]>
Commit | Line | Data |
---|---|---|
c873d5b1 GS |
1 | #AIDE conf |
2 | ||
3 | database=file:/var/lib/aide/aide.db | |
4 | database_out=file:/var/lib/aide/aide.db.new | |
5 | ||
6 | # Here are all the things we can check - these are the default rules | |
7 | # | |
8 | #p: permissions | |
9 | #i: inode | |
10 | #n: number of links | |
11 | #u: user | |
12 | #g: group | |
13 | #s: size | |
14 | #b: block count | |
15 | #m: mtime | |
16 | #a: atime | |
17 | #c: ctime | |
18 | #S: check for growing size | |
19 | #md5: md5 checksum | |
20 | #sha1: sha1 checksum | |
21 | #rmd160: rmd160 checksum | |
22 | #tiger: tiger checksum | |
23 | #R: p+i+n+u+g+s+m+c+md5 | |
24 | #L: p+i+n+u+g | |
25 | #E: Empty group | |
26 | #>: Growing logfile p+u+g+i+n+S | |
27 | ||
28 | # You can alse create custom rules - my home made rule definition goes like this | |
29 | # | |
30 | # /etc p+i+u+g #check only permissions, inode, user and group for etc | |
31 | # /bin MyRule # apply the custom rule to the files in bin | |
32 | # /sbin MyRule # apply the same custom rule to the files in sbin | |
33 | # /usr/bin MyRule | |
34 | # /usr/sbin MyRule | |
35 | # /var MyRule | |
36 | # !/var/log/.* # ignore the log dir it changes too often | |
37 | # !/var/spool/.* # ignore spool dirs as they change too often | |
38 | ||
39 | MyRule = p+i+n+u+g+s+b+m+c+md5+sha1 | |
40 | All=R+a+sha1+rmd160+tiger | |
41 | Standard=s+p+u+g+c+md5+sha1 | |
42 | Min=s+p+u+g+c+sha1 | |
43 | Minetc=s+p+u+g+sha1 | |
44 | ||
45 | /boot Standard | |
46 | /lib Standard | |
47 | /etc Minetc | |
48 | /bin Standard | |
49 | /sbin MyRule | |
50 | /usr/sbin MyRule | |
51 | !/usr/tmp | |
52 | !/usr/local/man/whatis | |
53 | !/usr/lib/perl5/man/whatis | |
54 | !/usr/share/man/whatis | |
55 | !/usr/X11R6/man/whatis | |
56 | /usr Standard | |
57 | /usr/local/etc Min | |
58 | /var Min | |
59 | /var/lib/rpm Standard | |
60 | !/var/tmp | |
61 | !/var/lock | |
62 | !/var/lost+found | |
63 | !/var/log | |
64 | !/var/spool | |
65 | !/var/run | |
66 | !/var/account | |
67 | !/var/lib | |
68 | !/var/cache | |
69 | !/var/mail |