[Aide] Way to list contents of aide.db?

[Hannes von Haugwitz]

Hi,

On Fri, Jul 23, 2021 at 04:43:10PM -0300, Andreas Hasenack wrote:
> is there a way to list the files and directories that are in the aide
> database? I wanted to be sure that an explicit inclusion or removal I added
> to the config was indeed respected.

To test your rules you can use `--dry-init` and `--path-check`
(both options have been added in AIDE 0.17):

$ aide --config aide.conf --dry-init
[ ] d '/': no matching rule
[X] d '/dir': selective rule: '/dir (none) l+p+u+g+s+c+m+i+n+md5+acl+selinux+xattrs+ftype+e2fsattrs+caps' (aide.conf:3: '/dir R')
[X] f '/dir/file': selective rule: '/dir (none) l+p+u+g+s+c+m+i+n+md5+acl+selinux+xattrs+ftype+e2fsattrs+caps' (aide.conf:3: '/dir R')
[ ] d '/dir/sub': negative rule: '!/dir/sub$ d' (aide.conf:2: '!/dir/sub$ d')
[ ] f '/dir/sub/not': negative rule: '!/dir/sub/(?!file) (none)' (aide.conf:1: '!/dir/sub/(?!file)')
[X] f '/dir/sub/file': selective rule: '/dir (none) l+p+u+g+s+c+m+i+n+md5+acl+selinux+xattrs+ftype+e2fsattrs+caps' (aide.conf:3: '/dir R')

$ aide --config aide.conf --path-check f:/dir/sub/another-file
[ ] f '/dir/sub/another-file': negative rule: '!/dir/sub/(?!file) (none)' (aide.conf:1: '!/dir/sub/(?!file)')

Best regards

Hannes