, but there's *usually a way*, at least with extended regular expression syntax.
--Rich Dupuy
IT Technical Support Consultant
Office of Technology Services
225-219-6026
-----Original Message-----
From: Aide [mailto:aide-bounces at cs.tut.fi] On Behalf Of Shirkdog
Sent: Thursday, November 19, 2015 10:12 AM
To: Aide user mailinglist
Subject: Re: [Aide] Rules to exclude all files except one
That was the reason for my response, pretty sure your issue has come up before, and I have worked around it by automating that process outside of aide.
It is something it should be able to handle, a global white-list of some kind for the values you do not want to check.
---
Michael Shirk
On Thu, Nov 19, 2015 at 9:40 AM, Brian Mathis <brian.mathis+aide at betteradmin.com> wrote:
> No, that doesn't work because the ! rule still matches the onefile
> rule, so it is excluded. This can be seen when running with -V250:
>
> "/opt/app/dir" matches rule from line #131: ^/opt/app/dir
> /opt/app/dir match=0, tree=0x7fc395d8f780, attr=0
> "/opt/app/dir/onefile" matches rule from line #132:
> ^/opt/app/dir/onefile
> "/opt/app/dir/onefile" matches rule from line #131: ^/opt/app/dir
> /opt/app/dir/onefile match=0, tree=0x7fc395d8f780, attr=0
>
> ~ Brian Mathis
> @orev
>
>
> On Thu, Nov 19, 2015 at 12:07 PM, Jobst Schmalenbach
> <jobst at barrett.com.au>
> wrote:
>>
>> Wouldn't it be
>>
>> !/opt/app/dir
>> /opt/app/dir/onefile NORMAL
>>
>>
>> Jobst
>>
>> --
>> Sent from my Mobile.
>>
>>
>> On 19 November 2015 7:29:46 PM AEDT, Brian Mathis
>> <brian.mathis+aide at betteradmin.com> wrote:
>>>
>>> Thanks for the reply (glad this list isn't completely dead), but I
>>> think it's pretty clear that I said "all files/dirs in a
>>> subdirectory" and "without itemizing every file to exclude". This
>>> indicates that a specific include/exclude is explicitly not what I'm
>>> looking for, as the list of things to exclude is not known beforehand.
>>>
>>> ~ Brian Mathis
>>> @orev
>>>
>>>
>>> On Wed, Nov 18, 2015 at 10:47 PM, Shirkdog <shirkdog at gmail.com> wrote:
>>>>
>>>> What if you do the specific include/exclude?
>>>>
>>>> /opt/app/dir2/.* NORMAL
>>>> !/opt/app/dir1
>>>> !/opt/app/dir3
>>>>
>>>>
>>>> ---
>>>> Michael Shirk
>>>>
>>>>
>>>> On Wed, Nov 18, 2015 at 12:23 PM, Brian Mathis
>>>> <brian.mathis+aide at betteradmin.com> wrote:
>>>> > I'm trying to setup some rules that exclude all files/dirs in a
>>>> > subdirectory except for one, without itemizing every file to
>>>> > exclude.
>>>> >
>>>> > Example:
>>>> > /opt/app/dir1 --> exclude
>>>> > /opt/app/dir2 --> include
>>>> > /opt/app/dir3 --> exclude
>>>> >
>>>> > I'm trying something like this, but can't seem to get it working:
>>>> > /opt/app/dir2/.* NORMAL
>>>> > !/opt/app/
>>>> > / EVERYTHING
>>>> > The ! rule always seems to override the dir2 rule.
>>>> >
>>>> > Is there any way to accomplish this with aide?
>>>> >
>>>> > ~ Brian Mathis
>>>> > @orev
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > Aide mailing list
>>>> > Aide at cs.tut.fi
>>>> > https://mailman.cs.tut.fi/mailman/listinfo/aide
>>>> >
>>>> _______________________________________________
>>>> Aide mailing list
>>>> Aide at cs.tut.fi
>>>> https://mailman.cs.tut.fi/mailman/listinfo/aide
>>>
>>>
>>> ________________________________
>>>
>>> Aide mailing list
>>> Aide at cs.tut.fi
>>> https://mailman.cs.tut.fi/mailman/listinfo/aide
>
>
>
> _______________________________________________
> Aide mailing list
> Aide at cs.tut.fi
> https://mailman.cs.tut.fi/mailman/listinfo/aide
>
_______________________________________________
Aide mailing list
Aide at cs.tut.fi
https://mailman.cs.tut.fi/mailman/listinfo/aide
More information about the Aide
mailing list