<div dir="ltr"><div class="gmail_default" style="font-size:small;color:#000000"><div dir="ltr" style="color:rgb(34,34,34)"><div class="gmail_default" style="color:rgb(0,0,0)">Thanks, your response did help; hence, As closure of this thread, I've decided to share how I got all this to work on CentOS7, but should (could) also work on RHEL, Fedora and Oracle Linux. </div><div class="gmail_default" style="color:rgb(0,0,0)"><br></div><div class="gmail_default" style="color:rgb(0,0,0)">Admin Notes:- </div><div class="gmail_default" style="color:rgb(0,0,0)"><br></div><div class="gmail_default" style="color:rgb(0,0,0)">I did get acl attribute to work but still could NOT get xattr attribute to be accepted in aide.conf; (work around towards success - removed xattr from aide.conf).</div><div class="gmail_default" style="color:rgb(0,0,0)">I also checked config.log and I can see that support check for xattr resulted as "yes". </div><div class="gmail_default" style="color:rgb(0,0,0)"><br></div><div class="gmail_default" style="color:rgb(0,0,0)">Step1: Install all dependencies - (beign way over greedy here; but depending on your system's current state, you might already have some of these installed, in that case yum will anyway ignore that package from the list. Just in case you still see errors, review config.log and resolve it)</div><div class="gmail_default" style="color:rgb(0,0,0)"><br></div><div class="gmail_default" style="color:rgb(0,0,0)"><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;font-family:"Courier New";color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures">sudo yum install -y bison flex pcre pcre-devel.x86_64 zlib zlib-devel.x86_64 libgcrypt-devel.x86_64 libgcrypt.x86_64 mhash-devel.x86_64 libcryptui-devel.x86_64 gettext-0.19.8.1-2.el7.x86_64 </span><span style="font-variant-ligatures:no-common-ligatures">glibc glibc-devel </span><span style="font-variant-ligatures:no-common-ligatures">glibc-static </span><span style="font-variant-ligatures:no-common-ligatures">libacl libacl-devel </span><span style="font-variant-ligatures:no-common-ligatures">libselinux libselinux-devel </span></p></div></div><div class="gmail_default"></div><div class="gmail_default">Step2: ran configure script with these options -</div><div class="gmail_default"><br></div><div class="gmail_default"><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;font-family:"Courier New";color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures">./configure --with-zlib --with-posix-acl --with-xattr --without-mhash --with-selinux --disable-static --with-gcrypt</span></p></div><div style="color:rgb(34,34,34)"><br></div><div style="color:rgb(34,34,34)"><div class="gmail_default" style="color:rgb(0,0,0)">Step3: make (if make throws fatal or ld errors, It'd be good to resolve and rerun make, before "make install").</div><div class="gmail_default" style="color:rgb(0,0,0)">Step4: "sudo make install"</div><div class="gmail_default" style="color:rgb(0,0,0)"><br></div><div class="gmail_default" style="color:rgb(0,0,0)">Validations:-</div><div class="gmail_default" style="color:rgb(0,0,0)">Step5: aide --version</div><div class="gmail_default" style="color:rgb(0,0,0)">Step6: "sudo aide --init" (assumption : you already have a valid aide.conf present at the path listed for CONFIG in above command"</div><div class="gmail_default" style="color:rgb(0,0,0)">Step7: Rename aide.db.new file to aide.db </div><div class="gmail_default" style="color:rgb(0,0,0)">Step8: Make a change in a directory which is monitored under aide.conf</div><div class="gmail_default" style="color:rgb(0,0,0)">Step9: "sudo aide --check"</div><div class="gmail_default" style="color:rgb(0,0,0)"><br></div><div class="gmail_default" style="color:rgb(0,0,0)">Review results - job done. </div><div class="gmail_default" style="color:rgb(0,0,0)"><br></div><div class="gmail_default" style="color:rgb(0,0,0)">Thanks again Richard.</div><div class="gmail_default" style="color:rgb(0,0,0)"><br></div><div class="gmail_default" style="color:rgb(0,0,0)">Regards,</div><div class="gmail_default" style="color:rgb(0,0,0)">Nutan</div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, 19 Jan 2020 at 01:34, Nutan Vishwakarma <<a href="mailto:nutan.vishwakarma@gmail.com">nutan.vishwakarma@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi,<br><br>Sorry, this took way too long to get back. Here is what I was trying to do and get an error with attribute "acl" when I use it against a directory.<br><br>I am trying to test latest available version of aide, on CentOS 7 and not all dependencies are available via yum, so I installed a few manually in non standard paths.<br><br><i><font face="times new roman, serif">sudo yum install -y bison flex pcre-devel.x86_64 zlib-devel.x86_64 libgcrypt-devel.x86_64 libgcrypt.x86_64 mhash-devel.x86_64 libcryptui-devel.x86_64 gettext-0.19.8.1-2.el7.x86_64<br>./configure --with-zlib=/home/nutan/aide/zlib-1.2.11/ --disable-static</font></i><br><br><br>Configure script succeeded when ran with zlib (resolve libz requirement) and disabled static.<br>aide is now running -<br><br><i><font face="times new roman, serif">[nutan@aide aide-0.16.2]$ aide --version<br>Aide 0.16.2<br>Compiled with the following options:<br>WITH_MMAP<br>WITH_PCRE<br>WITH_LSTAT64<br>WITH_READDIR64<br>WITH_MHASH<br>CONFIG_FILE = "/usr/local/etc/aide.conf"<br>[nutan@aide aide-0.16.2]$ </font></i><br><br><br>NOW, the problem area -<br><br>I created a aide.conf file and add following to it -<br><br>





<blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>[nutan@aide rtest]$ sudo more /usr/local/etc/aide.conf</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>database=file:/var/lib/aide/aide.db</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>database_out=file:/var/lib/aide/aide.db.new</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>database_new=file:/var/lib/aide/aide.db.new</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>gzip_dbout=yes</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72);min-height:20px"><font face="times new roman, serif"><i><br></i></font></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>summarize_changes=no</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72);min-height:20px"><font face="times new roman, serif"><i><br></i></font></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>grouped=yes</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72);min-height:20px"><font face="times new roman, serif"><i><br></i></font></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>verbose = 10</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72);min-height:20px"><font face="times new roman, serif"><i><br></i></font></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>report_base16 = no</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72);min-height:20px"><font face="times new roman, serif"><i><br></i></font></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>Checksums = sha512+tiger</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72);min-height:20px"><font face="times new roman, serif"><i><br></i></font></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i># The checksums of the databases to be printed in the report</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i># Set to 'E' to disable.</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>database_attrs = Checksums</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72);min-height:20px"><font face="times new roman, serif"><i><br></i></font></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i># check test direcotry<span> </span></i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>/home/nutan/aide/rtest p+n+u+g+s+acl+selinux+xattrs+md5+sha256+sha512</i></font></span></p><p style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:18px;line-height:normal;color:rgb(46,255,18);background-color:rgba(0,0,0,0.72)"><span style="font-variant-ligatures:no-common-ligatures"><font face="times new roman, serif"><i>[nutan@aide rtest]$<span> </span></i></font></span></p></blockquote>


<br>when "aide --init" is run, then I see error of expression.<br><br><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">[nutan@aide rtest]$ aide --init<br>Gzip-support not compiled in.<br>21:Error in expression:acl<br>Configuration error<br>[nutan@aide rtest]$ </blockquote><div><br></div><div class="gmail_default" style="font-size:small;color:rgb(0,0,0)">If I remove "acl" from attributes list, then I see same error for xattrs. When I remove xattrs too, I get aide to initialize for the first time as expected.</div><div class="gmail_default" style="font-size:small;color:rgb(0,0,0)"><br></div><div class="gmail_default" style="font-size:small;color:rgb(0,0,0)">Is this because of build steps?? I'll atleast need acl to be part of the attributes list.</div><div class="gmail_default" style="font-size:small;color:rgb(0,0,0)"><br></div><div class="gmail_default" style="font-size:small;color:rgb(0,0,0)">Help Please...!!</div><br><br><div class="gmail_default" style="font-size:small;color:rgb(0,0,0)">Thanks,</div><div class="gmail_default" style="font-size:small;color:rgb(0,0,0)">Nutan</div><br>On Tue, 12 Nov 2019 at 10:59, Nutan Vishwakarma <<a href="mailto:nutan.vishwakarma@gmail.com" target="_blank">nutan.vishwakarma@gmail.com</a>> wrote:<br>><br>><br>>> Hi,<br>>><br>>> I compiled aide-0.16.2 which these options -<br>>><br>>> ./configure --with-zlib=/home/nutan/zlib-1.2.11/ --disable-static<br>>><br>>><br>>> and it compiled well, but at the time of aide --init or --check, I get error for using gzip_dbout=yes and AUDIT = p+u+g+sha512+acl<br>>> in my aide.conf file. <br>>><br>>> When I check version, it does not show WITH_ZLIB -<br>>><br>>> Aide 0.16.2<br>>><br>>><br>>> Compiled with the following options:<br>>><br>>><br>>> WITH_MMAP<br>>><br>>> WITH_PCRE<br>>><br>>> WITH_LSTAT64<br>>><br>>> WITH_READDIR64<br>>><br>>> WITH_MHASH<br>>><br>>> CONFIG_FILE = "/usr/local/etc/aide.conf"<br>>><br>>><br>>><br>>> Any idea what could be going wrong ? I also need to get "acl" working.<br>>><br>>> thanks,<br>>> Nutan<br>>><br><br><br>-- <br>Er Nutan Vishwakarma<br>Mob: 07893212071<br>P<br> Please consider your environmental responsibility:<br>Before printing this e-mail, ask yourself whether you need a hard copy.<br>GO GREEN.....I am Doing my BIT.<br></div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><span style="font-family:"Trebuchet MS";color:rgb(0,0,255);font-size:13px"><span style="font-family:Webdings;color:green;font-size:24pt"><b>
<div><span style="font-size:small"><font face="georgia, serif"><font color="#000066">Er Nutan Vishwakarma</font></font></span></div>
<div><span style="font-size:small"><font face="tahoma, sans-serif"><font color="#000066">Mob: 07893212071</font></font></span></div>
<div><span style="font-size:small"></span>P</div></b></span><span style="color:blue"><font size="1"> </font></span><span style="font-family:"Book Antiqua",serif;color:green"><font size="1">Please consider your environmental responsibility:<br>Before printing this e-mail, ask yourself whether you need a hard copy.</font></span></span><br><font face="georgia, serif"><font color="#006600">GO GREEN.....I am Doing my BIT.</font></font><br><br></div>