Hi guys, It's working better with the last tweaks I did on the cron conf file. Thanks Keith and Hannes about that.
Also, I wanted to ask how to exclude folders with a wild card? Currently, I got a lot of ispconfig websites and a lot of sessions files generated in the /tmp/ folder of every websites. I wanted to exclude these folders like that: !/home/www/clients/client0/*/tmp/.* But the wild card doesn't seem to work. /home/www/clients/client0/web11/tmp/sess_8demipef935hpkklaop8ad0fr0 /home/www/clients/client0/web12/tmp/sess_878h8gq2gqnl9b4b424cqd35c3 /home/www/clients/client0/web12/tmp/sess_8aq7l3qbb22ff4n7nhjpvhg9v5 /home/www/clients/client0/web12/tmp/sess_8demipef935hpkklaop8ad0fr0 /home/www/clients/client0/web12/tmp/sess_8gnjb088jl6dskt1n9asakf9s3 /home/www/clients/client0/web12/tmp/sess_8l446hr5vhbmnk6lpj2nlke216 /home/www/clients/client0/web12/tmp/sess_8p51s15v8or8llh1cpb33760s6 are still beeing added to the database. I want it to be dynamic if I add more websites. I got 40+ wesites on this server. I don't want to add the 40 folders to exclude. Can you help? Cordialement, Jérôme LILLE | Responsable Agence [email protected] | +33 7 70 87 02 03 Site internet : www.lije-creative.com 2016-04-23 10:11 GMT+02:00 LIJE Creative <[email protected]>: > Hi, > > I tweaked /etc/default/aide as requested. The db seems to be copied now. > > > AIDE returned with exit code 5. Added and changed entries detected! > AIDE post run information > output database /var/lib/aide/aide.db.new was copied to > /var/lib/aide/aide.db as requested by cron job configuration > End of AIDE post run information > AIDE produced no errors. > > Output is 329870 lines, truncated to 1000. > AIDE 0.16a2-19-g16ed855 found differences between database and filesystem!! > New AIDE database written to /var/lib/aide/aide.db.new > Start timestamp: 2016-04-23 06:25:06 +0200 > Verbose level: 6 > > Summary: > Total number of entries: 331957 > Added entries: 329796 > Removed entries: 0 > Changed entries: 6 > > > Also, AIDE does an update, not a check by default in the configuration > file. I had to put yes in the COPYNEWDB option. > I'll let you know in the following days how it's going on. > > @Keith : I just used *apt-get install aide* to get AIDE on my debian > jessie 8, nothing more. As Hannes said, the cron is part of this package > but I didn't know upstream AIDE doesn't contain a cron script. > > Cordialement, > > > Jérôme LILLE | Responsable Agence > [email protected] | +33 7 70 87 02 03 > Site internet : www.lije-creative.com > > 2016-04-22 20:11 GMT+02:00 Hannes von Haugwitz <[email protected]>: > >> On Fri, Apr 22, 2016 at 07:47:27AM -0400, Keith Constable wrote: >> > I mentioned protecting the AIDE database and binaries because any >> results >> > generated by AIDE are meaningless unless you can verify that an intruder >> > hasn't modified the binaries and database. That said, I understand >> certain >> > applications of AIDE may not warrant such paranoia. It's up to you how >> far >> > you want to take it. >> >> Just out of curiosity, what are your methods to ensure the integrity of >> the AIDE binary and the database? >> >> Best regards >> >> Hannes >> _______________________________________________ >> Aide mailing list >> [email protected] >> https://mailman.cs.tut.fi/mailman/listinfo/aide >> > > ᐧ > ᐧ
_______________________________________________ Aide mailing list [email protected] https://mailman.cs.tut.fi/mailman/listinfo/aide
