Your message dated Wed, 20 Jan 2021 11:18:39 +0000 with message-id <[email protected]> and subject line Bug#683957: fixed in aide 0.16.2-87-g9804cf4-1 has caused the Debian Bug report #683957, regarding aide: Squeeze rules update to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 683957: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683957 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: aide Version: 0.15.1-2+squeeze1 Severity: normal Tags: patch Hi Marc, sorry for the long, long delay. My configuration has finally settled down under squeeze (just in time for the wheezy release :-( ) and somehow I arrived at your message in my +todo folder. Here is a patch to my aide.conf.local.d overrides to the 0.15.1-2+squeeze1 version of aide.conf.d. Don't hesitate to ask any questions if the changes aren't obvious to you. I've included 30_local so that you have some context and an example for other changes, particularly 31_aide_apache2. You'll want to ignore other files such as 30_local_exclude_home as well. You'll probably want the top half of 31_aide_boinc-client; the bottom half is only applicable if the user is running SETI@home, but might be a good example nonetheless. diff -u --exclude .svn --new-file -r aide.conf.d/30_local aide.conf.local.d/30_local --- aide.conf.d/30_local 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/30_local 2012-08-04 18:35:27.814118388 -0700 @@ -0,0 +1,43 @@ +# Rules expect a non-fully-qualified name. See also FQDN. +@@define HOSTNAME tassie + +# See 31_aide_apache2. +@@define WEB_SITES_WEEKLY_ROTATION (billwohler|loriheyman|newt)\.com + +# See 31_aide_webalizer. +@@define LOC_WEBSITES @@{WEB_SITES_WEEKLY_ROTATION} + +# Local preferences. +/root$ VarDir +/root/.emacs.desktop$ VarFile + +/tmp$ VarDir-n +!/tmp/ + +/var/mail$ VarDir +!/var/mail/ + +/var/local/spool/process$ VarFile + +/var/local/lib/bogofilter$ VarDir +/var/local/lib/bogofilter/DB_CONFIG$ VarFile +/var/local/lib/bogofilter/wordlist.db$ VarFile + +/var/local/lib/diane/offset VarFile +/var/local/lib/diane$ InodeData + +!/var/www/newt.com$ + +# Local preferences for 31_aide_mailman. +/var/lib/mailman/archives$ VarDir +!/var/lib/mailman/archives/ +/var/lib/mailman/data$ VarDir +!/var/lib/mailman/data/ +/var/lib/mailman/lists$ VarDir +!/var/lib/mailman/lists/ +/var/lib/mailman/qfiles$ VarDir +!/var/lib/mailman/qfiles/ +/var/lock/mailman$ VarDir +!/var/lock/mailman/ + +/var/run/screen/S-wohler/[0-9]+\.pts-[0-9]+\.tassie$ VarFile diff -u --exclude .svn --new-file -r aide.conf.d/30_local_exclude_home aide.conf.local.d/30_local_exclude_home --- aide.conf.d/30_local_exclude_home 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/30_local_exclude_home 2012-08-04 18:35:27.822118335 -0700 @@ -0,0 +1,4 @@ +#!