#31 Paths with dots in aide.conf do not work

Bob Proulx

On first look it appears that some filenames are lost
and aide will not scan them for changes. Here is how
you can create one test case for aide-0.10. I used
Debian's sid aide-0.10-4.

mkdir -p /var/tmp/www/www.proulx.com/public_html
echo foo > /var/tmp/www/www.proulx.com/public_html/foo

cat >/var/tmp/www/conf <<EOF
database = file:/var/tmp/www/db
database_out = file:/var/tmp/www/db.new
/var/tmp/www/www.proulx.com/public_html R

cd /var/tmp/www

aide --config=/var/tmp/www/conf --init --verbose=255
/var/tmp/www/www.proulx.com match=0, tree=6266912, attr=0

Interestingly if I change the dots to underscores
things work.

ln -s www.proulx.com www_proulx_com
perl -pe 's/www.proulx.com/www_proulx_com/' conf > conf_
aide --config=/var/tmp/www/conf_ --init --verbose=255
New start_path=/var/tmp/www/www_proulx_com
Matches rule from line #4:

The current CVS source for today exhibits the same

Bob Proulx <bob@proulx.com>


  • Richard van den Berg

    • summary: fails to match some filenames --> Paths with dots in aide.conf do not work
  • Richard van den Berg

    Logged In: YES

    I have not been able to figure this one out yet. It seems
    that dots in pathnames inside aide.conf break things. I have
    changed the summary to reflect this.

  • Richard van den Berg

    • labels: --> Config Parser
    • milestone: --> 0.10
    • assigned_to: nobody --> rvdb
    • status: open --> closed-fixed
  • Richard van den Berg

    Logged In: YES

    The problem was that escaping special characters in
    directory names did not work. The correct syntax for your
    test case is:

    /var/tmp/www/www\.proulx\.com/public_html R

    The full set of characters is ()^$*[]. they will need to be
    escaped with a backslash when they are used in directory names.

  • Richard van den Berg

    Logged In: YES

    This bug/patch has been fixed in CVS. Please note that anonymous
    access to CVS lags about 2 hours behind the authenticated access
    that developers use.

    If you don't know how to use CVS, you can try the daily snapshot
    which within 24 hours should include this change:

  • Bob Proulx

    Bob Proulx - 2005-10-05

    Logged In: YES

    Thank you very much for addressing this issue. But I don't
    understand part of the comments made and would like
    clarification. The path is a regular expression. But the
    comments indicate that all regular expression metacharacters
    must be escaped. But shouldn't a dot be allowed to match
    any filename character?

    It would seem to me then that one.two.three would match
    one.two.three if the dots were not escaped. They would also
    match other letters at the dot, of course, but knowing that
    those do not exist then not escaping the dots would be okay.
    Other paths such as those with brackets and such are not so
    lucky and would need escaping because they do not match

    In any case, when the CVS syncs up I will pull an update and
    test. Thanks again.

  • Richard van den Berg

    Logged In: YES

    At this moment, regexes in directory names are not
    supported. The selection line is a regex, but it is only
    used as a regex when matching files, not directories. So

    /usr/lib/.*\.so.* R
    /var/log/syslog.* R

    will work. But

    /opt/.*/bin/.* R

    will not. The reason is that the selection path is parsed
    from left to right when looking for directories to traverse.
    This process does not use regex matching, but stops at
    characters that are special to regexes. To avoid this, the
    special characters can be escaped.

    In the future the directory matching might be changed to use
    regex matching. When that happens, the escaping of dots is
    not needed anymore.


Log in to post a comment.