# # AIDE 0.13.1 # # example configuration file # # IMPORTANT NOTE!! PLEASE READ # # This configuration file checks the integrity of the # AIDE package. # # This file is not intended to be used as the primary aide.conf file for # your system. This file is intended to be a showcase for different # features for aide.conf file. # # WRITE YOUR OWN CONFIGURATION FILE AND UNDERSTAND WHAT YOU ARE WRITING # # # Default values for the parameters are in comments before the # corresponding line. # @@define TOPDIR .. @@ifndef TOPDIR @@define TOPDIR / @@endif @@ifdef DEBUG @@define DEBUG ison @@undef NOT_DEBUG @@else @@define NOT_DEBUG true @@undef DEBUG @@endif @@ifhost korppi @@define KORPPI yes @@endif @@ifnhost ftp @@define BUMMER true @@endif # The location of the database to be read. #database=file:aide.db database=file:@@{TOPDIR}/doc/aide.db # The location of the database to be written. #database_out=sql:host:port:database:login_name:passwd:table #database_out=file:aide.db.new database_out=file:aide.db.new # Whether to gzip the output to database # gzip_dbout=no #verbose=5 verbose=20 #report_url=stdout #other possibilities #report_url=stderr #NOT IMPLEMENTED report_url=mailto:root@foo.com #report_url=file:/tmp/some_file.txt #report_url=syslog:LOG_AUTH report_url=stdout # @@{TOPDIR} is replaced with .. when # read by aide. #p: permissions #i: inode #n: number of links #l: link name #u: user #g: group #s: size #b: block count #m: mtime #a: atime #c: ctime #S: check for growing size #I: ignore changed filename #md5: md5 checksum #sha1: sha1 checksum #sha256: sha256 checksum #sha512: sha512 checksum #rmd160: rmd160 checksum #tiger: tiger checksum #haval: haval checksum #crc32: crc32 checksum #R: p+i+l+n+u+g+s+m+c+acl+selinux+xattrs+md5 #L: p+i+l+n+u+g+acl+selinux+xattrs #E: Empty group #>: Growing logfile p+l+u+g+i+n+S+acl+selinux+xattrs #The following are available if you have mhash support enabled: #gost: gost checksum #whirlpool: whirlpool checksum #The following are available when explicitly enabled using configure: #acl: access control list #selinux SELinux security context #xattr: extended file attributes # Rule definition All=R+a+sha1+rmd160+sha256+sha512+whirlpool # report_attributes is a special rule definition # the attributes listed in it are alway displayed for changed files # in the final report #report_attributes = u+g # ignore_list is a special rule definition # the attributes listed in it are not displayed in the # final report, it overrules report_attributes where they conflict #ignore_list = b # Attributes that can be used to verify that aide in intact # by people that have downloaded it from the web. # Let's be paranoid Norm=l+s+n+b+selinux+xattrs+md5+sha1+rmd160+sha256+sha512+whirlpool # The commented rules are just examples the rest are used by # make check #Selection regexp rule @@{TOPDIR}/.* Norm #Equals selection only the directory doc is checked and not it's children #=@@{TOPDIR}/doc L #Negative selection no rule is necessary but ignored if there !@@{TOPDIR}/.*~ !@@{TOPDIR}/src/.*\.o !@@{TOPDIR}/src/(aide|core)$ L !@@{TOPDIR}/.*RCS !@@{TOPDIR}/.*CVS !@@{TOPDIR}/.*aide\.db.* !@@{TOPDIR}/.*\.cvsignore.* # @@{TOPDIR}/doc/.* All