/bin/sh + +# Exclude home directories of system accounts with uid >= 1000. +getent passwd | awk -F":" '{ if ($3 >= 1000) {print "!" $6}}' diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_acpid aide.conf.local.d/31_aide_acpid --- aide.conf.d/31_aide_acpid 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_acpid 2012-08-04 18:35:27.818118296 -0700 @@ -1,6 +1,6 @@ /var/log/acpid$ Log -/var/log/acpid\.1$ LowLog +/var/log/acpid\.1\.gz$ LowLog /var/log/acpid\.2\.gz$ LoSerMemberLog /var/log/acpid\.3\.gz$ SerMemberLog /var/log/acpid\.4\.gz$ HiSerMemberLog -/var/run/acpid\.(socket|pid)$ VarFile +/var/run/acpid\.socket$ VarFile diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_apache2 aide.conf.local.d/31_aide_apache2 --- aide.conf.d/31_aide_apache2 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_apache2 2012-08-04 18:35:27.814118388 -0700 @@ -3,12 +3,18 @@ @@else @@define APACHE2_LOGS (access|error) @@endif -/var/log/apache2/@@{APACHE2_LOGS}\.log$ Log -/var/log/apache2/@@{APACHE2_LOGS}\.log\.1$ LowLog +/var/log/apache2/@@{APACHE2_LOGS}\.log(\.1)?$ LowLog /var/log/apache2/@@{APACHE2_LOGS}\.log\.2\.gz$ LoSerMemberLog -/var/log/apache2/@@{APACHE2_LOGS}\.log\.([3-9]|[1-4][0-9]|5[0-1])\.gz$ SerMemberLog +/var/log/apache2/@@{APACHE2_LOGS}\.log\.(([0-4])?[0-9]|5[01])\.gz$ SerMemberLog /var/log/apache2/@@{APACHE2_LOGS}\.log\.52\.gz$ HiSerMemberLog - /var/run/apache2\.pid$ VarFile /var/run/apache2/ssl_scache$ VarFile /var/(log|run)/apache2$ VarDir + +@@ifdef LOC_WEBSITES +/var/log/apache2/@@{LOC_WEBSITES}/@@{APACHE2_LOGS}\.log(\.1)?$ LowLog +/var/log/apache2/@@{LOC_WEBSITES}/@@{APACHE2_LOGS}\.log\.2\.gz$ LoSerMemberLog +/var/log/apache2/@@{LOC_WEBSITES}/@@{APACHE2_LOGS}\.log\.(([0-4])?[0-9]|5[01])\.gz$ SerMemberLog +/var/log/apache2/@@{LOC_WEBSITES}/@@{APACHE2_LOGS}\.log\.52\.gz$ HiSerMemberLog +/var/log/apache2/@@{LOC_WEBSITES}$ VarDir +@@endif diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_aptitude aide.conf.local.d/31_aide_aptitude --- aide.conf.d/31_aide_aptitude 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_aptitude 2012-08-04 18:35:27.818118296 -0700 @@ -1,13 +1,11 @@ -/var/log/aptitude$ Log -/var/log/aptitude\.1\.gz$ LoSerMemberLog -/var/log/aptitude\.[2-5]\.gz$ SerMemberLog -/var/log/aptitude\.6\.gz$ HiSerMemberLog /var/backups/aptitude\.pkgstates\.0$ LowLog /var/backups/aptitude\.pkgstates\.1\.gz$ LoSerMemberLog /var/backups/aptitude\.pkgstates\.[2345]\.gz$ SerMemberLog /var/backups/aptitude\.pkgstates\.6\.gz$ HiSerMemberLog -/var/lib/aptitude/pkgstates(\.old)?$ VarFile -/var/lib/aptitude$ VarDir -!/var/lock/aptitude$ +/var/lock/aptitude$ VarDir +/var/log/aptitude(\.1\.gz)?$ LowLog +/var/log/aptitude\.2\.gz$ LoSerMemberLog +/var/log/aptitude\.[3-5]\.gz$ SerMemberLog +/var/log/aptitude\.6\.gz$ HiSerMemberLog /root/\.