Axel Rau
2014-12-12 16:42:36 UTC
Hi all,
aide 0.15.1 finds always a difference of 0x800000000 in attributes:
# cat /etc/aide.conf
database=file:/var/db/aide.db
database_out=file:/var/db/aide.db.new
verbose=20
report_url=stdout
All=R+a+sha1+rmd160+sha256+sha512+tiger+whirlpool
=/$ R
/bsd$ L+s+sha256
/etc$ L+s+sha256
=/home$ R
# aide --init
AIDE, version 0.15.1
### AIDE database at /var/db/aide.db.new initialized.
# mv aide.db.new aide.db
# aide --check
Entry /bsd in databases has different attributes: 40000a3d 840000a3d
Entry /etc in databases has different attributes: a3d 800000a3d
Entry /home in databases has different attributes: bbd 800000bbd
AIDE, version 0.15.1
### All files match AIDE database. Looks okay!
# head aide.db
@@begin_db
# This file was generated by Aide, version 0.15.1
# Time of generation was 2014-12-12 18:15:17
@@db_spec name lname attr perm inode uid gid size mtime ctime lcount md5 sha256
/bsd 0 1073744445 100755 10 0 0 10659734 0 0 1 0 A3oAc8UICzihUlOQ7U0yaFX34wRhNaq5XboYP4HwgDE=
/etc 0 2621 40755 285824 0 0 1536 0 0 26 0 0
/home 0 3005 40755 181888 0 0 512 MTQwNzQ3NzQ0NQ== MTQxNjg1Mjk0NA== 2 0 0
@@end_db
This worked with OpenBSD 5.3
Installation is from OpenBSD ports:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/security/aide/
What am I doing wrong?
Please advice,
Axel
---
PGP-Key:29E99DD6 ☀ +49 151 2300 9283 ☀ computing @ chaos claudius
aide 0.15.1 finds always a difference of 0x800000000 in attributes:
# cat /etc/aide.conf
database=file:/var/db/aide.db
database_out=file:/var/db/aide.db.new
verbose=20
report_url=stdout
All=R+a+sha1+rmd160+sha256+sha512+tiger+whirlpool
=/$ R
/bsd$ L+s+sha256
/etc$ L+s+sha256
=/home$ R
# aide --init
AIDE, version 0.15.1
### AIDE database at /var/db/aide.db.new initialized.
# mv aide.db.new aide.db
# aide --check
Entry /bsd in databases has different attributes: 40000a3d 840000a3d
Entry /etc in databases has different attributes: a3d 800000a3d
Entry /home in databases has different attributes: bbd 800000bbd
AIDE, version 0.15.1
### All files match AIDE database. Looks okay!
# head aide.db
@@begin_db
# This file was generated by Aide, version 0.15.1
# Time of generation was 2014-12-12 18:15:17
@@db_spec name lname attr perm inode uid gid size mtime ctime lcount md5 sha256
/bsd 0 1073744445 100755 10 0 0 10659734 0 0 1 0 A3oAc8UICzihUlOQ7U0yaFX34wRhNaq5XboYP4HwgDE=
/etc 0 2621 40755 285824 0 0 1536 0 0 26 0 0
/home 0 3005 40755 181888 0 0 512 MTQwNzQ3NzQ0NQ== MTQxNjg1Mjk0NA== 2 0 0
@@end_db
This worked with OpenBSD 5.3
Installation is from OpenBSD ports:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/security/aide/
What am I doing wrong?
Please advice,
Axel
---
PGP-Key:29E99DD6 ☀ +49 151 2300 9283 ☀ computing @ chaos claudius