2007-10-27 19:25:28 |
Harvey Muller |
bug |
|
|
added bug |
2007-11-17 16:26:39 |
JEFFERY CARADINE |
bug |
|
|
assigned to aide (Baltix) |
2007-12-10 08:46:02 |
Martin Schaaf |
bug |
|
|
assigned to aide (Debian) |
2007-12-10 09:32:49 |
Bug Watch Updater |
aide: status |
Unknown |
Fix Committed |
|
2007-12-13 12:35:30 |
Harvey Muller |
aide: status |
New |
Confirmed |
|
2008-02-28 08:50:05 |
Bug Watch Updater |
aide: status |
Fix Committed |
Fix Released |
|
2008-05-12 17:06:41 |
Zach |
bug |
|
|
added attachment '31_aide_apt.diff' (31_aide_apt.diff) |
2008-07-19 22:59:09 |
Jean-Baptiste Lallement |
aide: status |
Confirmed |
Fix Released |
|
2008-07-19 23:00:40 |
Jean-Baptiste Lallement |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2008-07-26 18:22:53 |
Jean-Baptiste Lallement |
bug |
|
|
added attachment 'aide_0.13.1-8ubuntu2.debdiff' (aide_0.13.1-8ubuntu2.debdiff) |
2008-07-26 18:23:55 |
Jean-Baptiste Lallement |
bug |
|
|
added attachment 'aide_0.13.1-7ubuntu1.debdiff' (aide_0.13.1-7ubuntu1.debdiff) |
2008-08-04 06:55:48 |
Martin Pitt |
aide: status |
New |
Fix Committed |
|
2008-08-04 06:55:48 |
Martin Pitt |
aide: statusexplanation |
|
|
|
2008-08-04 06:56:19 |
Martin Pitt |
bug |
|
|
added subscriber SRU Verification |
2008-08-04 07:31:31 |
Martin Pitt |
aide: status |
New |
Fix Committed |
|
2008-08-04 07:31:31 |
Martin Pitt |
aide: statusexplanation |
|
|
|
2008-08-18 22:51:07 |
Steve Beattie |
description |
Binary package hint: aide-common
INSTALLED AIDE VERSION
0.13.1-7
PROBLEM DESCRIPTION
The aide.conf.autogenerated file is not properly generated. Not fully understanding how the debian based aide package works, I can only guess that the problem is either incorrect permissions on the executable files in /etc/aide/aide.conf.d, or the application which is responsible for concatenating the /etc/aide/aide.conf file with snippets in /etc/aide/aide.conf.d is malfunctioning.
The symptoms presented in the system are email notifications that are similar to the following:
<BEGIN EMAIL>
This is an automated report generated by the Advanced Intrusion Detection
Environment on mlab-1420 started at 2007-10-27 14:16:53.
******************************************************************************
* AIDE returned with exit code 17. Invalid configuration! *
******************************************************************************
Errors produced (3 lines):
37:syntax error:[
37:Error while reading configuration:[
Configuration error
End of AIDE error output.
funny, AIDE did not leave a log.
The check was done against /var/lib/aide/aide.db with the following characteristics:
Mtime : 2007-10-27 11:06:08
Ctime : 2007-10-27 11:06:08
Inode : 246640
The AIDE run created a new database /var/lib/aide/aide.db.new with the following characteristics:
End of AIDE daily cron job at at 2007-10-27 14:16, run time 0 seconds
<END EMAIL>
To reproduce the problem, merely perform a fresh install of aide in Gutsy.
TEMPORARY SOLUTION
The update-aide.conf manpage states that the executable files in /etc/aide/aide.conf.d will be run and the stdout is used in the aide.conf.autogenerated file. The /etc/aide/aide.conf.d/* files as installed, are not marked as executable in their permissions. It may be that update-aide.conf is supposed to identify the snippets with shell code and run it. Regardless, the contents of all the /etc/aide/aide.conf.d files are being inserted verbatim into the aide.conf.autogenerated file (minus the shell identification line, i.e. #!/bin/sh).
The workaround, and perhaps the solution is to modify the permissions of all the files with shell script to be executable. I ran the following shell script in a terminal, and was then able to properly generate the *.autogenerated file:
<BEGIN SHELL SCRIPT>
#!/bin/sh
chmod 755 10_aide_hostname
chmod 755 30_aide_apache2
chmod 755 30_inn2_vars
chmod 755 31_aide_amanda-server
chmod 755 31_aide_apt
chmod 755 31_aide_ifupdown
chmod 755 31_aide_torrus
chmod 755 70_aide_dev
update-aide.conf
<END SHELL SCRIPT>
Those may not be the correct permissions to apply, but it did get me over the hurdle.
The other aide related bug I posted can either be marked a duplicate of this, or just closed. |
Binary package hint: aide-common
INSTALLED AIDE VERSION
0.13.1-7
PROBLEM DESCRIPTION
The aide.conf.autogenerated file is not properly generated. Not fully understanding how the debian based aide package works, I can only guess that the problem is either incorrect permissions on the executable files in /etc/aide/aide.conf.d, or the application which is responsible for concatenating the /etc/aide/aide.conf file with snippets in /etc/aide/aide.conf.d is malfunctioning.
The symptoms presented in the system are email notifications that are similar to the following:
<BEGIN EMAIL>
This is an automated report generated by the Advanced Intrusion Detection
Environment on mlab-1420 started at 2007-10-27 14:16:53.
******************************************************************************
* AIDE returned with exit code 17. Invalid configuration! *
******************************************************************************
Errors produced (3 lines):
37:syntax error:[
37:Error while reading configuration:[
Configuration error
End of AIDE error output.
funny, AIDE did not leave a log.