(aptitude|debtags)$ VarDir /root/\.aptitude/config$ VarFile diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_boinc-client aide.conf.local.d/31_aide_boinc-client --- aide.conf.d/31_aide_boinc-client 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/31_aide_boinc-client 2012-08-04 18:35:27.814118388 -0700 @@ -0,0 +1,23 @@ +/var/lib/boinc-client$ VarDir +/var/lib/boinc-client/client_state.xml$ VarFile +/var/lib/boinc-client/client_state_prev.xml$ VarFile +/var/lib/boinc-client/daily_xfer_history.xml$ VarFile +/var/lib/boinc-client/do_fp$ VarFile +/var/lib/boinc-client/get_current_version.xml$ VarFile +/var/lib/boinc-client/global_prefs.xml$ VarFile +/var/lib/boinc-client/lookup_website.html$ VarFile +/var/lib/boinc-client/stderrdae.txt$ VarFile +/var/lib/boinc-client/stdoutdae.txt$ VarFile +/var/lib/boinc-client/time_stats_log$ VarFile + +# Add rules for your projects. +/var/lib/boinc-client/job_log_setiathome.berkeley.edu.txt$ VarFile +/var/lib/boinc-client/master_setiathome.berkeley.edu.xml$ VarFile +/var/lib/boinc-client/projects/setiathome.berkeley.edu$ VarDir +/var/lib/boinc-client/projects/setiathome.berkeley.edu/.*$ VarFile+ANF+ARF +/var/lib/boinc-client/sched_reply_setiathome.berkeley.edu.xml$ VarFile +/var/lib/boinc-client/sched_request_setiathome.berkeley.edu.xml$ VarFile +/var/lib/boinc-client/slots/[[:digit:]]+$ VarDir +/var/lib/boinc-client/slots/[[:digit:]]+/.*$ VarFile+ANF+ARF +/var/lib/boinc-client/statistics_setiathome.berkeley.edu.xml$ VarFile + diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_crack aide.conf.local.d/31_aide_crack --- aide.conf.d/31_aide_crack 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/31_aide_crack 2012-08-04 18:35:27.818118296 -0700 @@ -0,0 +1,3 @@ +/var/cache/cracklib/cracklib_dict.pwi$ Full-m-c +/var/cache/cracklib/cracklib_dict.hwm$ Full-m-c +/var/cache/cracklib/cracklib_dict.pwd$ Full-m-c diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_dlocate aide.conf.local.d/31_aide_dlocate --- aide.conf.d/31_aide_dlocate 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_dlocate 2012-08-04 18:35:27.818118296 -0700 @@ -1,2 +1,2 @@ -/var/lib/dlocate/(dpkg-list|dlocatedb(|\.stamps|\.old))$ VarFile +/var/lib/dlocate/(dpkg-list|dlocate(db)?(\.old|\.stamps)?)$ VarFile /var/lib/dlocate$ VarDir diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_dpkg aide.conf.local.d/31_aide_dpkg --- aide.conf.d/31_aide_dpkg 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_dpkg 2012-08-04 18:35:27.818118296 -0700 @@ -2,9 +2,10 @@ /var/lib/dpkg/status\.yesterday(\.[0-9]*)?(\.gz)?$ VarFile /var/lib/dpkg/(info|updates|lock)$ VarDir /var/lib/dpkg$ VarDir -/var/log/dpkg\.log$ Log -/var/log/dpkg\.log-[0-9]{8}\.gz$ LowDELog -/var/log/dpkg\.log-[0-9]{8}$ SerMemberDELog +/var/log/dpkg\.log(\.1)?$ LowLog +/var/log/dpkg\.log\.2\.gz$ LoSerMemberLog +/var/log/dpkg\.log\.([3-9]|10|11)\.gz$ SerMemberLog +/var/log/dpkg\.log\.12\.gz$ HiSerMemberLog /var/backups/dpkg\.status\.0$ LowLog /var/backups/dpkg\.status\.1\.gz$ LoSerMemberLog /var/backups/dpkg\.status\.[2345]\.gz$ SerMemberLog diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_john aide.conf.local.d/31_aide_john --- aide.conf.d/31_aide_john 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/31_aide_john 2012-08-04 18:35:27.814118388 -0700 @@ -0,0 +1,12 @@ +!