[Pkg-aide-maintainers] Bug#683957: aide: Squeeze rules update
Bill Wohler
wohler at newt.com
Sun Aug 5 18:27:38 UTC 2012
Package: aide
Version: 0.15.1-2+squeeze1
Severity: normal
Tags: patch
Hi Marc, sorry for the long, long delay. My configuration has finally
settled down under squeeze (just in time for the wheezy release :-( )
and somehow I arrived at your message in my +todo folder.
Here is a patch to my aide.conf.local.d overrides to the
0.15.1-2+squeeze1 version of aide.conf.d. Don't hesitate to ask any
questions if the changes aren't obvious to you.
I've included 30_local so that you have some context and an example for
other changes, particularly 31_aide_apache2. You'll want to ignore other
files such as 30_local_exclude_home as well. You'll probably want the
top half of 31_aide_boinc-client; the bottom half is only applicable if
the user is running SETI at home, but might be a good example nonetheless.
diff -u --exclude .svn --new-file -r aide.conf.d/30_local aide.conf.local.d/30_local
--- aide.conf.d/30_local 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/30_local 2012-08-04 18:35:27.814118388 -0700
@@ -0,0 +1,43 @@
+# Rules expect a non-fully-qualified name. See also FQDN.
+@@define HOSTNAME tassie
+
+# See 31_aide_apache2.
+@@define WEB_SITES_WEEKLY_ROTATION (billwohler|loriheyman|newt)\.com
+
+# See 31_aide_webalizer.
+@@define LOC_WEBSITES @@{WEB_SITES_WEEKLY_ROTATION}
+
+# Local preferences.
+/root$ VarDir
+/root/.emacs.desktop$ VarFile
+
+/tmp$ VarDir-n
+!/tmp/
+
+/var/mail$ VarDir
+!/var/mail/
+
+/var/local/spool/process$ VarFile
+
+/var/local/lib/bogofilter$ VarDir
+/var/local/lib/bogofilter/DB_CONFIG$ VarFile
+/var/local/lib/bogofilter/wordlist.db$ VarFile
+
+/var/local/lib/diane/offset VarFile
+/var/local/lib/diane$ InodeData
+
+!/var/www/newt.com$
+
+# Local preferences for 31_aide_mailman.
+/var/lib/mailman/archives$ VarDir
+!/var/lib/mailman/archives/
+/var/lib/mailman/data$ VarDir
+!/var/lib/mailman/data/
+/var/lib/mailman/lists$ VarDir
+!/var/lib/mailman/lists/
+/var/lib/mailman/qfiles$ VarDir
+!/var/lib/mailman/qfiles/
+/var/lock/mailman$ VarDir
+!/var/lock/mailman/
+
+/var/run/screen/S-wohler/[0-9]+\.pts-[0-9]+\.tassie$ VarFile
diff -u --exclude .svn --new-file -r aide.conf.d/30_local_exclude_home aide.conf.local.d/30_local_exclude_home
--- aide.conf.d/30_local_exclude_home 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/30_local_exclude_home 2012-08-04 18:35:27.822118335 -0700
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+# Exclude home directories of system accounts with uid >= 1000.
