[Aide] AIDE init error for acl and gzip support
    Nutan Vishwakarma 
    nutan.vishwakarma at gmail.com
       
    Sun Jan 19 20:14:10 EET 2020
    
    
  
Thanks, your response did help; hence, As closure of this thread, I've
decided to share how I got all this to work on CentOS7, but should (could)
also work on RHEL, Fedora and Oracle Linux.
Admin Notes:-
I did get acl attribute to work but still could NOT get xattr attribute to
be accepted in aide.conf; (work around towards success - removed xattr from
aide.conf).
I also checked config.log and I can see that support check for xattr
resulted as "yes".
Step1: Install all dependencies - (beign way over greedy here; but
depending on your system's current state, you might already have some of
these installed, in that case yum will anyway ignore that package from the
list. Just in case you still see errors, review config.log and resolve it)
sudo yum install -y bison flex pcre pcre-devel.x86_64 zlib
zlib-devel.x86_64 libgcrypt-devel.x86_64 libgcrypt.x86_64
mhash-devel.x86_64 libcryptui-devel.x86_64 gettext-0.19.8.1-2.el7.x86_64 glibc
glibc-devel glibc-static libacl libacl-devel libselinux libselinux-devel
Step2: ran configure script with these options -
./configure --with-zlib --with-posix-acl --with-xattr --without-mhash
--with-selinux --disable-static --with-gcrypt
Step3: make (if make throws fatal or ld errors, It'd be good to resolve and
rerun make, before "make install").
Step4: "sudo make install"
Validations:-
Step5: aide --version
Step6: "sudo aide --init" (assumption : you already have a valid aide.conf
present at the path listed for CONFIG in above command"
Step7: Rename aide.db.new file to aide.db
Step8: Make a change in a directory which is monitored under aide.conf
Step9: "sudo aide --check"
Review results - job done.
Thanks again Richard.
Regards,
Nutan
On Sun, 19 Jan 2020 at 01:34, Nutan Vishwakarma <nutan.vishwakarma at gmail.com>
wrote:
> Hi,
>
> Sorry, this took way too long to get back. Here is what I was trying to do
> and get an error with attribute "acl" when I use it against a directory.
>
> I am trying to test latest available version of aide, on CentOS 7 and not
> all dependencies are available via yum, so I installed a few manually in
> non standard paths.
>
>
> *sudo yum install -y bison flex pcre-devel.x86_64 zlib-devel.x86_64
> libgcrypt-devel.x86_64 libgcrypt.x86_64 mhash-devel.x86_64
> libcryptui-devel.x86_64 gettext-0.19.8.1-2.el7.x86_64./configure
> --with-zlib=/home/nutan/aide/zlib-1.2.11/ --disable-static*
>
>
> Configure script succeeded when ran with zlib (resolve libz requirement)
> and disabled static.
> aide is now running -
>
>
>
>
>
>
>
>
>
>
> *[nutan at aide aide-0.16.2]$ aide --versionAide 0.16.2Compiled with the
> following
> options:WITH_MMAPWITH_PCREWITH_LSTAT64WITH_READDIR64WITH_MHASHCONFIG_FILE =
> "/usr/local/etc/aide.conf"[nutan at aide aide-0.16.2]$ *
>
>
> NOW, the problem area -
>
> I created a aide.conf file and add following to it -
>
> *[nutan at aide rtest]$ sudo more /usr/local/etc/aide.conf*
>
> *database=file:/var/lib/aide/aide.db*
>
> *database_out=file:/var/lib/aide/aide.db.new*
>
> *database_new=file:/var/lib/aide/aide.db.new*
>
> *gzip_dbout=yes*
>
>
> *summarize_changes=no*
>
>
> *grouped=yes*
>
>
> *verbose = 10*
>
>
> *report_base16 = no*
>
>
> *Checksums = sha512+tiger*
>
>
> *# The checksums of the databases to be printed in the report*
>
> *# Set to 'E' to disable.*
>
> *database_attrs = Checksums*
>
>
> *# check test direcotry *
>
> */home/nutan/aide/rtest p+n+u+g+s+acl+selinux+xattrs+md5+sha256+sha512*
>
> *[nutan at aide rtest]$ *
>
>
> when "aide --init" is run, then I see error of expression.
>
> [nutan at aide rtest]$ aide --init
> Gzip-support not compiled in.
> 21:Error in expression:acl
> Configuration error
> [nutan at aide rtest]$
>
>
> If I remove "acl" from attributes list, then I see same error for xattrs.
> When I remove xattrs too, I get aide to initialize for the first time as
> expected.
>
> Is this because of build steps?? I'll atleast need acl to be part of the
> attributes list.
>
> Help Please...!!
>
>
> Thanks,
> Nutan
>
> On Tue, 12 Nov 2019 at 10:59, Nutan Vishwakarma <
> nutan.vishwakarma at gmail.com> wrote:
> >
> >
> >> Hi,
> >>
> >> I compiled aide-0.16.2 which these options -
> >>
> >> ./configure --with-zlib=/home/nutan/zlib-1.2.11/ --disable-static
> >>
> >>
> >> and it compiled well, but at the time of aide --init or --check, I get
> error for using gzip_dbout=yes and AUDIT = p+u+g+sha512+acl
> >> in my aide.conf file.
> >>
> >> When I check version, it does not show WITH_ZLIB -
> >>
> >> Aide 0.16.2
> >>
> >>
> >> Compiled with the following options:
> >>
> >>
> >> WITH_MMAP
> >>
> >> WITH_PCRE
> >>
> >> WITH_LSTAT64
> >>
> >> WITH_READDIR64
> >>
> >> WITH_MHASH
> >>
> >> CONFIG_FILE = "/usr/local/etc/aide.conf"
> >>
> >>
> >>
> >> Any idea what could be going wrong ? I also need to get "acl" working.
> >>
> >> thanks,
> >> Nutan
> >>
>
>
> --
> Er Nutan Vishwakarma
> Mob: 07893212071
> P
>  Please consider your environmental responsibility:
> Before printing this e-mail, ask yourself whether you need a hard copy.
> GO GREEN.....I am Doing my BIT.
>
-- 
* Er Nutan Vishwakarma Mob: 07893212071 P* Please consider your
environmental responsibility:
Before printing this e-mail, ask yourself whether you need a hard copy.
GO GREEN.....I am Doing my BIT.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.ipi.fi/pipermail/aide/attachments/20200119/2133ef94/attachment-0001.html>
    
    
More information about the Aide
mailing list