[Aide] aide.db ignore/include in initial run?
Marc Haber
mh+aide at zugschlus.de
Wed Apr 12 16:35:09 EEST 2023
On Wed, Apr 12, 2023 at 07:37:05AM -0500, Matt Zagrabelny wrote:
> I looked through the ChangeLog (between 0.17.3 and 0.18.1), but wasn't able
> to identify the option to "do a partly update".
>
> Could you point me in the right direction for the correct config directive?
I think it is a combination of --update and --limit.
> > Why are you wondering about this? Are you planning to roll out a big
> > number of Debian systems using aide?
> >
>
> Exactly. We're not talking about 1000's of servers, but 100's. I'm looking
> to minimize (default) interaction with AIDE and also looking to minimize
> emails - the email stating that /var/lib/aide/aide.db was added does not
> give any real additional insight to the admins. So, it would be nice to
> avoid that email altogether.
What would you think about shipping an aide.db according to your
installation result, making sure that the installation had the intended
effect. The changes done during personalization of the install (machine
ID, IP configuration, hostname etc) could be grandfathered in again with
--update --limit.
Disclaimer: I myself have not gotten around trying --update --limit,
that's why I am so interested to hear other people's experiences.
> Thanks for your time in answering my email and also for all of your
> contributions to Debian and free software.
You're welcome. I appreciate your kind words. Really.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Aide
mailing list