I've got aide aide-0.13.1-4.el5 running on a server, and aide
aide-0.13.1-2.0.4.el5 running on a similar server. There appears to have
been a change in the way base directories are being monitored in the two
versions. Both servers are running logical volumes, but it seems to not
matter as I'm r
On Fri, Apr 11, 2008 at 8:35 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
> Thanks all for the assistance. I'm going to put the machine into full
> production today (a necessity). I'll reconfigure the system and hope for the
> best. As it is now, AIDE is working fine.
Hey, gave me a chance to lea
Thanks all for the assistance. I'm going to put the machine into full
production today (a necessity). I'll reconfigure the system and hope for
the best. As it is now, AIDE is working fine.
steve
Michael Simpson wrote:
On 4/10/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
Jim,
I tried the
On 4/10/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
> Jim,
>
> I tried the new config file - the downloaded one - and it still gives me the
> errors. I then went through and removed the xattr options on all of them
> with no luck still. I have not ran the --check yet.
>
> OK, so what if I enable
Sorry, I goof on the last test. I named your downloaded file .config
instead of .conf. I was getting it mixed up with the selinux config file.
Slow brain today.
Looks like it would have worked with just the --init.
steve
Jim Perrin wrote:
On Thu, Apr 10, 2008 at 11:26 AM, Steve Campbell <[EM
Jim Perrin wrote:
On Thu, Apr 10, 2008 at 11:26 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
I tried the new config file - the downloaded one - and it still gives me
the errors. I then went through and removed the xattr options on all of them
with no luck still. I have not ran the --chec
On Thu, Apr 10, 2008 at 11:26 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
> I tried the new config file - the downloaded one - and it still gives me
> the errors. I then went through and removed the xattr options on all of them
> with no luck still. I have not ran the --check yet.
Did you remo
Jim Perrin wrote:
On Thu, Apr 10, 2008 at 9:24 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
Tony and Jim,
sestatus reports disabled. Thanks for the help on the test, Jim.
Okay, so here's the deal. The default aide.conf checks the selinux
bits. If you need to have selinux off (n
On Thu, Apr 10, 2008 at 9:24 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
> Tony and Jim,
>
> sestatus reports disabled. Thanks for the help on the test, Jim.
Okay, so here's the deal. The default aide.conf checks the selinux
bits. If you need to have selinux off (not really recommended, but
On 4/10/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
>
>
> Thanks Mike,
>
> I'm not sure I can do the reboot today as I have had to put the server into
> a temporary production status.
>
> The thing that is sort of bothering me, though, is that so much trouble
> occurs because of selinux when tryi
On Thu, Apr 10, 2008 at 8:51 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
>
> I'm not sure I can do the reboot today as I have had to put the server into
> a temporary production status.
Well, this is infact selinux related.
Test 1 reports:
[EMAIL PROTECTED] ~]# getenforce
Permissive
[EMAIL PR
Jim Perrin wrote:
On Thu, Apr 10, 2008 at 8:51 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
Thanks Mike,
I'm not sure I can do the reboot today as I have had to put the server into
a temporary production status.
The thing that is sort of bothering me, though, is that so much trouble
On Thu, Apr 10, 2008 at 8:51 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
> Thanks Mike,
>
> I'm not sure I can do the reboot today as I have had to put the server into
> a temporary production status.
>
> The thing that is sort of bothering me, though, is that so much trouble
> occurs because
On Thursday 10 April 2008 13:51:02 Steve Campbell wrote:
> Michael Simpson wrote:
> > On 4/9/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
> >> Jim Perrin wrote:
> >>> On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski <[EMAIL PROTECTED]> wrote:
> I think those errors are because selinux is off.
Michael Simpson wrote:
On 4/9/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski <[EMAIL PROTECTED]> wrote:
I think those errors are because selinux is off.
Hmm, I don't ever really turn selinux off, b
On 4/9/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
>
>
> Jim Perrin wrote:
> > On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski <[EMAIL PROTECTED]> wrote:
> >
> >
> > > I think those errors are because selinux is off.
> > >
> > >
> >
> > Hmm, I don't ever really turn selinux off, but I had always
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski <[EMAIL PROTECTED]> wrote:
I think those errors are because selinux is off.
Hmm, I don't ever really turn selinux off, but I had always thought
aide treated it as optional.
Could test by setting it to permissive and
On Wed, Apr 9, 2008 at 3:08 PM, Marc Wiatrowski <[EMAIL PROTECTED]> wrote:
>
> I think those errors are because selinux is off.
Hmm, I don't ever really turn selinux off, but I had always thought
aide treated it as optional.
Could test by setting it to permissive and trying again. This would be
I think those errors are because selinux is off.
On Wed, 2008-04-09 at 12:12 -0400, Jim Perrin wrote:
> On Wed, Apr 9, 2008 at 12:03 PM, Steve Campbell <[EMAIL PROTECTED]> wrote:
> > Thanks Jim,
> >
> > Believe it or not, that's what I started out with.
> >
> > After running the entire --init/
Jim Perrin wrote:
On 4/9/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
I ran the --init/--check with the default config originally, get the same
output. I then tried "-selinux" on the options that included "+selinux" just
for the hell of it. I don't know if that's ok or not. --check-config
On 4/9/08, Steve Campbell <[EMAIL PROTECTED]> wrote:
> I ran the --init/--check with the default config originally, get the same
> output. I then tried "-selinux" on the options that included "+selinux" just
> for the hell of it. I don't know if that's ok or not. --check-config doesn't
> burp on i
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 12:03 PM, Steve Campbell <[EMAIL PROTECTED]> wrote:
Thanks Jim,
Believe it or not, that's what I started out with.
After running the entire --init/--check scenario again, I see in the log
files and the output, that all files get this message, an
On Wed, Apr 9, 2008 at 12:03 PM, Steve Campbell <[EMAIL PROTECTED]> wrote:
> Thanks Jim,
>
> Believe it or not, that's what I started out with.
>
> After running the entire --init/--check scenario again, I see in the log
> files and the output, that all files get this message, and a normal outpu
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 11:39 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
I'm trying out aide since tripwire doesn't seem to be in the 5. releases
anymore. I do not have Selinux on the server (no at installation), and I
just yum installed the aide rpms, so I should have t
On Wed, Apr 9, 2008 at 11:39 AM, Steve Campbell <[EMAIL PROTECTED]> wrote:
> I'm trying out aide since tripwire doesn't seem to be in the 5. releases
> anymore. I do not have Selinux on the server (no at installation), and I
> just yum installed the aide rpms, so I should have the latest.
>
> When
I'm trying out aide since tripwire doesn't seem to be in the 5. releases
anymore. I do not have Selinux on the server (no at installation), and I
just yum installed the aide rpms, so I should have the latest.
When I run my aide --init, I get all of these lines for all the files:
lgetfilecon_ra
26 matches
Mail list logo
