I've got aide aide-0.13.1-4.el5 running on a server, and aide
aide-0.13.1-2.0.4.el5 running on a similar server. There appears to have
been a change in the way base directories are being monitored in the two
versions. Both servers are running logical volumes, but it seems to not
matter as I'm
On 4/10/08, Steve Campbell [EMAIL PROTECTED] wrote:
Jim,
I tried the new config file - the downloaded one - and it still gives me the
errors. I then went through and removed the xattr options on all of them
with no luck still. I have not ran the --check yet.
OK, so what if I enable
Thanks all for the assistance. I'm going to put the machine into full
production today (a necessity). I'll reconfigure the system and hope for
the best. As it is now, AIDE is working fine.
steve
Michael Simpson wrote:
On 4/10/08, Steve Campbell [EMAIL PROTECTED] wrote:
Jim,
I tried the
On Fri, Apr 11, 2008 at 8:35 AM, Steve Campbell [EMAIL PROTECTED] wrote:
Thanks all for the assistance. I'm going to put the machine into full
production today (a necessity). I'll reconfigure the system and hope for the
best. As it is now, AIDE is working fine.
Hey, gave me a chance to learn a
On 4/9/08, Steve Campbell [EMAIL PROTECTED] wrote:
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski [EMAIL PROTECTED] wrote:
I think those errors are because selinux is off.
Hmm, I don't ever really turn selinux off, but I had always thought
aide treated
Michael Simpson wrote:
On 4/9/08, Steve Campbell [EMAIL PROTECTED] wrote:
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski [EMAIL PROTECTED] wrote:
I think those errors are because selinux is off.
Hmm, I don't ever really turn selinux off, but
On Thursday 10 April 2008 13:51:02 Steve Campbell wrote:
Michael Simpson wrote:
On 4/9/08, Steve Campbell [EMAIL PROTECTED] wrote:
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski [EMAIL PROTECTED] wrote:
I think those errors are because selinux is off.
Hmm, I don't
On Thu, Apr 10, 2008 at 8:51 AM, Steve Campbell [EMAIL PROTECTED] wrote:
Thanks Mike,
I'm not sure I can do the reboot today as I have had to put the server into
a temporary production status.
The thing that is sort of bothering me, though, is that so much trouble
occurs because of
Jim Perrin wrote:
On Thu, Apr 10, 2008 at 8:51 AM, Steve Campbell [EMAIL PROTECTED] wrote:
Thanks Mike,
I'm not sure I can do the reboot today as I have had to put the server into
a temporary production status.
The thing that is sort of bothering me, though, is that so much trouble
On Thu, Apr 10, 2008 at 8:51 AM, Steve Campbell [EMAIL PROTECTED] wrote:
I'm not sure I can do the reboot today as I have had to put the server into
a temporary production status.
Well, this is infact selinux related.
Test 1 reports:
[EMAIL PROTECTED] ~]# getenforce
Permissive
[EMAIL
On 4/10/08, Steve Campbell [EMAIL PROTECTED] wrote:
Thanks Mike,
I'm not sure I can do the reboot today as I have had to put the server into
a temporary production status.
The thing that is sort of bothering me, though, is that so much trouble
occurs because of selinux when trying to use
On Thu, Apr 10, 2008 at 9:24 AM, Steve Campbell [EMAIL PROTECTED] wrote:
Tony and Jim,
sestatus reports disabled. Thanks for the help on the test, Jim.
Okay, so here's the deal. The default aide.conf checks the selinux
bits. If you need to have selinux off (not really recommended, but
it's
Jim Perrin wrote:
On Thu, Apr 10, 2008 at 9:24 AM, Steve Campbell [EMAIL PROTECTED] wrote:
Tony and Jim,
sestatus reports disabled. Thanks for the help on the test, Jim.
Okay, so here's the deal. The default aide.conf checks the selinux
bits. If you need to have selinux off
On Thu, Apr 10, 2008 at 11:26 AM, Steve Campbell [EMAIL PROTECTED] wrote:
I tried the new config file - the downloaded one - and it still gives me
the errors. I then went through and removed the xattr options on all of them
with no luck still. I have not ran the --check yet.
Did you remove
Jim Perrin wrote:
On Thu, Apr 10, 2008 at 11:26 AM, Steve Campbell [EMAIL PROTECTED] wrote:
I tried the new config file - the downloaded one - and it still gives me
the errors. I then went through and removed the xattr options on all of them
with no luck still. I have not ran the --check
Sorry, I goof on the last test. I named your downloaded file .config
instead of .conf. I was getting it mixed up with the selinux config file.
Slow brain today.
Looks like it would have worked with just the --init.
steve
Jim Perrin wrote:
On Thu, Apr 10, 2008 at 11:26 AM, Steve Campbell
I'm trying out aide since tripwire doesn't seem to be in the 5. releases
anymore. I do not have Selinux on the server (no at installation), and I
just yum installed the aide rpms, so I should have the latest.
When I run my aide --init, I get all of these lines for all the files:
On Wed, Apr 9, 2008 at 11:39 AM, Steve Campbell [EMAIL PROTECTED] wrote:
I'm trying out aide since tripwire doesn't seem to be in the 5. releases
anymore. I do not have Selinux on the server (no at installation), and I
just yum installed the aide rpms, so I should have the latest.
When I run
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 11:39 AM, Steve Campbell [EMAIL PROTECTED] wrote:
I'm trying out aide since tripwire doesn't seem to be in the 5. releases
anymore. I do not have Selinux on the server (no at installation), and I
just yum installed the aide rpms, so I should have
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 12:03 PM, Steve Campbell [EMAIL PROTECTED] wrote:
Thanks Jim,
Believe it or not, that's what I started out with.
After running the entire --init/--check scenario again, I see in the log
files and the output, that all files get this message, and
On Wed, Apr 9, 2008 at 12:03 PM, Steve Campbell [EMAIL PROTECTED] wrote:
Thanks Jim,
Believe it or not, that's what I started out with.
After running the entire --init/--check scenario again, I see in the log
files and the output, that all files get this message, and a normal output
of
On 4/9/08, Steve Campbell [EMAIL PROTECTED] wrote:
I ran the --init/--check with the default config originally, get the same
output. I then tried -selinux on the options that included +selinux just
for the hell of it. I don't know if that's ok or not. --check-config doesn't
burp on it though.
Jim Perrin wrote:
On 4/9/08, Steve Campbell [EMAIL PROTECTED] wrote:
I ran the --init/--check with the default config originally, get the same
output. I then tried -selinux on the options that included +selinux just
for the hell of it. I don't know if that's ok or not. --check-config
I think those errors are because selinux is off.
On Wed, 2008-04-09 at 12:12 -0400, Jim Perrin wrote:
On Wed, Apr 9, 2008 at 12:03 PM, Steve Campbell [EMAIL PROTECTED] wrote:
Thanks Jim,
Believe it or not, that's what I started out with.
After running the entire --init/--check
On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski [EMAIL PROTECTED] wrote:
I think those errors are because selinux is off.
Hmm, I don't ever really turn selinux off, but I had always thought
aide treated it as optional.
Could test by setting it to permissive and trying again. This would be
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski [EMAIL PROTECTED] wrote:
I think those errors are because selinux is off.
Hmm, I don't ever really turn selinux off, but I had always thought
aide treated it as optional.
Could test by setting it to permissive and
26 matches
Mail list logo
