aide-tracker Mailing List for aide (Page 2)
Brought to you by:
hvhaugwitz,
rvdb
This list is closed, nobody may subscribe to it.
2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(10) |
Dec
(4) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2004 |
Jan
|
Feb
(2) |
Mar
(4) |
Apr
(5) |
May
(1) |
Jun
(3) |
Jul
(2) |
Aug
(4) |
Sep
(2) |
Oct
(1) |
Nov
(2) |
Dec
(1) |
2005 |
Jan
(3) |
Feb
(5) |
Mar
(4) |
Apr
(6) |
May
|
Jun
(1) |
Jul
(1) |
Aug
(4) |
Sep
(1) |
Oct
(9) |
Nov
(1) |
Dec
|
2006 |
Jan
(1) |
Feb
(7) |
Mar
(9) |
Apr
(4) |
May
(2) |
Jun
(1) |
Jul
(1) |
Aug
|
Sep
(1) |
Oct
(3) |
Nov
(2) |
Dec
(1) |
2007 |
Jan
(2) |
Feb
(2) |
Mar
(3) |
Apr
(1) |
May
(2) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2008 |
Jan
(1) |
Feb
|
Mar
(1) |
Apr
(2) |
May
|
Jun
|
Jul
(2) |
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
2009 |
Jan
|
Feb
|
Mar
(1) |
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(4) |
Nov
(1) |
Dec
(2) |
2010 |
Jan
|
Feb
|
Mar
(3) |
Apr
(1) |
May
(1) |
Jun
(1) |
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
(1) |
Dec
(1) |
2011 |
Jan
(1) |
Feb
|
Mar
(1) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
2012 |
Jan
(1) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(2) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
From: SourceForge.net <no...@so...> - 2008-09-10 11:20:40
|
Feature Requests item #2103586, was opened at 2008-09-10 11:20 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=2103586&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Priority: 5 Private: No Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: Prelude-IDS integration/support Initial Comment: It will be great if AIDE would support Prelude-IDS via libprelude library. As Samhain does. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=2103586&group_id=86976 |
From: SourceForge.net <no...@so...> - 2008-07-11 21:43:08
|
Bugs item #2016353, was opened at 2008-07-11 14:43 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=2016353&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Compiling aide Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Patrick Horgan (phorgan1) Assigned to: Nobody/Anonymous (nobody) Summary: aclocal.sh fails to verify version correctly Initial Comment: As an example, I have automake 1.10.1, and automake.sh requires 1.7. In the check_version() function awk compares 1.7 and 1.10.1 and figures, reasonably, yet incorrectly, that 1.7 is greater than 1.1 and I don't have the prerequisite. To fix this, you need awk to split 1.7 into 1 and 7, and 1.10.1 into 1 and 10 and 1 and for the length of the shorter compare them. i.e. compare 1 and 1, then 7 and 10. If the required version is ever greater then you fail. If they compare equal for the shorter length, then the if the requirement is longer than the actual you have to fail. Here's a version I typed to to make it work for me. Feel free to use it if you wish. with this all these would work required actual success? 1.7 1.10.1 Y 1.10 1.10.1 Y 1.10.1 1.10.1 Y 1.10.2 1.10.1 N 1.10.1.1 1.10.1 N function check_version() { if $1 --version | awk 'NR==1 { \ size_needed=split('$2',needed,".");\ size_got=split($NF,got,".");\ if(size_needed<size_got)\ n=size_needed;\ else;\ n=size_got;\ theyareequal=0;\ for(i=1;i <=n;++i){\ if(needed[i]!=got[i])\ theyareequal=1;\ if(needed[i]>got[i])\ exit 1;\ } if(theyareequal && size_needed > size_got)\ exit 1;\ exit 0;\ }' ; then return 0; fi return 1; } ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=2016353&group_id=86976 |
From: SourceForge.net <no...@so...> - 2008-07-05 20:40:07
|
Bugs item #2011411, was opened at 2008-07-05 15:40 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=2011411&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Compiling aide Group: 0.13 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Jon Schewe (jpschewe) Assigned to: Nobody/Anonymous (nobody) Summary: configure doesn't check flags quite right Initial Comment: It seems that openSUSE 11.0 comes with a broken aide, mostly their fault, but aide's configure script could have caught it. Turns out openSUSE ran configure with --with-dbhmactype=md5 and --enable-forced_dbmd, but didn't specify --with-dbhmackey. This ends up creating an aide binary that, as far as I can tell, is useless because it requires a signature on the database, but doesn't create a signature for the database. It would be good if the configure script caught this and threw an error. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=2011411&group_id=86976 |
