On Fri, 13 Oct 2017 12:32:39 +0000 John Ratliff <[email protected]> wrote:
> Is there a reason to monitor things like > /dev > /run > /tmp > /var/log (rotated log files in particular) Here is what I've done when run as non-root: soft = p+n+u+g /dev soft !/dev/char !/dev/tty[0-9]+ !/dev/vcs[0-9]+ !/dev/vcsa[0-9]+ !/dev/xconsole =/run$ L =/tmp$ L =/var$ L This is for server systems that don't have a lot of users so your mileage may vary. John _______________________________________________ Aide mailing list [email protected] https://www.ipi.fi/mailman/listinfo/aide
