Marc Haber <[email protected]> wrote:
On a second and third though, why don't you implement this in a dedicated binary so that a normal update round can be like- update system - run aide --update - filter output through new program to see only changes that didn't come from a package - decide whether to cp aide.db.new to aide.db That way, the complicated stuff can be implemented, for example, in perl, since it is not mandatory.
That would be an option. But I think the filter should also work for single package installations via aptitude install or dpkg -i. So how to implement that in an automatic way?
Very nice. Please consider implementing this as a patch to the actual aide binary which can be submitted upstream. This may be a feature to be of big use outside Debian..
I can do that, but as far as I can judge the truncation of the "Detailed changes" part has to be done further on in the cron job script.
Not that I know of. This might be worthwhile to implement upstream as well.
see below
If I can choose, it would be a language that doesn't need a run-time environment or an interpreter on the target system. aide may be used on systems that need to be small, thus perl, python, ruby, java and other interpreted or bytecode languages are ruled out. The more I think about this, the more I get convinced that shell is just right for the cron job which is mandatory on all systems. For more complex systems, "plug-ins" to the cron job could be in other languages, provided that the cron job basically continues to work without these plug-ins.
Beside your option above I think we have two more options to handle package changes: On the one hand we could filter the aide log by adding a plug-in system to the cron job and writing a filter program which filters the new and changed files related to package changes. On the other hand we could modify the aide database before and after every package change. Thereby it would be possible to also filter removed files. This requires a new option to aide binary which allows to partially updating the aide database from a list of files and a way to run a program before and after every dpkg run. Is that possible? regards, Hannes -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
