[Aide] LOG >
Richard van den Berg
richard at vdberg.org
Sun Dec 9 00:13:36 EET 2007
Blackburn, Marvin wrote:
> This line is in the aide.conf file. I"m not sure what it means.
The "LOG >" line defines the group "LOG" to contain ">" which in general
means "growing log file".
> I have taken out referenences to selinux in the file but I get the
> following message when it parses the directiories that have this rule.
>
> lgetfilecon_raw failed for /var/log/messages.3:No data available
That makes sense. In aide.c the ">" group is defined as:
p=0LLU;
#ifdef WITH_ACL
p|=DB_ACL;
#endif
#ifdef WITH_SELINUX
p|=DB_SELINUX;
#endif
#ifdef WITH_XATTR
p|=DB_XATTRS;
#endif
do_groupdef(">",DB_PERM|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_SIZEG|
DB_LINKNAME|p);
So DB_SELINUX is included in the ">" group. Don't use ">" or define LOG
as ">" without the selinux bit:
LOG >-selinux
Sincerely,
Richard van den Berg
More information about the Aide
mailing list