[Pkg-aide-maintainers] Bug#387463: making aide vserver aware (audit
guests from the root server)
Christian Thaeter
chth at gmx.net
Thu Sep 14 14:15:41 UTC 2006
Package: aide
Version: 0.11a-4
Severity: wishlist
It would be nice if aide can track files in vservers or similar
chroot-like environments from within the root server.
Adding this functionality is quite trivial:
Example how I did this
first add /etc/aide/aide.conf.d/20_aide_vservers:
#!/bin/sh
echo "@@define VSERVERS $(echo -n '('; for i in $(ls /vservers);\
do echo -n "|vservers/$i/"; done; echo ')')"
which gives something like:
@@define VSERVERS (|vservers/foo/|vservers/bar/)
and then expand @@{VSERVERS} in each pathname regex. example:
# cat /etc/aide/aide.vserver.conf.d/31_aide_adjtime
/@@{VSERVERS}etc/adjtime$ VarFile
executable configuration snippets need some more work, but this simple
scheme works already well.
Christian
More information about the Pkg-aide-maintainers
mailing list