Hi, I tweaked /etc/default/aide as requested. The db seems to be copied now.
AIDE returned with exit code 5. Added and changed entries detected! AIDE post run information output database /var/lib/aide/aide.db.new was copied to /var/lib/aide/aide.db as requested by cron job configuration End of AIDE post run information AIDE produced no errors. Output is 329870 lines, truncated to 1000. AIDE 0.16a2-19-g16ed855 found differences between database and filesystem!! New AIDE database written to /var/lib/aide/aide.db.new Start timestamp: 2016-04-23 06:25:06 +0200 Verbose level: 6 Summary: Total number of entries: 331957 Added entries: 329796 Removed entries: 0 Changed entries: 6 Also, AIDE does an update, not a check by default in the configuration file. I had to put yes in the COPYNEWDB option. I'll let you know in the following days how it's going on. @Keith : I just used *apt-get install aide* to get AIDE on my debian jessie 8, nothing more. As Hannes said, the cron is part of this package but I didn't know upstream AIDE doesn't contain a cron script. Cordialement, Jérôme LILLE | Responsable Agence i...@lije-creative.com | +33 7 70 87 02 03 Site internet : www.lije-creative.com 2016-04-22 20:11 GMT+02:00 Hannes von Haugwitz <han...@vonhaugwitz.com>: > On Fri, Apr 22, 2016 at 07:47:27AM -0400, Keith Constable wrote: > > I mentioned protecting the AIDE database and binaries because any results > > generated by AIDE are meaningless unless you can verify that an intruder > > hasn't modified the binaries and database. That said, I understand > certain > > applications of AIDE may not warrant such paranoia. It's up to you how > far > > you want to take it. > > Just out of curiosity, what are your methods to ensure the integrity of > the AIDE binary and the database? > > Best regards > > Hannes > _______________________________________________ > Aide mailing list > Aide@cs.tut.fi > https://mailman.cs.tut.fi/mailman/listinfo/aide > ᐧ
_______________________________________________ Aide mailing list Aide@cs.tut.fi https://mailman.cs.tut.fi/mailman/listinfo/aide