Thanks you i think i found the way to get the correct information by using AIDE manual
On Wed, May 11, 2016 at 3:35 PM, Muhammad Yousuf Khan <[email protected]> wrote: > I am very new to AIDE and old to Debian linux world. i hope you guyz do > not mind any newbie question. > actually i am trying to understand the working of AIDE but failed. because > every tutorial i found so far is related to different destro then Debian. > all other destros has one conf file. > > /etc/aide/aide.conf > > and Debian generated a file somewhere in > /var/path/to/aide/aide.conf.autogerenate. > > > it is written in autogenerated conf that any change that is made to this > file will be overwrite. > now the problem is i do not want whole system check. rather a folder which > is /var/www and another folder /home/anyuser. > > so how can i manage to achive this result. > i added "!" at the beginning of every folder except /var like below in > file /etc/aide/aide.conf > > > !/bin > !/boot > !/dev > !/etc > !/home > !/lib > !/lib64 > !/media > !/mnt > !/opt > !/proc > !/root > !/run > !/sbin > !/scripts > !/srv > !/sys > !/tmp > !/usr > /var/www InodeData > !/var > > > now i follow steps like this > > Step1 > #aideinit > now i edit a file in /var/www > > Step2 > # aide -c /etc/aide/aide.conf --check > above command give me this output. > AIDE 0.16a2-19-g16ed855 found NO differences between database and > filesystem. Looks okay!! > blah blah blah............ > > > this means no change of file or update has been found. but this is not > true.because i have manually change the file by my self. > > I know i am doing mistake somewhere can you please guide me what i am > doing wrong. > > any help will be highly appreciated. > > Thanks, > yousuf > >
_______________________________________________ Aide mailing list [email protected] https://mailman.cs.tut.fi/mailman/listinfo/aide