+getent passwd | awk -F":" '{ if ($3 >= 1000) {print "!" $6}}'
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_acpid aide.conf.local.d/31_aide_acpid
--- aide.conf.d/31_aide_acpid 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_acpid 2012-08-04 18:35:27.818118296 -0700
@@ -1,6 +1,6 @@
/var/log/acpid$ Log
-/var/log/acpid\.1$ LowLog
+/var/log/acpid\.1\.gz$ LowLog
/var/log/acpid\.2\.gz$ LoSerMemberLog
/var/log/acpid\.3\.gz$ SerMemberLog
/var/log/acpid\.4\.gz$ HiSerMemberLog
-/var/run/acpid\.(socket|pid)$ VarFile
+/var/run/acpid\.socket$ VarFile
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_apache2 aide.conf.local.d/31_aide_apache2
--- aide.conf.d/31_aide_apache2 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_apache2 2012-08-04 18:35:27.814118388 -0700
@@ -3,12 +3,18 @@
@@else
@@define APACHE2_LOGS (access|error)
@@endif
-/var/log/apache2/@@{APACHE2_LOGS}\.log$ Log
-/var/log/apache2/@@{APACHE2_LOGS}\.log\.1$ LowLog
+/var/log/apache2/@@{APACHE2_LOGS}\.log(\.1)?$ LowLog
/var/log/apache2/@@{APACHE2_LOGS}\.log\.2\.gz$ LoSerMemberLog
-/var/log/apache2/@@{APACHE2_LOGS}\.log\.([3-9]|[1-4][0-9]|5[0-1])\.gz$ SerMemberLog
+/var/log/apache2/@@{APACHE2_LOGS}\.log\.(([0-4])?[0-9]|5[01])\.gz$ SerMemberLog
/var/log/apache2/@@{APACHE2_LOGS}\.log\.52\.gz$ HiSerMemberLog
-
/var/run/apache2\.pid$ VarFile
/var/run/apache2/ssl_scache$ VarFile
/var/(log|run)/apache2$ VarDir
+
+@@ifdef LOC_WEBSITES
+/var/log/apache2/@@{LOC_WEBSITES}/@@{APACHE2_LOGS}\.log(\.1)?$ LowLog
+/var/log/apache2/@@{LOC_WEBSITES}/@@{APACHE2_LOGS}\.log\.2\.gz$ LoSerMemberLog
+/var/log/apache2/@@{LOC_WEBSITES}/@@{APACHE2_LOGS}\.log\.(([0-4])?[0-9]|5[01])\.gz$ SerMemberLog
+/var/log/apache2/@@{LOC_WEBSITES}/@@{APACHE2_LOGS}\.log\.52\.gz$ HiSerMemberLog
+/var/log/apache2/@@{LOC_WEBSITES}$ VarDir
+@@endif
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_aptitude aide.conf.local.d/31_aide_aptitude
--- aide.conf.d/31_aide_aptitude 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_aptitude 2012-08-04 18:35:27.818118296 -0700
@@ -1,13 +1,11 @@
-/var/log/aptitude$ Log
-/var/log/aptitude\.1\.gz$ LoSerMemberLog
-/var/log/aptitude\.[2-5]\.gz$ SerMemberLog
-/var/log/aptitude\.6\.gz$ HiSerMemberLog
/var/backups/aptitude\.pkgstates\.0$ LowLog
/var/backups/aptitude\.pkgstates\.1\.gz$ LoSerMemberLog
/var/backups/aptitude\.pkgstates\.[2345]\.gz$ SerMemberLog
/var/backups/aptitude\.pkgstates\.6\.gz$ HiSerMemberLog
-/var/lib/aptitude/pkgstates(\.old)?$ VarFile
-/var/lib/aptitude$ VarDir
-!/var/lock/aptitude$
+/var/lock/aptitude$ VarDir
+/var/log/aptitude(\.1\.gz)?$ LowLog
+/var/log/aptitude\.2\.gz$ LoSerMemberLog
+/var/log/aptitude\.[3-5]\.gz$ SerMemberLog
+/var/log/aptitude\.6\.gz$ HiSerMemberLog
/root/\.(aptitude|debtags)$ VarDir
/root/\.aptitude/config$ VarFile
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_boinc-client aide.conf.local.d/31_aide_boinc-client
--- aide.conf.d/31_aide_boinc-client 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/31_aide_boinc-client 2012-08-04 18:35:27.814118388 -0700
@@ -0,0 +1,23 @@
+/var/lib/boinc-client$ VarDir
+/var/lib/boinc-client/client_state.xml$ VarFile
+/var/lib/boinc-client/client_state_prev.xml$ VarFile
+/var/lib/boinc-client/daily_xfer_history.xml$ VarFile
+/var/lib/boinc-client/do_fp$ VarFile
+/var/lib/boinc-client/get_current_version.xml$ VarFile
+/var/lib/boinc-client/global_prefs.xml$ VarFile
+/var/lib/boinc-client/lookup_website.html$ VarFile
+/var/lib/boinc-client/stderrdae.txt$ VarFile
+/var/lib/boinc-client/stdoutdae.txt$ VarFile
+/var/lib/boinc-client/time_stats_log$ VarFile
+
+# Add rules for your projects.