/var/lock/john$ +/var/lib/john/john.pot$ VarFile +/var/lib/john/restore$ VarFile +/var/run/john$ VarDir +/var/run/john/john.pid$ VarFile+ANF+ARF +/var/run/john/cronpasswd.*$ VarFile+ANF+ARF + +# Temporary. See bug #495398. +/root/.john/john.log$ VarFile +/root/.john/john.rec$ VarFile +/root/.john/john.pot$ VarFile + diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_logcheck aide.conf.local.d/31_aide_logcheck --- aide.conf.d/31_aide_logcheck 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_logcheck 2012-08-04 18:35:27.818118296 -0700 @@ -1,2 +1,4 @@ -/var/lib/logcheck/offset\.var\.log\.(syslog|auth\.log)$ VarFile -/var/(lib|lock)/logcheck$ VarDir +/var/lock/logcheck$ VarDir +!/var/lock/logcheck/ +/var/lib/logcheck/offset VarFile +/var/lib/logcheck$ VarDir diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_mailman aide.conf.local.d/31_aide_mailman --- aide.conf.d/31_aide_mailman 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_mailman 2012-08-04 18:35:27.818118296 -0700 @@ -1,8 +1,7 @@ -# maintained on q !/var/lib/mailman/data/(bounce-events|heldmsg-[-[:alnum:]]+)-[[:digit:]]+\.pck$ /var/lib/mailman/data$ VarDir !/var/lib/mailman/archives/private/[-[:alnum:]]+/database/@@{YEAR4D}-[[:alnum:]]+-(author|subject|thread|article|date)$ -!/var/lib/mailman/archives/private/[-[:alnum:]]+/@@{YEAR4D}-[[:alnum:]]+/(author|subject|thread|date|index|[[:digit:]]{5,6})\.html$ +!/var/lib/mailman/archives/private/[-[:alnum:]]+/@@{YEAR4D}-[[:alnum:]]+/(author|subject|thread|date|index|[[:digit:]]{5})\.html$ !/var/lib/mailman/archives/private/[-[:alnum:]]+/@@{YEAR4D}-[[:alnum:]]\.txt(\.gz)?$ !/var/lib/mailman/archives/private/[-[:alnum:]]+/attachments/[[:digit:]]{8}/[[:digit:]]{8}/[[:alnum:]\.]+$ @@ -15,23 +14,22 @@ /var/lock/mailman/master-qrunner(\.[[:alnum:]]+\.[[:digit:]]+)?$ VarFile /var/lock/mailman$ VarDir +/var/log/mailman$ VarDir + @@define LOGFILES4 (vette|error|bounce|digest) -/var/log/mailman/@@{LOGFILES4}$ Log -/var/log/mailman/@@{LOGFILES4}\.1$ LowLog +/var/log/mailman/@@{LOGFILES4}(\.1)?$ LowLog /var/log/mailman/@@{LOGFILES4}\.2\.gz$ LoSerMemberLog /var/log/mailman/@@{LOGFILES4}\.3\.gz$ SerMemberLog /var/log/mailman/@@{LOGFILES4}\.4\.gz$ HiSerMemberLog @@define LOGFILES12 (subscribe|post) -/var/log/mailman/@@{LOGFILES12}$ Log -/var/log/mailman/@@{LOGFILES12}\.1$ LowLog +/var/log/mailman/@@{LOGFILES12}(\.1)?$ LowLog /var/log/mailman/@@{LOGFILES12}\.2\.gz$ LoSerMemberLog /var/log/mailman/@@{LOGFILES12}\.([3-9]|1[0-1])\.gz$ SerMemberLog /var/log/mailman/@@{LOGFILES12}\.12\.gz$ HiSerMemberLog @@define LOGFILES7 (qrunner|fromusenet|locks|smtp(-failure)?) -/var/log/mailman/@@{LOGFILES7}$ Log -/var/log/mailman/@@{LOGFILES7}\.1$ LowLog +/var/log/mailman/@@{LOGFILES7}(\.1)?$ LowLog /var/log/mailman/@@{LOGFILES7}\.2\.gz$ LoSerMemberLog /var/log/mailman/@@{LOGFILES7}\.