From: SourceForge.net <no...@so...> - 2008-04-17 07:50:23
|
Bugs item #1944700, was opened at 2008-04-17 09:50 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1944700&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Marc Haber (zugschlus) Assigned to: Nobody/Anonymous (nobody) Summary: Cosmetics in "Error in selective regexp" message Initial Comment: Hi, Error in selective regexp:/etc/amanda/DailySet1/oldlog/log\.@@{YEAR4D][0-9]{4}\.0$Error in selective regexp:/srv/amanda/scy001/log/oldlog/log\.@@{YEAR4D][0-9]{4}\.0$ There should be a space after the ":", and the trailing \n seems to be missing. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1944700&group_id=86976 |
From: SourceForge.net <no...@so...> - 2008-04-16 19:48:19
|
Bugs item #1944322, was opened at 2008-04-16 12:48 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1944322&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Using aide Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: AIDE 0.13.1 looks for "xattrs", man page says use "xattr" Initial Comment: The man page for aide.conf says to use "xattr" for extended attributes if they are enabled in aide. However, aide 0.13.1 looks for "xattrs" in the configuration file (aide.c:365), and not "xattr". ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1944322&group_id=86976 |
From: SourceForge.net <no...@so...> - 2008-03-05 18:47:24
|
Bugs item #1908217, was opened at 2008-03-05 19:47 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1908217&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: 0.13 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Marc Haber (zugschlus) Assigned to: Nobody/Anonymous (nobody) Summary: aide.conf man page missing "b: block count" Initial Comment: Hi, the aide.conf man page is missing the explanation for "b", which would be "block count". Thanks to Francois Gouget for filing this bug with Debian (#469503). Greetings Marc ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1908217&group_id=86976 |
From: SourceForge.net <no...@so...> - 2008-01-18 13:33:34
|
Bugs item #1874643, was opened at 2008-01-18 14:33 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1874643&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Initialization of aide.db Group: 0.13 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Marc Haber (zugschlus) Assigned to: Nobody/Anonymous (nobody) Summary: SIGBUS on sparc64 Initial Comment: Hi, this is Debian Bug #152203, which is ancient, but seems to be reproduced on today's systems. See http://bugs.debian.org/152203: Hello Everytime I execute "aide --init" on sparc64 aide is killed by a SIGBUS. It seams this happens the first time, it tries to write real data to aide.db.new. Original bug reporter writes: Here are the last lines of "aide --init --verbose=255": | Checking /var/lib/xdm for match | File /var/lib/xdm does not match | db_init 0 | Opening file "/var/lib/aide/aide.db.new" for w+ | db_out is nonnull /var/lib/aide/aide.db.new | Caught SIGBUS/SIGSEGV | Caught SIGBUS/SEGV. Exiting | Aborted aide.db.new remains as a 10 Bytes large file. And here is the backtrace: | #0 0x0003a77c in md_enable () | #1 0x0003a7f8 in gcry_md_enable () | #2 0x0001e524 in do_md (file_lst=0xfd6f8, conf=0xfa098) at do_md.c:142 | #3 0x00024124 in main (argc=2, argv=0xeffffd64) at aide.c:406 Maybe a problem with libmhash2? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1874643&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-05-25 16:13:10
|
Bugs item #1725719, was opened at 2007-05-25 12:13 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1725719&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Robby Griffin (alierak) Assigned to: Nobody/Anonymous (nobody) Summary: @@else doesn't work Initial Comment: It looks like processing of @@else is not fully implemented in aide 0.13.1. There are two logical cases for how @@else should be handled: 1. When handle_endif() is called with doit = 1; e.g., "@@undef FOO ... @@ifdef FOO", the conditional test has failed. In this case, we should skip input up to the @@else and continue processing. This is implemented. 