+/var/lib/boinc-client/job_log_setiathome.berkeley.edu.txt$ VarFile
+/var/lib/boinc-client/master_setiathome.berkeley.edu.xml$ VarFile
+/var/lib/boinc-client/projects/setiathome.berkeley.edu$ VarDir
+/var/lib/boinc-client/projects/setiathome.berkeley.edu/.*$ VarFile+ANF+ARF
+/var/lib/boinc-client/sched_reply_setiathome.berkeley.edu.xml$ VarFile
+/var/lib/boinc-client/sched_request_setiathome.berkeley.edu.xml$ VarFile
+/var/lib/boinc-client/slots/[[:digit:]]+$ VarDir
+/var/lib/boinc-client/slots/[[:digit:]]+/.*$ VarFile+ANF+ARF
+/var/lib/boinc-client/statistics_setiathome.berkeley.edu.xml$ VarFile
+
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_crack aide.conf.local.d/31_aide_crack
--- aide.conf.d/31_aide_crack 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/31_aide_crack 2012-08-04 18:35:27.818118296 -0700
@@ -0,0 +1,3 @@
+/var/cache/cracklib/cracklib_dict.pwi$ Full-m-c
+/var/cache/cracklib/cracklib_dict.hwm$ Full-m-c
+/var/cache/cracklib/cracklib_dict.pwd$ Full-m-c
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_dlocate aide.conf.local.d/31_aide_dlocate
--- aide.conf.d/31_aide_dlocate 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_dlocate 2012-08-04 18:35:27.818118296 -0700
@@ -1,2 +1,2 @@
-/var/lib/dlocate/(dpkg-list|dlocatedb(|\.stamps|\.old))$ VarFile
+/var/lib/dlocate/(dpkg-list|dlocate(db)?(\.old|\.stamps)?)$ VarFile
/var/lib/dlocate$ VarDir
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_dpkg aide.conf.local.d/31_aide_dpkg
--- aide.conf.d/31_aide_dpkg 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_dpkg 2012-08-04 18:35:27.818118296 -0700
@@ -2,9 +2,10 @@
/var/lib/dpkg/status\.yesterday(\.[0-9]*)?(\.gz)?$ VarFile
/var/lib/dpkg/(info|updates|lock)$ VarDir
/var/lib/dpkg$ VarDir
-/var/log/dpkg\.log$ Log
-/var/log/dpkg\.log-[0-9]{8}\.gz$ LowDELog
-/var/log/dpkg\.log-[0-9]{8}$ SerMemberDELog
+/var/log/dpkg\.log(\.1)?$ LowLog
+/var/log/dpkg\.log\.2\.gz$ LoSerMemberLog
+/var/log/dpkg\.log\.([3-9]|10|11)\.gz$ SerMemberLog
+/var/log/dpkg\.log\.12\.gz$ HiSerMemberLog
/var/backups/dpkg\.status\.0$ LowLog
/var/backups/dpkg\.status\.1\.gz$ LoSerMemberLog
/var/backups/dpkg\.status\.[2345]\.gz$ SerMemberLog
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_john aide.conf.local.d/31_aide_john
--- aide.conf.d/31_aide_john 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/31_aide_john 2012-08-04 18:35:27.814118388 -0700
@@ -0,0 +1,12 @@
+!/var/lock/john$
+/var/lib/john/john.pot$ VarFile
+/var/lib/john/restore$ VarFile
+/var/run/john$ VarDir
+/var/run/john/john.pid$ VarFile+ANF+ARF
+/var/run/john/cronpasswd.*$ VarFile+ANF+ARF
+
+# Temporary. See bug #495398.
