#AIDE conf

database=file:/var/lib/aide/aide.db
database_out=file:/var/lib/aide/aide.db.new
gzip_dbout=no
warn_dead_symlinks=yes

   # Here are all the things we can check - these are the default rules 
   #
   #p:      permissions
   #i:      inode
   #n:      number of links
   #u:      user
   #g:      group
   #s:      size
   #b:      block count
   #m:      mtime
   #a:      atime
   #c:      ctime
   #S:      check for growing size
   #md5:    md5 checksum
   #sha1:   sha1 checksum
   #rmd160: rmd160 checksum
   #tiger:  tiger checksum
   #R:      p+i+n+u+g+s+m+c+md5
   #L:      p+i+n+u+g
   #E:      Empty group
   #>:      Growing logfile p+u+g+i+n+S

   # You can alse create custom rules - my home made rule definition goes like this 
   #
#   /etc p+i+u+g     #check only permissions, inode, user and group for etc
#   /bin MyRule      # apply the custom rule to the files in bin 
#   /sbin MyRule     # apply the same custom rule to the files in sbin 
#   /usr/bin MyRule
#   /usr/sbin MyRule
#   /var MyRule		
#   !/var/log/.*     # ignore the log dir it changes too often
#   !/var/spool/.*   # ignore spool dirs as they change too often
   
MyRule = p+i+n+u+g+s+b+m+c+md5+sha1
All=R+a+sha1+rmd160+tiger
Standard=s+p+u+g+c+md5+sha1
Min=s+p+u+g+c+sha1
Minetc=s+p+u+g+sha1
Exists=p+u+g

/boot Standard  
/lib Standard	  
/etc Minetc
/bin Standard  
/sbin MyRule
/usr/sbin MyRule
!/usr/tmp	 
#!/usr/local/man/whatis
#!/usr/lib/perl5/man/whatis
!/usr/share/man/whatis
!/usr/X11R6/man/whatis
/usr Standard
/usr/local/etc Min
/var Min  
/var/lib Exists
/var/lib/rpm Standard
!/var/lib/aide/aide.db.new$
!/var/tmp  
!/var/lock  
!/var/lost+found  
!/var/log  
!/var/spool		  
!/var/run
!/var/account
!/var/cache
!/var/mail