[Pkg-aide-maintainers] Bug#387806: open_dir(): Not a directory: /var/log/syslog

Bob Proulx bob at proulx.com
Sat Sep 16 19:17:56 UTC 2006 

Package: aide
Version: 0.11a-4
Severity: normal

Thank you very much for maintaining the aide package.

In a fresh aide installation of 0.11a-4 I see the following error:

  open_dir(): Not a directory: /var/log/syslog

Also when testing this in a fresh debootstrapped area I noticed that
when syslog is rotated the new files are not handled as expected.

  changed: /var/log/syslog
  added: /var/log/syslog.0

The issue comes from the configuration file:

  /etc/aide/aide.conf.d/31_aide_syslog

This file contains the following configuration:

  /var/log/syslog/(syslog|auth\.log)\.0$ LowLogs
  /var/log/syslog/(syslog|auth\.log)\.1\.gz$ RotatedLogs+ANF
  /var/log/syslog/(syslog|auth\.log)\.[0-9]+\.gz$ RotatedLogs
  /var/log/syslog/(syslog|auth\.log)$ Logs
  /var/log/syslog$ VarDir
  /var/run/(klogd|syslogd)\.pid$ VarFile

But on Debian /var/log/syslog is a file and not a directory and so
this configuration generates an error.  Should /var/log/messages be
handled here too?  I think it should be.  Changing this to the
following resolved the problem for me.

  /var/log/(messages|syslog|auth\.log)\.0$ LowLogs
  /var/log/(messages|syslog|auth\.log)\.1\.gz$ RotatedLogs+ANF
  /var/log/(messages|syslog|auth\.log)\.[0-9]+\.gz$ RotatedLogs
  /var/log/(messages|syslog|auth\.log)$ Logs
  /var/log$ VarDir
  /var/run/(klogd|syslogd)\.pid$ VarFile

Although I am not sure the /var/log$ should be included there.  I
think it would make more sense to have that handled elsewhere.

Thanks
Bob

-- 
Bob Proulx <bob at proulx.com>
http://www.proulx.com/~bob/

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-3-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Also tested on:

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2+1-nfs-p4-smp-64g
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

More information about the Pkg-aide-maintainers mailing list