2. When handle_endif() is called with doit = 0; e.g., "@define FOO bar ... @@ifdef FOO", the conditional test has passed. In this case, we should process everything up to @@else, then skip everything from @@else to @@endif. This is not implemented. What happens instead is that we process everything on both sides of the @@else (see also bug #1461215). I'm unfamiliar enough with lex / yacc that I don't see immediately how to fix this. Point me in the right direction and I may be able to work on it, though. A workaround for anyone maintaining aide.conf files: Replace: @@ifdef FOO ... @@else ... @@endif with: @@ifdef FOO ... @@endif @@ifndef FOO ... @@endif So, in fact, direct replacement of @@else with @@endif and the opposite conditional test might turn out to be a useful trick for the parser itself to do. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1725719&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-05-06 23:13:43
|
Bugs item #1713957, was opened at 2007-05-07 01:13 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1713957&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Compiling aide Group: 0.13 Status: Open Resolution: None Priority: 5 Private: No Submitted By: filippo_zeus (filippo_zeus) Assigned to: Nobody/Anonymous (nobody) Summary: Mac OS X (10.4.9-PPC) - make error Initial Comment: Hi, make fails when built on Mac OS X 10.4.9 PPC with Xcode 2.4.1 (gcc version 4.0.1 (Apple Computer, Inc. build 5367)) I'm tryng to build as dynamic 'cause os x not support static linking Here are the logs: [zeus80@lifeware ~/aide-0.13.1] % ./configure --disable-static checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for gawk... no checking for mawk... no checking for nawk... no checking for awk... awk checking whether make sets $(MAKE)... yes checking for gcc... gcc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking for style of include used by make... GNU checking dependency style of gcc... gcc3 checking whether make sets $(MAKE)... (cached) yes checking for ranlib... ranlib checking for bison... bison -y checking for flex... flex checking lex output file root... lex.yy checking lex library... -lfl checking whether yytext is a pointer... yes checking for pkg-config... no checking whether to enable maintainer-specific portions of Makefiles... no checking for library containing syslog... none required checking for vsyslog... yes checking how to run the C preprocessor... gcc -E checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking whether byte ordering is bigendian... yes checking for byte... no checking for ushort... yes checking for ulong... no checking for u16... no checking for u32... no checking for u64... no checking for unsigned short... yes checking size of unsigned short... 2 checking for unsigned int... yes checking size of unsigned int... 4 checking for unsigned long... yes checking size of unsigned long... 4 checking for unsigned long long... yes checking size of unsigned long long... 8 checking for ANSI C header files... (cached) yes checking for strtoll... yes checking for strtoimax... yes checking for readdir... yes checking args to readdir_r... POSIX checking for stricmp... no checking for strnstr... yes checking for strnlen... no checking for mmap... yes checking for fcntl... yes checking for ftruncate... yes checking for posix_fadvice... no checking for snprintf... yes checking for vsnprintf... yes checking for ISO C99 compliant snprintf... yes checking for ISO C99 compliant vsnprintf... yes checking for open/O_NOATIME... no checking syslog.h usability... yes checking syslog.h presence... yes checking for syslog.h... yes checking for inttypes.h... (cached) yes checking fcntl.h usability... yes checking fcntl.h presence... yes checking for fcntl.h... yes checking for sun-acl-support... no checking for posix-acl-support... no checking for selinux-support... no checking for xattr-support... no checking for lstat64... no checking for LFS ino_t... ino_t checking for LFS dirent... dirent checking zlib.h usability... yes checking zlib.h presence... yes checking for zlib.h... yes checking for gzdopen in -lz... yes checking for regexec... yes checking for regcomp... yes checking for mhash_get_block_size in -lmhash... yes checking for crypt in -lc... yes checking for PostgresSQL support... no configure: creating ./config.status config.status: creating Makefile config.status: creating src/Makefile config.status: creating doc/Makefile