[3-6]\.gz$ SerMemberLog /var/log/mailman/@@{LOGFILES7}\.7\.gz$ HiSerMemberLog diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_man aide.conf.local.d/31_aide_man --- aide.conf.d/31_aide_man 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_man 2012-08-04 18:35:27.814118388 -0700 @@ -1,6 +1,5 @@ -/var/cache/man/(cat[123456789]|local|opt|fsstnd|oldlocal|X11R6)$ VarDir - @@define LANGS (ca|cs|de(\.UTF-8)?|en|es(\.UTF-8)?|fi|fr(\.(ISO8859-1|UTF-8))?|gl|hu|id|it(\.(ISO8859-1|UTF-8))?|ja(\.UTF-8)?|ko|nl|pl(\.(UTF-8|ISO8859-2))?|pt(_BR)?|ru|sv|tr|vi|zh(_(CH|CN|TW))?) -/var/cache/man(/@@{LANGS})?/index\.db$ VarFile /var/cache/man(/@@{LANGS})?$ VarDir +/var/cache/man(/@@{LANGS})?/index\.db$ VarFile +/var/cache/man(/@@{LANGS})?/(cat[123456789]|local|opt|fsstnd|oldlocal|X11R6)$ VarDir diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_pop-before-smtp aide.conf.local.d/31_aide_pop-before-smtp --- aide.conf.d/31_aide_pop-before-smtp 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/31_aide_pop-before-smtp 2012-08-04 18:35:27.818118296 -0700 @@ -0,0 +1 @@ +/var/lib/pop-before-smtp/hosts.db$ VarFile diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_postfix aide.conf.local.d/31_aide_postfix --- aide.conf.d/31_aide_postfix 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/31_aide_postfix 2012-08-04 18:35:27.814118388 -0700 @@ -0,0 +1,4 @@ +/var/lib/postfix/prng_exch VarFile +/var/lib/postfix/smtpd_scache.db VarFile +/var/spool/postfix$ VarDir +!/var/spool/postfix/ diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_rsyslog aide.conf.local.d/31_aide_rsyslog --- aide.conf.d/31_aide_rsyslog 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_rsyslog 2012-08-04 20:28:06.974118983 -0700 @@ -1,12 +1,10 @@ @@define LOGFILES7R (syslog) -/var/log/@@{LOGFILES7R}$ Log -/var/log/@@{LOGFILES7R}\.1$ LowLog +/var/log/@@{LOGFILES7R}(\.1)?$ LowLog /var/log/@@{LOGFILES7R}\.2\.gz$ LoSerMemberLog /var/log/@@{LOGFILES7R}\.[3-6]\.gz$ SerMemberLog /var/log/@@{LOGFILES7R}\.7\.gz$ HiSerMemberLog @@define LOGFILES4R (messages|debug|(cron|lpr|auth|daemon|kern|user)\.log|mail\.(log|err|warn|info)) -/var/log/@@{LOGFILES4R}$ Log -/var/log/@@{LOGFILES4R}\.1$ LowLog +/var/log/@@{LOGFILES4R}(\.1)?$ LowLog /var/log/@@{LOGFILES4R}\.2\.gz$ LoSerMemberLog /var/log/@@{LOGFILES4R}\.3\.gz$ SerMemberLog /var/log/@@{LOGFILES4R}\.4\.gz$ HiSerMemberLog diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_shorewall aide.conf.local.d/31_aide_shorewall --- aide.conf.d/31_aide_shorewall 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/31_aide_shorewall 2012-08-04 18:35:27.814118388 -0700 @@ -0,0 +1,5 @@ +/var/log/shorewall-init.log(\.0)?$ LowLog +/var/log/shorewall-init.log\.1\.gz$ LoSerMemberLog +/var/log/shorewall-init.log\.