Hi, I am having a problem initializing my aide installation on a xen Debian squeeze domU. I have installed and configured aide many times across debian etch/lenny/squeeze and have not had the problem detailed below. However, this is my first aide install on a xen vm. I found one reference to a similar situation in the aide user list archives, found here: https://mailman.cs.tut.fi/pipermail/aide/2011-October/001245.html . I read through the Debian documentation but ultimately didn't find anything to help me. I have looked for help on a Debian specific mailing list, but found no takers. I am hoping that someone here can point me in the right direction to get this problem resolved.
Thanks. Details of the problem: KERNEL AND PACKAGES INSTALLED: Linux turing 2.6.32-5-xen-amd64 #1 SMP Sun May 6 08:57:29 UTC 2012 x86_64 GNU/Linux aide-xen/squeeze uptodate 0.15.1-2+squeeze1, aide-common/squeeze uptodate 0.15.1-2+squeeze1 AIDE.CONF: database=file:/var/lib/aide/aide.db database_out=file:/var/lib/aide/aide.db.out database_new=file:/var/lib/aide/aide.db.new gzip_dbout=yes report_url=file:/work/logs/aide/report.txt summarize_changes=no grouped=yes Checksums = sha256+sha512+rmd160+haval+gost+crc32+tiger OwnerMode = p+u+g+ftype Size = s+b InodeData = OwnerMode+n+i+Size+l+acl+xattrs+e2fsattrs+selinux StaticFile = m+c+Checksums RamdiskData = InodeData-i Full = InodeData+StaticFile VarTime = InodeData+Checksums VarInode = VarTime-i VarFile = OwnerMode+n+l+acl+xattrs+e2fsattrs+selinux VarDir = OwnerMode+n+i+acl+xattrs+e2fsattrs+selinux VarDirInode = OwnerMode+n+acl+xattrs+e2fsattrs+selinux VarDirTime = InodeData Log = OwnerMode+n+S+acl+xattrs+e2fsattrs+selinux FreqRotLog = Log-S LowLog = Log-S SerMemberLog = Full+I LoSerMemberLog = SerMemberLog+ANF HiSerMemberLog = SerMemberLog+ARF LowDELog = SerMemberLog+ANF+ARF SerMemberDELog = Full+ANF LinkedLog = Log-n INIT: root@turing:/etc/aide# aide -V255 --config=/etc/aide/aide.conf --init Setting verbosity to 255 commandconf():@@include /etc/aide/aide.conf 1:@@include 9:database = do_dbdef (1) called with (file:/var/lib/aide/aide.db) 10:database_out = do_dbdef (2) called with (file:/var/lib/aide/aide.db.out) Output database set to "file:/var/lib/aide/aide.db.out" "/var/lib/aide/aide.db.out" 11:database_new = do_dbdef (4) called with (file:/var/lib/aide/aide.db.new) 12:gzip_dbout = 13:report_url = WARNING: Debug output enabled Opening file "/work/logs/aide/report.txt" for w+ Opened file "/work/logs/aide/report.txt" with fd=4 17:summarize_changes = 20:grouped = 25:Equrule 28:Equrule 31:Equrule 34:Equrule 35:Equrule 39:Equrule 42:Equrule 45:Equrule 48:Equrule 51:Equrule 54:Equrule 57:Equrule 60:Equrule 150:Equrule 153:Equrule 157:Equrule 160:Equrule 164:Equrule 168:Equrule 173:Equrule 177:Equrule 181:Equrule tree: "/" AIDE, version 0.15.1 ### AIDE database at /var/lib/aide/aide.db.out initialized. report out: db_init 2 Opening file "/var/lib/aide/aide.db.out" for w+ Opened file "/var/lib/aide/aide.db.out" with fd=3 db_out is nonnull /var/lib/aide/aide.db.out decode base64 db_init 256 / match=0, tree=0x1aaa5c0, attr=0 /usr match=0, tree=0x1aaa5c0, attr=0 /opt match=0, tree=0x1aaa5c0, attr=0 /var match=0, tree=0x1aaa5c0, attr=0 /lost+found match=0, tree=0x1aaa5c0, attr=0 /initrd.img match=0, tree=0x1aaa5c0, attr=0 /lib64 match=0, tree=0x1aaa5c0, attr=0 /work match=0, tree=0x1aaa5c0, attr=0 /proc match=0, tree=0x1aaa5c0, attr=0 /smbmnt match=0, tree=0x1aaa5c0, attr=0 /tmp