From c873d5b107e8e93877ff2906a7c3b22e656c18f4 Mon Sep 17 00:00:00 2001 From: Grzegorz Sterniczuk Date: Wed, 27 Jun 2001 10:55:59 +0000 Subject: [PATCH] *** empty log message *** Changed files: aide.conf -> 1.1 --- aide.conf | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 aide.conf diff --git a/aide.conf b/aide.conf new file mode 100644 index 0000000..7733276 --- /dev/null +++ b/aide.conf @@ -0,0 +1,69 @@ +#AIDE conf + +database=file:/var/lib/aide/aide.db +database_out=file:/var/lib/aide/aide.db.new + + # Here are all the things we can check - these are the default rules + # + #p: permissions + #i: inode + #n: number of links + #u: user + #g: group + #s: size + #b: block count + #m: mtime + #a: atime + #c: ctime + #S: check for growing size + #md5: md5 checksum + #sha1: sha1 checksum + #rmd160: rmd160 checksum + #tiger: tiger checksum + #R: p+i+n+u+g+s+m+c+md5 + #L: p+i+n+u+g + #E: Empty group + #>: Growing logfile p+u+g+i+n+S + + # You can alse create custom rules - my home made rule definition goes like this + # +# /etc p+i+u+g #check only permissions, inode, user and group for etc +# /bin MyRule # apply the custom rule to the files in bin +# /sbin MyRule # apply the same custom rule to the files in sbin +# /usr/bin MyRule +# /usr/sbin MyRule +# /var MyRule +# !/var/log/.* # ignore the log dir it changes too often +# !/var/spool/.* # ignore spool dirs as they change too often + +MyRule = p+i+n+u+g+s+b+m+c+md5+sha1 +All=R+a+sha1+rmd160+tiger +Standard=s+p+u+g+c+md5+sha1 +Min=s+p+u+g+c+sha1 +Minetc=s+p+u+g+sha1 + +/boot Standard +/lib Standard +/etc Minetc +/bin Standard +/sbin MyRule +/usr/sbin MyRule +!/usr/tmp +!/usr/local/man/whatis +!/usr/lib/perl5/man/whatis +!/usr/share/man/whatis +!/usr/X11R6/man/whatis +/usr Standard +/usr/local/etc Min +/var Min +/var/lib/rpm Standard +!/var/tmp +!/var/lock +!/var/lost+found +!/var/log +!/var/spool +!/var/run +!/var/account +!/var/lib +!/var/cache +!/var/mail -- 2.44.0