+/root/.john/john.log$ VarFile
+/root/.john/john.rec$ VarFile
+/root/.john/john.pot$ VarFile
+
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_logcheck aide.conf.local.d/31_aide_logcheck
--- aide.conf.d/31_aide_logcheck 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_logcheck 2012-08-04 18:35:27.818118296 -0700
@@ -1,2 +1,4 @@
-/var/lib/logcheck/offset\.var\.log\.(syslog|auth\.log)$ VarFile
-/var/(lib|lock)/logcheck$ VarDir
+/var/lock/logcheck$ VarDir
+!/var/lock/logcheck/
+/var/lib/logcheck/offset VarFile
+/var/lib/logcheck$ VarDir
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_mailman aide.conf.local.d/31_aide_mailman
--- aide.conf.d/31_aide_mailman 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_mailman 2012-08-04 18:35:27.818118296 -0700
@@ -1,8 +1,7 @@
-# maintained on q
!/var/lib/mailman/data/(bounce-events|heldmsg-[-[:alnum:]]+)-[[:digit:]]+\.pck$
/var/lib/mailman/data$ VarDir
!/var/lib/mailman/archives/private/[-[:alnum:]]+/database/@@{YEAR4D}-[[:alnum:]]+-(author|subject|thread|article|date)$
-!/var/lib/mailman/archives/private/[-[:alnum:]]+/@@{YEAR4D}-[[:alnum:]]+/(author|subject|thread|date|index|[[:digit:]]{5,6})\.html$
+!/var/lib/mailman/archives/private/[-[:alnum:]]+/@@{YEAR4D}-[[:alnum:]]+/(author|subject|thread|date|index|[[:digit:]]{5})\.html$
!/var/lib/mailman/archives/private/[-[:alnum:]]+/@@{YEAR4D}-[[:alnum:]]\.txt(\.gz)?$
!/var/lib/mailman/archives/private/[-[:alnum:]]+/attachments/[[:digit:]]{8}/[[:digit:]]{8}/[[:alnum:]\.]+$
@@ -15,23 +14,22 @@
/var/lock/mailman/master-qrunner(\.[[:alnum:]]+\.[[:digit:]]+)?$ VarFile
/var/lock/mailman$ VarDir
+/var/log/mailman$ VarDir
+
@@define LOGFILES4 (vette|error|bounce|digest)
-/var/log/mailman/@@{LOGFILES4}$ Log
-/var/log/mailman/@@{LOGFILES4}\.1$ LowLog
+/var/log/mailman/@@{LOGFILES4}(\.1)?$ LowLog
/var/log/mailman/@@{LOGFILES4}\.2\.gz$ LoSerMemberLog
/var/log/mailman/@@{LOGFILES4}\.3\.gz$ SerMemberLog
/var/log/mailman/@@{LOGFILES4}\.4\.gz$ HiSerMemberLog
@@define LOGFILES12 (subscribe|post)
-/var/log/mailman/@@{LOGFILES12}$ Log
-/var/log/mailman/@@{LOGFILES12}\.1$ LowLog
+/var/log/mailman/@@{LOGFILES12}(\.1)?$ LowLog
/var/log/mailman/@@{LOGFILES12}\.2\.gz$ LoSerMemberLog
/var/log/mailman/@@{LOGFILES12}\.([3-9]|1[0-1])\.gz$ SerMemberLog
/var/log/mailman/@@{LOGFILES12}\.12\.gz$ HiSerMemberLog
@@define LOGFILES7 (qrunner|fromusenet|locks|smtp(-failure)?)
-/var/log/mailman/@@{LOGFILES7}$ Log
-/var/log/mailman/@@{LOGFILES7}\.1$ LowLog
+/var/log/mailman/@@{LOGFILES7}(\.1)?$ LowLog
/var/log/mailman/@@{LOGFILES7}\.2\.gz$ LoSerMemberLog
/var/log/mailman/@@{LOGFILES7}\.[3-6]\.gz$ SerMemberLog
/var/log/mailman/@@{LOGFILES7}\.7\.gz$ HiSerMemberLog
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_man aide.conf.local.d/31_aide_man
--- aide.conf.d/31_aide_man 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_man 2012-08-04 18:35:27.814118388 -0700
@@ -1,6 +1,5 @@
-/var/cache/man/(cat[123456789]|local|opt|fsstnd|oldlocal|X11R6)$ VarDir
-
@@define LANGS (ca|cs|de(\.UTF-8)?|en|es(\.UTF-8)?|fi|fr(\.(ISO8859-1|UTF-8))?|gl|hu|id|it(\.(ISO8859-1|UTF-8))?|ja(\.UTF-8)?|ko|nl|pl(\.(UTF-8|ISO8859-2))?|pt(_BR)?|ru|sv|tr|vi|zh(_(CH|CN|TW))?)
