Hi Marc, a while ago, Andreas and I quickly discussed adding some standard aide rules to postgresql-common. However, there are some unresolved questions, maybe you can shed some light about what aide generally does with files in /var and what makes sense to add as separate rules?
Thank you! Martin The important bits as fullqoute, for your convenience: Andreas Tille [2007-05-20 17:59 +0200]: > On Sun, 20 May 2007, Martin Pitt wrote: > >> I do not know aide at all, but from looking at this I concur to Peter >> that it seems questionable to me to check /var/lib by default and then >> spread such global 'ignore /var' patterns across all the packages >> that use /var. > > Well, as I said, Aide knows different types of checking and while > we all know that /var/lib is changing frequently without any > unfriendly intrusion it is just a matter in which kind /var/lib > is changing. That's why Aide tries to regard different ways of > changes that have to be specified. > >> Also, above rule would not really fit well. People might configure >> other clusters (such has having 7.4/transition, 8.1/main, 8.2/master >> and 8.2/slave), so I would not like to hardcode cluster and version >> names. OTOH, '!/var/lib/postgresql/' looks too blunt to me to be >> really useful, but that's just my gut feeling. >> >> So would '!/var/lib/postgresql/' still be useful at all? What about >> /var/log/postgresql? > > Well, I'm not an Aide expert as well - I just have seen that it contains > aide.conf.d files for several packages but postgresql is missing. > Because I do not see a reason why postgresql is missing but several > other packages provide such scripts I think we should perhaps > discuss this issue on debian-devel (or any other reasonable place) > because I see no reason if we as non experts in this issue try > to find a clever solution. -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org
signature.asc
Description: Digital signature