[23]\.gz$ SerMemberLog +/var/log/shorewall-init.log\.4\.gz$ HiSerMemberLog + diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_tinyproxy aide.conf.local.d/31_aide_tinyproxy --- aide.conf.d/31_aide_tinyproxy 1969-12-31 16:00:00.000000000 -0800 +++ aide.conf.local.d/31_aide_tinyproxy 2012-08-04 18:35:27.822118335 -0700 @@ -0,0 +1,7 @@ +/var/log/tinyproxy$ VarDir +/var/log/tinyproxy/tinyproxy\.log$ LowLog +/var/log/tinyproxy/tinyproxy\.log\.1\.gz$ LoSerMemberLog +/var/log/tinyproxy/tinyproxy\.log\.([2-9]|1[0-3])\.gz$ SerMemberLog +/var/log/tinyproxy/tinyproxy\.log\.14\.gz$ HiSerMemberLog +/var/run/tinyproxy$ VarDir +/var/run/tinyproxy/tinyproxy.pid$ VarFile diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_webalizer aide.conf.local.d/31_aide_webalizer --- aide.conf.d/31_aide_webalizer 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_webalizer 2012-08-04 18:35:27.818118296 -0700 @@ -1,6 +1,10 @@ #@@define LOC_WEBSITES (www\.a\.example|www\.b\.example) @@ifdef LOC_WEBSITES -@@define LOC_WEBALIZERFILES (index\.html|usage\.png|webalizer\.(hist|current)|(ctry|daily|hourly)_usage_@@{YEAR4D}(0[1-9]|1[0-2])\.png|usage_@@YEAR4D(0[1-9]|1[0-2])\.html) +@@define LOC_WEBSITE_ROOT /var/www +@@define LOC_WEBALIZER_DIR stats +@@define LOC_WEBALIZERFILES (index\.html|usage\.png|webalizer\.(hist|current)|(ctry|daily|hourly)_usage_@@{YEAR4D}(0[1-9]|1[0-2])\.png|usage_@@{YEAR4D}(0[1-9]|1[0-2])\.html) -/var/www/@@{LOC_WEBSITES}/stats/@@{LOC_WEBALIZERFILES}$ VarFile +@@{LOC_WEBSITE_ROOT}/@@{LOC_WEBSITES}/@@{LOC_WEBALIZER_DIR}/@@{LOC_WEBALIZERFILES}$ VarFile + +/var/lib/webalizer/dns_cache.db$ VarFile @@endif diff -u --exclude .svn --new-file -r aide.conf.d/31_aide_wtmp aide.conf.local.d/31_aide_wtmp --- aide.conf.d/31_aide_wtmp 2011-04-11 09:55:31.000000000 -0700 +++ aide.conf.local.d/31_aide_wtmp 2012-08-04 18:35:27.822118335 -0700 @@ -1,5 +1,2 @@ -/var/log/wtmp$ Log -/var/log/wtmp\.1$ LowLog -/var/log/wtmp\.2\.gz$ LoSerMemberLog -/var/log/wtmp\.[345]+\.gz$ SerMemberLog -/var/log/wtmp\.6\.gz$ HiSerMemberLog +/var/log/wtmp(\.1)?$ LowLog +/var/log/btmp(\.1)?$ LowLog Marc Haber <[email protected]> wrote: > On Sat, Nov 24, 2007 at 08:04:54PM -0800, Bill Wohler wrote: > > As you noticed from a previous email, I'm finally working on aide again. > > Good! And I apologize for not getting back to you earlier. > > > Marc Haber <[email protected]> wrote: > > > Care to submit your rules for inclusion in the aide packages? > > > > I will be glad to do so once I stop editing them :-). > > Great! Looking forward! > > > I've just installed 0.13.1-8 with apt-get source. Unfortunately, as > > reported in #442214, I always get the following report: > > > > removed: /var/log/aide/aide.log.6.gz > > > > Once that message goes away, I'll be able to determine if this upgrade > > closed this issue for me. > > Try changing /etc/aide/aide.conf.d/31_aide_aide to read: > /var/log/aide/aide\.log(\.0)?$ LowLogs > /var/log/aide/aide\.log\.1\.gz$ RotatedLogs+ANF > /var/log/aide/aide\.log\.