config.status: creating doc/aide.conf config.status: creating doc/aide.1 config.status: creating doc/aide.conf.5 config.status: creating aide.spec config.status: creating config.h config.status: executing depfiles commands [zeus80@lifeware ~/aide-0.13.1] % make make all-recursive Making all in src bison -y -d -p conf -o conf_yacc.c ../src/conf_yacc.y if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../include -g -O2 -g -O2 -MT conf_yacc.o -MD -MP -MF ".deps/conf_yacc.Tpo" \ -c -o conf_yacc.o `test -f 'conf_yacc.c' || echo './'`conf_yacc.c; \ then mv -f ".deps/conf_yacc.Tpo" ".deps/conf_yacc.Po"; \ else rm -f ".deps/conf_yacc.Tpo"; exit 1; \ fi In file included from ../include/report.h:26, from ../include/aide.h:24, from ../src/conf_yacc.y:21: ../include/db_config.h:86:19: error: mhash.h: No such file or directory In file included from ../include/report.h:26, from ../include/aide.h:24, from ../src/conf_yacc.y:21: ../include/db_config.h:283: error: parse error before 'MHASH' ../include/db_config.h:283: warning: no semicolon at end of struct or union ../include/db_config.h:284: warning: data definition has no type or storage class ../include/db_config.h:287: error: parse error before 'dbhmactype' ../include/db_config.h:287: warning: data definition has no type or storage class ../include/db_config.h:288: error: parse error before 'dbnewmd' ../include/db_config.h:288: warning: data definition has no type or storage class ../include/db_config.h:289: error: parse error before 'dboldmd' ../include/db_config.h:289: warning: data definition has no type or storage class ../include/db_config.h:341: error: parse error before '}' token ../include/db_config.h:341: warning: data definition has no type or storage class In file included from ../src/conf_yacc.y:21: ../include/aide.h:101: error: parse error before '*' token ../include/aide.h:101: warning: data definition has no type or storage class In file included from ../src/conf_yacc.y:29: ../include/db.h:31: error: parse error before '*' token ../include/db.h:33: error: parse error before 'db_config' ../include/db.h:35: error: parse error before '*' token ../src/conf_yacc.y: In function 'confparse': ../src/conf_yacc.y:171: error: request for member 'selrxlst' in something not a structure or union ../src/conf_yacc.y:171: error: request for member 'selrxlst' in something not a structure or union ../src/conf_yacc.y:174: error: request for member 'equrxlst' in something not a structure or union ../src/conf_yacc.y:174: error: request for member 'equrxlst' in something not a structure or union ../src/conf_yacc.y:177: error: request for member 'negrxlst' in something not a structure or union ../src/conf_yacc.y:177: error: request for member 'negrxlst' in something not a structure or union ../src/conf_yacc.y:179: error: request for member 'negrxlst' in something not a structure or union ../src/conf_yacc.y:179: error: request for member 'negrxlst' in something not a structure or union ../src/conf_yacc.y:264: error: request for member 'do_configmd' in something not a structure or union ../src/conf_yacc.y:265: error: request for member 'old_confmdstr' in something not a structure or union ../src/conf_yacc.y:290: error: request for member 'warn_dead_symlinks' in something not a structure or union ../src/conf_yacc.y:294: error: request for member 'warn_dead_symlinks' in something not a structure or union ../src/conf_yacc.y:299: error: request for member 'gzip_dbout' in something not a structure or union ../src/conf_yacc.y:306: error: request for member 'gzip_dbout' in something not a structure or union ../src/conf_yacc.y:316: error: request for member 'config_version' in something not a structure or union make[2]: *** [conf_yacc.o] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1713957&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-04-09 20:28:14
|
Feature Requests item #1697187, was opened at 2007-04-09 13:28 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1697187&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Interface Improvements (example) Group: None Status: Open Priority: 5 Private: No Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: Check against remote database Initial Comment: It would be cool if you could specify the url of a remote database either on the command line or in the config file that would be used as the base for comparison. Rather than storing the database on protected media, you could generate it, then move to another server. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1697187&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-03-21 11:13:06
