Thanks, your response did help; hence, As closure of this thread, I've decided to share how I got all this to work on CentOS7, but should (could) also work on RHEL, Fedora and Oracle Linux.
Admin Notes:- I did get acl attribute to work but still could NOT get xattr attribute to be accepted in aide.conf; (work around towards success - removed xattr from aide.conf). I also checked config.log and I can see that support check for xattr resulted as "yes". Step1: Install all dependencies - (beign way over greedy here; but depending on your system's current state, you might already have some of these installed, in that case yum will anyway ignore that package from the list. Just in case you still see errors, review config.log and resolve it) sudo yum install -y bison flex pcre pcre-devel.x86_64 zlib zlib-devel.x86_64 libgcrypt-devel.x86_64 libgcrypt.x86_64 mhash-devel.x86_64 libcryptui-devel.x86_64 gettext-0.19.8.1-2.el7.x86_64 glibc glibc-devel glibc-static libacl libacl-devel libselinux libselinux-devel Step2: ran configure script with these options - ./configure --with-zlib --with-posix-acl --with-xattr --without-mhash --with-selinux --disable-static --with-gcrypt Step3: make (if make throws fatal or ld errors, It'd be good to resolve and rerun make, before "make install"). Step4: "sudo make install" Validations:- Step5: aide --version Step6: "sudo aide --init" (assumption : you already have a valid aide.conf present at the path listed for CONFIG in above command" Step7: Rename aide.db.new file to aide.db Step8: Make a change in a directory which is monitored under aide.conf Step9: "sudo aide --check" Review results - job done. Thanks again Richard. Regards, Nutan On Sun, 19 Jan 2020 at 15:30, <[email protected]> wrote: > Send Aide mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://www.ipi.fi/mailman/listinfo/aide > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Aide digest..." > > > Today's Topics: > > 1. Re: AIDE init error for acl and gzip support (Nutan Vishwakarma) > 2. Re: AIDE init error for acl and gzip support > (Richard van den Berg) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sun, 19 Jan 2020 01:34:40 +0530 > From: Nutan Vishwakarma <[email protected]> > To: [email protected] > Subject: Re: [Aide] AIDE init error for acl and gzip support > Message-ID: > <CACC=oqEetoFzVpUZFH9z4-Kqvbo9gG= > [email protected]> > Content-Type: text/plain; charset="utf-8" > > Hi, > > Sorry, this took way too long to get back. Here is what I was trying to do > and get an error with attribute "acl" when I use it against a directory. > > I am trying to test latest available version of aide, on CentOS 7 and not > all dependencies are available via yum, so I installed a few manually in > non standard paths. > > > *sudo yum install -y bison flex pcre-devel.x86_64 zlib-devel.x86_64 > libgcrypt-devel.x86_64 libgcrypt.x86_64 mhash-devel.x86_64 > libcryptui-devel.x86_64 gettext-0.19.8.1-2.el7.x86_64./configure > --with-zlib=/home/nutan/aide/zlib-1.2.11/ --disable-static* > > > Configure script succeeded when ran with zlib (resolve libz requirement) > and disabled static. > aide is now running - > > > > > > > > > > > *[nutan@aide aide-0.16.2]$ aide --versionAide 0.16.2Compiled with the > following > options:WITH_MMAPWITH_PCREWITH_LSTAT64WITH_READDIR64WITH_MHASHCONFIG_FILE = > "/usr/local/etc/aide.conf"[nutan@aide aide-0.16.2]$ * > > > NOW, the problem area - > > I created a aide.conf file and add following to it - > > *[nutan@aide rtest]$ sudo more /usr/local/etc/aide.conf* > > *database=file:/var/lib/aide/aide.db* > > *database_out=file:/var/lib/aide/aide.db.new* > > *database_new=file:/var/lib/aide/aide.db.new* > > *gzip_dbout=yes* > > > *summarize_changes=no* > > > *grouped=yes* > > > *verbose = 10* > > > *report_base16 = no* > > > *Checksums = sha512+tiger* > > > *# The checksums of the databases to be printed in the report* > > *# Set to 'E' to disable.