Menu

#105 init gives the error DBG: md_enable: algorithm 7 not available

0.14
closed-fixed
nobody
None
5
2021-04-03
2018-11-21
Mario Goppold
No

this happens with aide 15.1 and 16.0 compiled with libgcrypt.
up to libgcrypt <= 1.8.4 GCRY_MD_HAVAL is not implemented and can not initialisized.

during the search for how I can fix this, I notice an error in the definition of HASH_USE_GCRYPT in md.h.
DB_CRC32 occurs two times in this definition and schould once DB_CRC32B or am I wrong?

Both where fixed with the attached patch: aide-define_hash_use_gcrypt.patch

1 Attachments
aide-define_hash_use_gcrypt.patch

Discussion

  • Casper Nielsen

    Casper Nielsen - 2019-02-20

    I can confirm that this is still an issue. As of today:

    [root@fedora /root] # dnf install aide
    Last metadata expiration check: 1:05:47 ago on Wed 20 Feb 2019 01:11:14 PM CET.
    Dependencies resolved.
    =========================================================================================================
    Package Arch Version Repository Size
    =========================================================================================================
    Installing:
    aide x86_64 0.16-8.fc29 fedora 141 k

    Transaction Summary

    Install 1 Package

    Total download size: 141 k
    Installed size: 367 k
    Is this ok [y/N]: y
    Downloading Packages:
    aide-0.16-8.fc29.x86_64.rpm 132 kB/s | 141 kB 00:01

    Total 42 kB/s | 141 kB 00:03
    Running transaction check
    Transaction check succeeded.
    Running transaction test
    Transaction test succeeded.
    Running transaction
    Preparing : 1/1
    Installing : aide-0.16-8.fc29.x86_64 1/1
    Running scriptlet: aide-0.16-8.fc29.x86_64 1/1
    Verifying : aide-0.16-8.fc29.x86_64 1/1

    Installed:
    aide-0.16-8.fc29.x86_64

    Complete!
    [root@fedora /root] # aide -v
    Aide 0.16

    Compiled with the following options:

    WITH_MMAP
    WITH_PCRE
    WITH_POSIX_ACL
    WITH_SELINUX
    WITH_XATTR
    WITH_E2FSATTRS
    WITH_LSTAT64
    WITH_READDIR64
    WITH_ZLIB
    WITH_CURL
    WITH_GCRYPT
    WITH_AUDIT
    CONFIG_FILE = "/etc/aide.conf"

    [root@fedora /root] # vi /etc/aide.conf
    [root@fedora /root] # grep -P "^\w..*$" /etc/aide.conf
    database=file:@@{DBDIR}/aide.db.gz
    database_out=file:@@{DBDIR}/aide.db.new.gz
    gzip_dbout=yes
    verbose=5
    report_url=file:@@{LOGDIR}/aide.log
    report_url=stdout
    FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha512
    ALLXTRAHASHES = sha512
    EVERYTHING = ALLXTRAHASHES
    NORMAL = sha512
    DIR = p+i+n+u+g+acl+selinux+xattrs
    PERMS = p+i+u+g+acl+selinux
    LOG = >
    LSPP = sha512
    DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
    DBG: md_enable: algorithm 7 not available
    ^C
    [root@fedora /root] # cat /etc/redhat-release
    Fedora release 29 (Twenty Nine)

    I have tried various combinations of the implementation, including https://access.redhat.com/solutions/435543 but without any luck. It seems like "algorithm 7" is regardless of the config, unless I am missing something..

    Best regards
    Casper

     

    Last edit: Casper Nielsen 2019-02-20

  • Casper Nielsen

    Casper Nielsen - 2019-02-23

    I have just made a double check on a "brand new" CentOS 7 VM:

    [root@centos70 ~]# aide -v
    Aide 0.15.1

    Compiled with the following options:

    WITH_MMAP
    WITH_POSIX_ACL
    WITH_SELINUX
    WITH_PRELINK
    WITH_XATTR
    WITH_E2FSATTRS
    WITH_LSTAT64
    WITH_READDIR64
    WITH_ZLIB
    WITH_GCRYPT
    WITH_AUDIT
    CONFIG_FILE = "/etc/aide.conf"

    [root@centos70 ~]# grep -P "^\w..*$" /etc/aide.conf
    database=file:@@{DBDIR}/aide.db.gz
    database_out=file:@@{DBDIR}/aide.db.new.gz
    gzip_dbout=yes
    verbose=5
    report_url=file:@@{LOGDIR}/aide.log
    report_url=stdout
    FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256
    ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
    EVERYTHING = R+ALLXTRAHASHES
    NORMAL = sha256
    DIR = p+i+n+u+g+acl+selinux+xattrs
    PERMS = p+u+g+acl+selinux+xattrs
    STATIC = p+u+g+acl+selinux+xattrs+i+n+b+c+ftype
    LOG = p+u+g+n+acl+selinux+ftype
    CONTENT = sha256+ftype
    CONTENT_EX = sha256+ftype+p+u+g+n+acl+selinux+xattrs
    DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha256
    [root@centos70 ~]# cat /etc/redhat-release
    CentOS Linux release 7.6.1810 (Core)

    Without changing any configuration at all, Aide installed, initialised an runs checks:

    [root@centos70 ~]# aide --check
    ...
    Summary:
    Total number of files: 143209
    Added files: 0
    Removed files: 0
    Changed files: 1

    Changed files:

    changed: /etc/aide.conf
    ...

    This seems to be either a problem on 0.16 or to the settings on Fedora 29 (which for me is pretty standard) vs. CentOS.
    I also tried to do a VM with brand new Fedora 29 (the above is an upgraded 27->29) and that results in the same issue however Aide will initialise.

    Best regards
    Casper

     

  • Hannes von Haugwitz

    Hannes von Haugwitz - 2021-04-03
    • status: open --> closed-fixed
     

  • Hannes von Haugwitz

    Hannes von Haugwitz - 2021-04-03

    This is now handled with a proper warning log message in AIDE 0.17.

     

Log in to post a comment.

MongoDB Logo MongoDB