[Integrit-users] more conf problems
Brought to you by:
ecashin
Menu
▾
▴
[Integrit-users] more conf problems
|
From: <int...@ma...> - 2004-02-26 16:51:11
|
Hello, for some reason, integrit seems to have started ignoring my prefixs on my config files. For example: =/var/spool/cron MC =/var/spool/postfix MC !/mrlewvar !/mrlewdatabase I would expect these directories to be checked for everything except mod time: /var/spool/cron /var/spool/postfix And to completely ignore these directories: /mrlewvar /mrlewdatabase Which has been the case since I set the rules up. Then 2 days ago I started getting loads of 'new:' lines in my output: new: /mrlewvar/spool/postfix/defer/8/896EDDAB75 p(600) u(1001) g(100) z(84) m(20040226-062818) changed: /mrlewvar/spool/postfix/defer/9 m(20040225-145428:20040226-061138) c(20040225-145428:20040226-061138) new: /mrlewvar/spool/postfix/defer/9/94698DAB76 p(600) u(1001) g(100) z(85) m(20040226-061138) changed: /mrlewvar/spool/postfix/defer/9/9E927DAB72 s(79b59cbcba5b11f227fe29403f5ed8cc0a605ef2:d05577dd1ff958a2887df791d21d0332d1e5e8a7) changed: /mrlewvar/spool/postfix/defer/9/9E927DAB72 m(20040225-145458:20040226-055458) c(20040225-145458:20040226-055458) The reason that there are some changed ones in there is because I thought maybe I'd messed up an config update or something so I made some new databases (same ruleset), but as integrit seems to be ignoring the ignore lines, these are now part of the db. I've racked my brains to think if ANYTHING has changed, but this is happening on 2 machines with independant config files. I use integrit on 4 machines and the other 2 haven't reported anything like this. So I looked at the conf files to find other ! preceded lines, for example /mnt on my firewall. I did touch /mnt/cdrom/test and reran the check. It didn't pick up any new files... I can't understand it at all - any clues greatfully received! Matt -- We do not see things as they are, we see things as we are. - old talmudic saying |