* > > *database_attrs = Checksums* > > > *# check test direcotry * > > */home/nutan/aide/rtest p+n+u+g+s+acl+selinux+xattrs+md5+sha256+sha512* > > *[nutan@aide rtest]$ * > > > when "aide --init" is run, then I see error of expression. > > [nutan@aide rtest]$ aide --init > Gzip-support not compiled in. > 21:Error in expression:acl > Configuration error > [nutan@aide rtest]$ > > > If I remove "acl" from attributes list, then I see same error for xattrs. > When I remove xattrs too, I get aide to initialize for the first time as > expected. > > Is this because of build steps?? I'll atleast need acl to be part of the > attributes list. > > Help Please...!! > > > Thanks, > Nutan > > On Tue, 12 Nov 2019 at 10:59, Nutan Vishwakarma < > [email protected]> > wrote: > > > > > >> Hi, > >> > >> I compiled aide-0.16.2 which these options - > >> > >> ./configure --with-zlib=/home/nutan/zlib-1.2.11/ --disable-static > >> > >> > >> and it compiled well, but at the time of aide --init or --check, I get > error for using gzip_dbout=yes and AUDIT = p+u+g+sha512+acl > >> in my aide.conf file. > >> > >> When I check version, it does not show WITH_ZLIB - > >> > >> Aide 0.16.2 > >> > >> > >> Compiled with the following options: > >> > >> > >> WITH_MMAP > >> > >> WITH_PCRE > >> > >> WITH_LSTAT64 > >> > >> WITH_READDIR64 > >> > >> WITH_MHASH > >> > >> CONFIG_FILE = "/usr/local/etc/aide.conf" > >> > >> > >> > >> Any idea what could be going wrong ? I also need to get "acl" working. > >> > >> thanks, > >> Nutan > >> > > > -- > Er Nutan Vishwakarma > Mob: 07893212071 > P > Please consider your environmental responsibility: > Before printing this e-mail, ask yourself whether you need a hard copy. > GO GREEN.....I am Doing my BIT. > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://www.ipi.fi/pipermail/aide/attachments/20200119/d34c6d2b/attachment-0001.html > > > > ------------------------------ > > Message: 2 > Date: Sat, 18 Jan 2020 21:57:19 +0100 > From: Richard van den Berg <[email protected]> > To: Aide user mailinglist <[email protected]> > Subject: Re: [Aide] AIDE init error for acl and gzip support > Message-ID: <[email protected]> > Content-Type: text/plain; charset="utf-8" > > On 18/01/2020 21:04, Nutan Vishwakarma wrote: > > I am trying to test latest available version of aide, on CentOS 7 and > > not all dependencies are available via yum, so I installed a few > > manually in non standard paths. > > > > /sudo yum install -y bison flex pcre-devel.x86_64 zlib-devel.x86_64 > > libgcrypt-devel.x86_64 libgcrypt.x86_64 mhash-devel.x86_64 > > libcryptui-devel.x86_64 gettext-0.19.8.1-2.el7.x86_64 > > ./configure --with-zlib=/home/nutan/aide/zlib-1.2.11/ --disable-static/ > > > Why use --with-zlib in a local directory when you have zlib-devel > installed? Use --with-zlib without an argument should be enough. > > > > when "aide --init" is run, then I see error of expression. > > > > [nutan@aide rtest]$ aide --init > > Gzip-support not compiled in. > > 21:Error in expression:acl > > Configuration error > > [nutan@aide rtest]$ > > > > Aide is complaing that gzip (zlib) and acl support are not available. > ACL support should be available by running configure --with-posix-acl > and xattr using --with-xattr > > Check your config.log to see why configure cannot find your zlib-devel > files. > > Kind regards, > > Richard > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://www.ipi.fi/pipermail/aide/attachments/20200118/6d9b6571/attachment-0001.html > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > Aide mailing list > [email protected] > https://www.ipi.fi/mailman/listinfo/aide > > > ------------------------------ > > End of Aide Digest, Vol 27, Issue 1 > *********************************** > -- * Er Nutan Vishwakarma Mob: 07893212071 P* Please consider your environmental responsibility: Before printing this e-mail, ask yourself whether you need a hard copy. GO GREEN.....I am Doing my BIT.
_______________________________________________ Aide mailing list [email protected] https://www.ipi.fi/mailman/listinfo/aide