-/var/cache/man(/@@{LANGS})?/index\.db$ VarFile
/var/cache/man(/@@{LANGS})?$ VarDir
+/var/cache/man(/@@{LANGS})?/index\.db$ VarFile
+/var/cache/man(/@@{LANGS})?/(cat[123456789]|local|opt|fsstnd|oldlocal|X11R6)$ VarDir
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_pop-before-smtp aide.conf.local.d/31_aide_pop-before-smtp
--- aide.conf.d/31_aide_pop-before-smtp 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/31_aide_pop-before-smtp 2012-08-04 18:35:27.818118296 -0700
@@ -0,0 +1 @@
+/var/lib/pop-before-smtp/hosts.db$ VarFile
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_postfix aide.conf.local.d/31_aide_postfix
--- aide.conf.d/31_aide_postfix 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/31_aide_postfix 2012-08-04 18:35:27.814118388 -0700
@@ -0,0 +1,4 @@
+/var/lib/postfix/prng_exch VarFile
+/var/lib/postfix/smtpd_scache.db VarFile
+/var/spool/postfix$ VarDir
+!/var/spool/postfix/
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_rsyslog aide.conf.local.d/31_aide_rsyslog
--- aide.conf.d/31_aide_rsyslog 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_rsyslog 2012-08-04 20:28:06.974118983 -0700
@@ -1,12 +1,10 @@
@@define LOGFILES7R (syslog)
-/var/log/@@{LOGFILES7R}$ Log
-/var/log/@@{LOGFILES7R}\.1$ LowLog
+/var/log/@@{LOGFILES7R}(\.1)?$ LowLog
/var/log/@@{LOGFILES7R}\.2\.gz$ LoSerMemberLog
/var/log/@@{LOGFILES7R}\.[3-6]\.gz$ SerMemberLog
/var/log/@@{LOGFILES7R}\.7\.gz$ HiSerMemberLog
@@define LOGFILES4R (messages|debug|(cron|lpr|auth|daemon|kern|user)\.log|mail\.(log|err|warn|info))
-/var/log/@@{LOGFILES4R}$ Log
-/var/log/@@{LOGFILES4R}\.1$ LowLog
+/var/log/@@{LOGFILES4R}(\.1)?$ LowLog
/var/log/@@{LOGFILES4R}\.2\.gz$ LoSerMemberLog
/var/log/@@{LOGFILES4R}\.3\.gz$ SerMemberLog
/var/log/@@{LOGFILES4R}\.4\.gz$ HiSerMemberLog
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_shorewall aide.conf.local.d/31_aide_shorewall
--- aide.conf.d/31_aide_shorewall 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/31_aide_shorewall 2012-08-04 18:35:27.814118388 -0700
@@ -0,0 +1,5 @@
+/var/log/shorewall-init.log(\.0)?$ LowLog
+/var/log/shorewall-init.log\.1\.gz$ LoSerMemberLog
+/var/log/shorewall-init.log\.[23]\.gz$ SerMemberLog
+/var/log/shorewall-init.log\.4\.gz$ HiSerMemberLog
+
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_tinyproxy aide.conf.local.d/31_aide_tinyproxy
--- aide.conf.d/31_aide_tinyproxy 1969-12-31 16:00:00.000000000 -0800
+++ aide.conf.local.d/31_aide_tinyproxy 2012-08-04 18:35:27.822118335 -0700
@@ -0,0 +1,7 @@
+/var/log/tinyproxy$ VarDir
+/var/log/tinyproxy/tinyproxy\.log$ LowLog
+/var/log/tinyproxy/tinyproxy\.log\.1\.gz$ LoSerMemberLog
+/var/log/tinyproxy/tinyproxy\.log\.([2-9]|1[0-3])\.gz$ SerMemberLog
+/var/log/tinyproxy/tinyproxy\.log\.14\.gz$ HiSerMemberLog
+/var/run/tinyproxy$ VarDir
+/var/run/tinyproxy/tinyproxy.pid$ VarFile
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_webalizer aide.conf.local.d/31_aide_webalizer
--- aide.conf.d/31_aide_webalizer 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_webalizer 2012-08-04 18:35:27.818118296 -0700
