Thanks Marc, I had ended up ignoring these two files:!/var/lib/aide/aide.db!/var/lib/aide/aide.db.new But I think your suggestion of adding custom rules for these two files seems like a better approach. Thanks,Nikhil > Date: Sat, 9 May 2015 14:24:06 +0200 > From: [email protected] > To: [email protected] > Subject: Re: [Aide] Renaming aide.db.new cause false positives > > On Wed, May 06, 2015 at 01:25:42PM -0400, Nikhil Sole wrote: > > I tweaked the default /etc/aide.conf file to add my specific needs but left > > the config parameters as is, esp.: > > database=file:/var/lib/aide/aide.db > > database_out=file:/var/lib/aide/aide.db.new > > I generally only copy over aide.db.new to aide.db. And I have > OwnerMode = p+u+g+ftype > VarFile = OwnerMode+n+l+X > /var/lib/aide/aide\.db(\.new)?$ VarFile > > Greetings > Marc > > -- > ----------------------------------------------------------------------------- > Marc Haber | "I don't trust Computers. They | Mailadresse im Header > Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 > Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 > _______________________________________________ > Aide mailing list > [email protected] > https://mailman.cs.tut.fi/mailman/listinfo/aide
_______________________________________________ Aide mailing list [email protected] https://mailman.cs.tut.fi/mailman/listinfo/aide