|
Bugs item #1685090, was opened at 2007-03-21 12:13 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1685090&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Marc Haber (zugschlus) Assigned to: Nobody/Anonymous (nobody) Summary: off-by-one-error in line number for error messages Initial Comment: $ nl -ba -nln /var/lib/aide/aide.conf.autogenerated | grep '^3[0-9]' 30 RotatedLogs = Full+I 31 Logs = OwnerMode+n+S 32 LowLogs = Logs-S 33 LinkedLogs = Logs-n 34 35 (|/etc/motd)$ Full $ sudo aide.wrapper --init 34:syntax error:( 34:Error while reading configuration:( Configuration error $ When I put the error in macro definitions, everything is fine: $ nl -ba -nln /var/lib/aide/aide.conf.autogenerated | grep '^3[0-9]' 30 RotatedLogs = Full+I 31 Logs = OwnerMode+n+S 32 LowLogs = Logs-Sblubb 33 LinkedLogs = Logs-n 34 35 /etc/motd$ Full $ sudo aide.wrapper --init 32:Error in expression:Sblubb Configuration error $ So the error must be somewhere in the rule parser. This is #414268 from the Debian BTS, http://bugs.debian.org/414268 Greetings Marc ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1685090&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-03-18 21:38:26
|
Feature Requests item #1683255, was opened at 2007-03-18 22:38 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1683255&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Priority: 5 Private: No Submitted By: Marc Haber (zugschlus) Assigned to: Nobody/Anonymous (nobody) Summary: Track contents of growing log files Initial Comment: for growing log files (option "S"), aide should be able to build checksums for the file's contents. On the next aide run, aide knows from the database the size the file had when the checksume found in the database where built, so it can verify whether the file contents has changed in the part that was already present when the reference database was built. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1683255&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-03-18 21:35:06
|
Feature Requests item #1683253, was opened at 2007-03-18 22:35 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1683253&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Priority: 5 Private: No Submitted By: Marc Haber (zugschlus) Assigned to: Nobody/Anonymous (nobody) Summary: Unpack compressed data before comparing Initial Comment: Hi, aide should - optionally - unpack compressed files before building the checksums. This would allow to successfully track log rotation where the raw log gets compressed eventually. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1683253&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-02-15 18:20:02
|
Feature Requests item #1660824, was opened at 2007-02-15 18:20 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1660824&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: Next Release (example) Status: Open Priority: 5 Private: No Submitted By: jspilon (jspilon) Assigned to: Nobody/Anonymous (nobody) Summary: output options Initial Comment: different output options, such has a mysql database or even csv/tsv data would be easier to parse to send to a database with an external command. This would definitely need the output to have a structure that is similar throughout the different types of alerts that are written by aide. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1660824&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-02-05 16:49:31
|
Bugs item #1652557, was opened at 2007-02-05 16:46 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1652557&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: John Horne (jhorne) Assigned to: Nobody/Anonymous (nobody) Summary: Trivial aide.conf man page omission Initial Comment: The aide.conf man page makes no mention of the 'b' (block count) rule under the 'Default groups' section. The HTML manual does mention it. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1652557&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-01-21 09:21:40
|