@@ -1,6 +1,10 @@
#@@define LOC_WEBSITES (www\.a\.example|www\.b\.example)
@@ifdef LOC_WEBSITES
-@@define LOC_WEBALIZERFILES (index\.html|usage\.png|webalizer\.(hist|current)|(ctry|daily|hourly)_usage_@@{YEAR4D}(0[1-9]|1[0-2])\.png|usage_@@YEAR4D(0[1-9]|1[0-2])\.html)
+@@define LOC_WEBSITE_ROOT /var/www
+@@define LOC_WEBALIZER_DIR stats
+@@define LOC_WEBALIZERFILES (index\.html|usage\.png|webalizer\.(hist|current)|(ctry|daily|hourly)_usage_@@{YEAR4D}(0[1-9]|1[0-2])\.png|usage_@@{YEAR4D}(0[1-9]|1[0-2])\.html)
-/var/www/@@{LOC_WEBSITES}/stats/@@{LOC_WEBALIZERFILES}$ VarFile
+@@{LOC_WEBSITE_ROOT}/@@{LOC_WEBSITES}/@@{LOC_WEBALIZER_DIR}/@@{LOC_WEBALIZERFILES}$ VarFile
+
+/var/lib/webalizer/dns_cache.db$ VarFile
@@endif
diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_wtmp aide.conf.local.d/31_aide_wtmp
--- aide.conf.d/31_aide_wtmp 2011-04-11 09:55:31.000000000 -0700
+++ aide.conf.local.d/31_aide_wtmp 2012-08-04 18:35:27.822118335 -0700
@@ -1,5 +1,2 @@
-/var/log/wtmp$ Log
-/var/log/wtmp\.1$ LowLog
-/var/log/wtmp\.2\.gz$ LoSerMemberLog
-/var/log/wtmp\.[345]+\.gz$ SerMemberLog
-/var/log/wtmp\.6\.gz$ HiSerMemberLog
+/var/log/wtmp(\.1)?$ LowLog
+/var/log/btmp(\.1)?$ LowLog
Marc Haber <mh+debian-packages at zugschlus.de> wrote:
> On Sat, Nov 24, 2007 at 08:04:54PM -0800, Bill Wohler wrote:
> > As you noticed from a previous email, I'm finally working on aide again.
>
> Good! And I apologize for not getting back to you earlier.
>
> > Marc Haber <mh+debian-packages at zugschlus.de> wrote:
> > > Care to submit your rules for inclusion in the aide packages?
> >
> > I will be glad to do so once I stop editing them :-).
>
> Great! Looking forward!
>
> > I've just installed 0.13.1-8 with apt-get source. Unfortunately, as
> > reported in #442214, I always get the following report:
> >
> > removed: /var/log/aide/aide.log.6.gz
> >
> > Once that message goes away, I'll be able to determine if this upgrade
> > closed this issue for me.
>
> Try changing /etc/aide/aide.conf.d/31_aide_aide to read:
> /var/log/aide/aide\.log(\.0)?$ LowLogs
> /var/log/aide/aide\.log\.1\.gz$ RotatedLogs+ANF
> /var/log/aide/aide\.log\.[2345]\.gz$ RotatedLogs
> /var/log/aide/aide\.log\.6\.gz$ RotatedLogs+ARF
>
> Maybe this changes things (see also my answer and test case appended
> to #442214). However, even the original rule seems to work for me. So
> let's find a minimal test case to be able to pin down the issue.
>
> Greetings
> Marc
>
> --
> -----------------------------------------------------------------------------
> Marc Haber | "I don't trust Computers. They | Mailadresse im Header
> Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
> Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
>
-- System Information:
Debian Release: 6.0.5
APT prefers stable
APT policy: (600, 'stable'), (500, 'stable-updates'), (90, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/bash
--
Bill Wohler <wohler at newt.com> aka <Bill.Wohler at nasa.gov>
http://www.newt.com/wohler/
GnuPG ID:610BD9AD
More information about the Pkg-aide-maintainers
mailing list