The check was done against /var/lib/aide/aide.db with the following characteristics:
Mtime : 2007-10-27 11:06:08
Ctime : 2007-10-27 11:06:08
Inode : 246640
The AIDE run created a new database /var/lib/aide/aide.db.new with the following characteristics:
End of AIDE daily cron job at at 2007-10-27 14:16, run time 0 seconds
<END EMAIL>
To reproduce the problem, merely perform a fresh install of aide in Gutsy.
TEMPORARY SOLUTION
The update-aide.conf manpage states that the executable files in /etc/aide/aide.conf.d will be run and the stdout is used in the aide.conf.autogenerated file. The /etc/aide/aide.conf.d/* files as installed, are not marked as executable in their permissions. It may be that update-aide.conf is supposed to identify the snippets with shell code and run it. Regardless, the contents of all the /etc/aide/aide.conf.d files are being inserted verbatim into the aide.conf.autogenerated file (minus the shell identification line, i.e. #!/bin/sh).
The workaround, and perhaps the solution is to modify the permissions of all the files with shell script to be executable. I ran the following shell script in a terminal, and was then able to properly generate the *.autogenerated file:
<BEGIN SHELL SCRIPT>
#!/bin/sh
chmod 755 10_aide_hostname
chmod 755 30_aide_apache2
chmod 755 30_inn2_vars
chmod 755 31_aide_amanda-server
chmod 755 31_aide_apt
chmod 755 31_aide_ifupdown
chmod 755 31_aide_torrus
chmod 755 70_aide_dev
update-aide.conf
<END SHELL SCRIPT>
Those may not be the correct permissions to apply, but it did get me over the hurdle.
The other aide related bug I posted can either be marked a duplicate of this, or just closed.
TESTCASE
:: How to reproduce the issue ::
- Install the current version of aide
- Check that none of the scripts have the execute bit set in /usr/share/aide/config/aide/aide.conf.d/
:: Check the fix ::
- Install the -proposed version of aide
- Check that some scripts have the execute bit set in /usr/share/aide/config/aide/aide.conf.d/
All files listed by
# for file in /etc/aide/aide.conf.d/* ; do head -1 $file | grep -q '^\#\!' && ls -l $file ; done
should show the execution bit set (e.g. mode -rwxr-xr-x) |
|
2008-08-19 23:14:50 |
Jean-Baptiste Lallement |
bug |
|
|
added attachment 'aide_0.13.1-8ubuntu2-2.debdiff' (aide_0.13.1-8ubuntu2-2.debdiff) |
2008-09-15 17:48:12 |
Jamie Strandboge |
aide: status |
Fix Committed |
Triaged |
|
2008-09-15 17:48:12 |
Jamie Strandboge |
aide: statusexplanation |
|
I just reviewed the debdiff and have a couple of comments:
1. the version will need to be updated to ubuntu3, since ubuntu2 has already been uploaded to -proposed
2. I don't see debdiffs for feisty and dapper. Does this mean that these versions are not affected by the bug? If so, I think an extra version check should be made in aide-common.postinst for upgrades from dapper to hardy or feisty to gutsy that would otherwise change permissions unnecessarily.
As such, I am marking the bug as 'Triaged'. Please update to 'In Progress' when an updated debdiff is supplied. Thanks! |
|
2008-09-15 17:49:54 |
Jamie Strandboge |
aide: status |
Fix Committed |
Triaged |
|
2008-09-15 17:49:54 |
Jamie Strandboge |
aide: statusexplanation |
|
Also, this is very likely a change that should go to Debian. Can you contact Debian as per https://wiki.ubuntu.com/Bugs/Upstream? |
|
2008-10-10 22:34:32 |
Jamie Strandboge |
bug |
|
|
added attachment 'aide_0.13.1-8ubuntu3.debdiff' (aide_0.13.1-8ubuntu3.debdiff) |
2008-10-11 04:05:06 |
Jamie Strandboge |
aide: status |
Triaged |
Fix Committed |
|
2008-10-11 04:05:06 |
Jamie Strandboge |
aide: statusexplanation |
I just reviewed the debdiff and have a couple of comments:
1. the version will need to be updated to ubuntu3, since ubuntu2 has already been uploaded to -proposed
2. I don't see debdiffs for feisty and dapper. Does this mean that these versions are not affected by the bug? If so, I think an extra version check should be made in aide-common.postinst for upgrades from dapper to hardy or feisty to gutsy that would otherwise change permissions unnecessarily.
As such, I am marking the bug as 'Triaged'. Please update to 'In Progress' when an updated debdiff is supplied. Thanks! |
|
|
2008-11-27 08:40:27 |
Launchpad Janitor |
aide: status |
Fix Committed |
Fix Released |
|
2008-12-15 20:01:49 |
Martin Pitt |
aide: status |
Triaged |
Won't Fix |
|
2008-12-15 20:01:49 |
Martin Pitt |
aide: statusexplanation |
Also, this is very likely a change that should go to Debian. Can you contact Debian as per https://wiki.ubuntu.com/Bugs/Upstream? |
This got stalled way too much, and I guess there isn't much interest in gutsy any more. I pulled the failed SRU from gutsy-proposed. |
|
2009-07-25 17:39:11 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/gutsy-proposed/aide |
|
2009-07-25 17:39:15 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-branches/ubuntu/hardy/aide/hardy-proposed |
|
2009-07-25 20:29:54 |
Mark Kohler |
removed subscriber Mark Kohler |
|
|
|
2010-09-04 05:40:55 |
U Das |
nominated for series |
|
Ubuntu Lucid |
|
2023-04-20 03:44:18 |
mdjewel |
bug |
|
|
added subscriber mdjewel |