Bugs item #1640670, was opened at 2007-01-21 01:21 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1640670&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Using aide Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: PGP key expired - please replace Initial Comment: # gpg -v --verify aide-0.13.1.tar.gz.asc aide-0.13.1.tar.gz gpg: armor header: Version: GnuPG v1.4.6 (GNU/Linux) gpg: Signature made Fri 15 Dec 2006 02:00:16 PM CET using DSA key ID 5930D198 gpg: NOTE: signature key 5930D198 expired Mon 01 Jan 2007 07:35:17 PM CET gpg: NOTE: signature key 5930D198 expired Mon 01 Jan 2007 07:35:17 PM CET gpg: NOTE: signature key 5930D198 expired Mon 01 Jan 2007 07:35:17 PM CET gpg: Good signature from "Aide Developers <aid...@li...>" gpg: Note: This key has expired! Primary key fingerprint: 0A83 AFE2 E91B C284 ABF4 949F F4AF A140 5930 D198 gpg: binary signature, digest algorithm SHA1 Submitted by <emi...@o2...> ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1640670&group_id=86976 |
From: SourceForge.net <no...@so...> - 2007-01-15 14:01:57
|
Feature Requests item #1635601, was opened at 2007-01-15 06:32 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1635601&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: Next Release (example) Status: Open Priority: 5 Private: No Submitted By: gapsf (gapsf) Assigned to: Nobody/Anonymous (nobody) Summary: Selecting directories only Initial Comment: Please, add directory attribute support, so we can select only directories tree, exclude all files under them. Somthing like this: #d: directory only DirsOnly = d+p+i+n+u+g+s+b+m+c+md5+sha1 /var/mail DirsOnly With this feature we can inspect havy directory structures without involving any files in this proccess. For example /var/mail where files are added, deleted often and we can safly check directories only. Thanks! ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1635601&group_id=86976 |
From: SourceForge.net <no...@so...> - 2006-12-21 20:59:16
|
Bugs item #1620413, was opened at 2006-12-21 12:59 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1620413&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Initialization of aide.db Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: Syntax Error Initial Comment: I've download, compiled, and installed both 0.13.1 and today's snapshot. Then I created a very simple aide.conf with one line "/etc p". When I try to initialize the db (aide --init) I'm getting a syntax error, so I set YYDEBUG and YYERROR_VERBOSE and get 0:syntax error: unexpected $undefined, expecting TNEWLINE or TEOF or '+' or '-': 0:Error while reading configuration: Configuration error After playing around, the only thing I've come up with is something in conf_lex.l other than "<EXPR>[\ \t]*\n" is eating the newline. I've upgrade my bison and flex to the latest and still the same thing happens. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1620413&group_id=86976 |
From: SourceForge.net <no...@so...> - 2006-11-02 08:14:31
|
Bugs item #1589116, was opened at 2006-11-02 00:14 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1589116&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Using aide Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: aide 0.12 size test don't work Initial Comment: 'llo. i've compiled adie 0.12 with this parameters ./configure --target=powerpc-uclibc-linux-gnu --host=i686-linux-gnu --build= powerpc-uclibc-linux-gnu --with-extra-libs=-L/home/bertrand/dsm/toolchain_powerpc/lib --with-extra-includes=-I/home/bertrand/dsm/toolchain_powerpc/include --with-confighmactype=sha1 --with-confighmackey=xxxxxxxxx --with-dbhmactype=sha1 --with-dbhmackey=xxxxxxxxxxxxxx --enable-forced_dbmd and the old size report by aide --check is always 0. This bug is corrected in the cvs snapshot dated 01/11/06 but this one make a core dump with gzip_dbout=yes warn_dead_symlinks=yes config_version=0 Stockage=R+ANF+ARF in aide.conf ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1589116&group_id=86976 |
From: SourceForge.net <no...@so...> - 2006-11-02 08:07:26
|
Bugs item #1589115, was opened at 2006-11-02 00:07 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1589115&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Compiling aide Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: aide cross compilation ino_t value Initial Comment: Hello, When you cross compile aide configure put the value "cross" for AIDE_INO_TYPE. This must be fixed by hand before comilation. this point is not in the doc. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1589115&group_id=86976 |