[2345]\.gz$ RotatedLogs > /var/log/aide/aide\.log\.6\.gz$ RotatedLogs+ARF > > Maybe this changes things (see also my answer and test case appended > to #442214). However, even the original rule seems to work for me. So > let's find a minimal test case to be able to pin down the issue. > > Greetings > Marc > > -- > ----------------------------------------------------------------------------- > Marc Haber | "I don't trust Computers. They | Mailadresse im Header > Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 > Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 > -- System Information: Debian Release: 6.0.5 APT prefers stable APT policy: (600, 'stable'), (500, 'stable-updates'), (90, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/bash -- Bill Wohler <[email protected]> aka <[email protected]> http://www.newt.com/wohler/ GnuPG ID:610BD9AD
--- End Message ---
--- Begin Message ---Source: aide Source-Version: 0.16.2-87-g9804cf4-1 Done: Marc Haber <[email protected]> We believe that the bug you reported is fixed in the latest version of aide, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marc Haber <[email protected]> (supplier of updated aide package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 18 Jan 2021 20:20:30 +0100 Source: aide Architecture: source Version: 0.16.2-87-g9804cf4-1 Distribution: experimental Urgency: medium Maintainer: Aide Maintainers <[email protected]> Changed-By: Marc Haber <[email protected]> Closes: 289174 414268 683957 824036 977680 977966 Changes: aide (0.16.2-87-g9804cf4-1) experimental; urgency=medium . * upstream development snapshot (0.17 release candidate) * patches no longer needed * workaround for issue #24 no longer needed * changes include: * new --dry-init option (Closes: #289174) * error messages are now reported in the correct line. Thanks to Marc Schiffbauer (Closes: #414268) * takes a lock on database_out * can be compiled without default configuration * Can include static and dynamic configuration from a directory. (Closes: #824036) * adapt aide.conf to the incompatible changes * aide-attributes does no longer exist * change aide.conf examples to file restrictions * configure --without-config-file and --disable-default-db * enable capabilities and Build-Depend on libcap * fix strange indents in debian/rules * Build-Depend on pkg-config * remove no longer needed aide.wrapper * remove no longer needed update-aide.conf * convert pl.po, sv.po, es.po, nl.po and fr.po to UTF-8 * Standards-Version: 4.5.1 (no changes necessary) * improve debian/copyright (needs more work because of translations) * document incompatible changes in NEWS.Debian * add documentation about how to write good rules * adapt rules to new syntax: * 31_aide_amanda-server * 31_aide_apt * 31_aide_bind9 * 31_aide_spamassassin * improve rules, add selection restrictions: (Closes: #977966) * 31_aide_anacron * 31_aide_apt * 31_aide_apt-cacher-ng * 31_aide_aptitude * 31_aide_atop * 31_aide_clamav-freshclam * 31_aide_clamav-unofficial-sigs * 31_aide_cron-apt * 31_aide_dbus * 31_aide_dehydrated * 31_aide_dpkg * 31_aide_etckeeper * 31_aide_exim4 * 31_aide_haproxy * 31_aide_initramfs-tools * 31_aide_libvirt-bin * 31_aide_logcheck * 31_aide_lvm2 * 31_aide_man * 31_aide_mlocate * 31_aide_php-common * 31_aide_runuser * 31_aide_samba * 31_aide_screen * 31_aide_spamassassin * 31_aide_sudo * 31_aide_udev * 31_aide_util-linux * 70_aide_run * 70_aide_tmp * new rules: * 10_aide_machineid * 21_aide_run_agetty * 31_aide_avahi-daemon * 31_aide_chrony * 31_aide_console-setup * 31_aide_dev * 31_aide_dmeventd * 31_aide_lldpd * 31_aide_locales * 31_aide_needrestart * 31_aide_network-manager * remove deprecation warnings: * 31_aide_apt (added with 0.14~rc3-1 in 2010) * some of these rule changes were submitted by Bill Wohler. Thank you very much! (closes: #683957) * fix wrong excludes of /proc and /sys. Thanks to Andreas Hasenack. (closes: #977680) Checksums-Sha1: 9b92713965ce00efc09bacfa0dbbc5af27137a94 2362 aide_0.16.2-87-g9804cf4-1.dsc 8fd7a05c6008ccd9600f08a13cb6bf11193d08f9 117480 aide_0.16.2-87-g9804cf4.orig.tar.xz 3c498884a8078df830c70d583fc5c828335842b3 89856 aide_0.16.2-87-g9804cf4-1.debian.tar.xz 6a3d20ddacc27e9b542b87a876c29d1625152132 6375 aide_0.16.2-87-g9804cf4-1_source.buildinfo Checksums-Sha256: cb7780bf8e6acc6f37c3ff04ece7794a82762472f938e0722f40c82a2dd2ec38 2362 aide_0.16.2-87-g9804cf4-1.dsc f4853cc23ed4311135f792c3677c86a4c55326ee5afff346149858fb07be796d 117480 aide_0.16.2-87-g9804cf4.orig.tar.xz 6307c51f92885b71d02bb2d03f797d705c498e4071e00b43d84bb514fc70c346 89856 aide_0.16.2-87-g9804cf4-1.debian.tar.xz 8093c7eba425564b778f6cd8191e4b197c6c289bdaea00cd1bf1522c51d2c3da 6375 aide_0.16.2-87-g9804cf4-1_source.buildinfo Files: b65dac04ca9bd3fea6f99de252e8bfb9 2362 admin optional aide_0.16.2-87-g9804cf4-1.dsc 4a778b672aaedd1fa20ee5ef108e370e 117480 admin optional aide_0.16.2-87-g9804cf4.orig.tar.xz 1a6f4997e39335dcaec9187dc4de81d6 89856 admin optional aide_0.16.2-87-g9804cf4-1.debian.tar.xz 7e855de474b7ab7b407019517731542a 6375 admin optional aide_0.16.2-87-g9804cf4-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE6QL5UJ/L0pcuNEbjj3cgEwEyBEIFAmAIDewACgkQj3cgEwEy BEK5xRAAmr6QXC8sG8Izz7ZlmbQEA/nGjMm82QCd8bVr0LwOCIKxJJHgJl2IfL/G fH/0ICety5W5iRF7OBPc6zivlJYynZ+HkmOfe4eM0rCA0+WYxG587JvT51hvT0O0 lCOWtuusg69uZMGKKr0lTEm2DjK7a/+ub19Xu/v+Mt5X0Jfhe5IRG/ZdvQQ2/ULM yTcCl/GXtp4DV3bYUiPyJ0A/gCyk2CgPNsUXSCbQ2lSLXA4e7Z3WY6F4OF476Bwr yWMRiDzLeOKDdDnx7YqyMpxAg2vlfNiY1eE6x8wGjYHHTYIBtYUihHvNYzc6KmMv yljgUBNejqNpsoF+W3M4izlruB9c+xkS9GQ0bbUiNseJjUtLoho0XzB2EvI7LkRf v/cWiAqsl263EQraKlBjU1H/CZSfNlXKub2GJafvFVtd1a3e0gCmgIjJgBvH/29y 8QuIVn4+qS9LmHXNBj2d3Z50nhl0OdKwZs+aFS3JZaLFYTDKqygZLCvF2/cuSg/r 1L7SlQngw6Kh9RRCcdaLgvwkhHC3DabZgvZTFARzIdgLGGCXMBnRIsFpKkwzDX6T 90TcCCYZOXIsJtkj/UOxem1eDKmyaH3ayz8kIavDAC7y920k21xBO2a9kGBWskyi wMdRxj8o+ohmp/mgPMgmZ3HvfU+LjaPWVyxQBYohBiDossBD3NI= =y8Xg -----END PGP SIGNATURE-----
--- End Message ---