match=0, tree=0x1aaa5c0, attr=0 /root match=0, tree=0x1aaa5c0, attr=0 /export match=0, tree=0x1aaa5c0, attr=0 /dev match=0, tree=0x1aaa5c0, attr=0 /home match=0, tree=0x1aaa5c0, attr=0 /bin match=0, tree=0x1aaa5c0, attr=0 /sbin match=0, tree=0x1aaa5c0, attr=0 CREATE AIDE.DB: root@turing:/var/lib/aide# cp aide.db.out aide.db UPDATE: root@turing:/etc/aide# aide -V255 --config=/etc/aide/aide.conf --update Setting verbosity to 255 commandconf():@@include /etc/aide/aide.conf 1:@@include 9:database = do_dbdef (1) called with (file:/var/lib/aide/aide.db) 10:database_out = do_dbdef (2) called with (file:/var/lib/aide/aide.db.out) Output database set to "file:/var/lib/aide/aide.db.out" "/var/lib/aide/aide.db.out" 11:database_new = do_dbdef (4) called with (file:/var/lib/aide/aide.db.new) 12:gzip_dbout = 13:report_url = WARNING: Debug output enabled Opening file "/work/logs/aide/report.txt" for w+ Opened file "/work/logs/aide/report.txt" with fd=4 17:summarize_changes = 20:grouped = 25:Equrule 28:Equrule 31:Equrule 34:Equrule 35:Equrule 39:Equrule 42:Equrule 45:Equrule 48:Equrule 51:Equrule 54:Equrule 57:Equrule 60:Equrule 150:Equrule 153:Equrule 157:Equrule 160:Equrule 164:Equrule 168:Equrule 173:Equrule 177:Equrule 181:Equrule tree: "/" report out: db_init 2 Opening file "/var/lib/aide/aide.db.out" for w+ Opened file "/var/lib/aide/aide.db.out" with fd=3 db_out is nonnull /var/lib/aide/aide.db.out decode base64 db_init 256 db_init 1 Opening file "/var/lib/aide/aide.db" for r Opened file "/var/lib/aide/aide.db" with fd=6 db_in is nonnull Got Gzip header. Handling.. First character after gzip header is: @(0X40) nread=120,strlen(buf)=120,errno=Success,gzerr=<fd:6>: stream end decode base64 name Database does not have attr field. Comparation may be incorrect Generating attr-field from dbspec It might be a good Idea to regenerate databases. Sorry. db_char2line():Error while reading database CHECK: root@turing:/etc/aide# aide -V255 --config=/etc/aide/aide.conf --check Setting verbosity to 255 commandconf():@@include /etc/aide/aide.conf 1:@@include 9:database = do_dbdef (1) called with (file:/var/lib/aide/aide.db) 10:database_out = do_dbdef (2) called with (file:/var/lib/aide/aide.db.out) Output database set to "file:/var/lib/aide/aide.db.out" "/var/lib/aide/aide.db.out" 11:database_new = do_dbdef (4) called with (file:/var/lib/aide/aide.db.new) 12:gzip_dbout = 13:report_url = WARNING: Debug output enabled Opening file "/work/logs/aide/report.txt" for w+ Opened file "/work/logs/aide/report.txt" with fd=4 17:summarize_changes = 20:grouped = 25:Equrule 28:Equrule 31:Equrule 34:Equrule 35:Equrule 39:Equrule 42:Equrule 45:Equrule 48:Equrule 51:Equrule 54:Equrule 57:Equrule 60:Equrule 150:Equrule 153:Equrule 157:Equrule 160:Equrule 164:Equrule 168:Equrule 173:Equrule 177:Equrule 181:Equrule tree: "/" report out: db_init 256 db_init 1 Opening file "/var/lib/aide/aide.db" for r Opened file "/var/lib/aide/aide.db" with fd=5 db_in is nonnull Got Gzip header. Handling.. First character after gzip header is: @(0X40) nread=120,strlen(buf)=120,errno=Success,gzerr=<fd:5>: stream end decode base64 name Database does not have attr field. Comparation may be incorrect Generating attr-field from dbspec It might be a good Idea to regenerate databases. Sorry. db_char2line():Error while reading database
_______________________________________________ Aide mailing list [email protected] https://mailman.cs.tut.fi/mailman/listinfo/aide