From: SourceForge.net <no...@so...> - 2006-10-28 11:38:14
|
Feature Requests item #1586214, was opened at 2006-10-28 13:38 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1586214&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Priority: 5 Private: No Submitted By: Marc Haber (zugschlus) Assigned to: Nobody/Anonymous (nobody) Summary: please allow /dev/null as input and output database Initial Comment: Hi, for debugging, it might be useful to use /dev/null as input _and_ as output database. This is currently not allowed, but makes sense in this special case. Please consider allowing this special case. Greetings Marc ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1586214&group_id=86976 |
From: SourceForge.net <no...@so...> - 2006-10-14 11:47:11
|
Bugs item #1577128, was opened at 2006-10-14 13:47 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1577128&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Michael Schwendt (mschwendt) Assigned to: Nobody/Anonymous (nobody) Summary: -r gives segfault Initial Comment: # aide -C -r ftp://rawhide.intranet/pub/incoming/aide.txt Segmentation fault (core dumped) (gdb) bt #0 0x0087be8b in __vfprintf_chk () from /lib/libc.so.6 #1 0x0804bf0f in error (errorlevel=0, error_msg=0x806c490 "AIDE found differences between database and filesystem!!\n") at error.c:228 #2 0x080557a8 in print_report_header (nfil=4557, nadd=0, nrem=0, nchg=1) at compare_db.c:649 #3 0x0805698d in report_tree (node=0x9f15508, stage=0, stat=0xbfaf4c64) at compare_db.c:953 #4 0x080597fc in main (argc=0, argv=0x0) at aide.c:539 #5 0x007b0f2c in __libc_start_main () from /lib/libc.so.6 #6 0x08049a01 in _start () Same with http. $ rpm -q aide curl glibc aide-0.12-1 curl-7.15.5-1.fc6 glibc-2.5-3 ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1577128&group_id=86976 |
From: SourceForge.net <no...@so...> - 2006-10-03 09:10:59
|
Bugs item #1569825, was opened at 2006-10-03 11:10 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1569825&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Marc Haber (zugschlus) Assigned to: Nobody/Anonymous (nobody) Summary: consistency issues aide/Aide/AIDE Initial Comment: Hi, the aide manpage and some other docs are inconsistent in using aide, Aide and AIDE. I suspect that AIDE is the meaning for the program and/or project while aide is the actual AIDE binary. I'd love to see this being used consistently in the next release. Greetings Marc ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1569825&group_id=86976 |
From: SourceForge.net <no...@so...> - 2006-09-05 13:21:41
|
Feature Requests item #1552655, was opened at 2006-09-05 06:21 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1552655&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: 0.11 Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: full set of checksums for software package Initial Comment: The tarball is missing package checksums for md5sum and openssl md5. The ones for 0.10 are given in the READMe instead. Could we please have the 0.11 sums? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581582&aid=1552655&group_id=86976 |
From: SourceForge.net <no...@so...> - 2006-07-16 14:47:40
|
Bugs item #1523404, was opened at 2006-07-16 07:47 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1523404&group_id=86976 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Compiling aide Group: None Status: Open Resolution: None Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: --disable-static required for Darwin (README) Initial Comment: Here http://www.mail-archive.com/ai...@cs.../msg00876.html a note in the README about this required configure option has been proposed. Here is my proposal for this one-liner: [claudius6:tmp/axel/aide-0.12-rc1] axel% diff -u README README.old --- README 2006-07-16 13:51:31.000000000 +0200 +++ README.old 2006-03-13 21:27:25.000000000 +0100 @@ -55,8 +55,7 @@ For AIX 5.1 or 5.2 it is reported you need to use --with-gnu-regexp when configuring AIDE. - For Mac OS X (reported for 10.4) / Darwin you need --disable- static. - + Source Code Verification ------------------------ Axel Axel.Rau@Chaos1.DE ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=581579&aid=1523404&group_id=86976 |