aide.conf.autogenerated NOT properly generated
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
aide (Baltix) |
New
|
Undecided
|
Unassigned | ||
aide (Debian) |
Fix Released
|
Unknown
|
|||
aide (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Gutsy |
Won't Fix
|
Undecided
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: aide-common
INSTALLED AIDE VERSION
0.13.1-7
PROBLEM DESCRIPTION
The aide.conf.
The symptoms presented in the system are email notifications that are similar to the following:
<BEGIN EMAIL>
This is an automated report generated by the Advanced Intrusion Detection
Environment on mlab-1420 started at 2007-10-27 14:16:53.
*******
* AIDE returned with exit code 17. Invalid configuration! *
*******
Errors produced (3 lines):
37:syntax error:[
37:Error while reading configuration:[
Configuration error
End of AIDE error output.
funny, AIDE did not leave a log.
The check was done against /var/lib/
Mtime : 2007-10-27 11:06:08
Ctime : 2007-10-27 11:06:08
Inode : 246640
The AIDE run created a new database /var/lib/
End of AIDE daily cron job at at 2007-10-27 14:16, run time 0 seconds
<END EMAIL>
To reproduce the problem, merely perform a fresh install of aide in Gutsy.
TEMPORARY SOLUTION
The update-aide.conf manpage states that the executable files in /etc/aide/
The workaround, and perhaps the solution is to modify the permissions of all the files with shell script to be executable. I ran the following shell script in a terminal, and was then able to properly generate the *.autogenerated file:
<BEGIN SHELL SCRIPT>
#!/bin/sh
chmod 755 10_aide_hostname
chmod 755 30_aide_apache2
chmod 755 30_inn2_vars
chmod 755 31_aide_
chmod 755 31_aide_apt
chmod 755 31_aide_ifupdown
chmod 755 31_aide_torrus
chmod 755 70_aide_dev
update-aide.conf
<END SHELL SCRIPT>
Those may not be the correct permissions to apply, but it did get me over the hurdle.
The other aide related bug I posted can either be marked a duplicate of this, or just closed.
TESTCASE
:: How to reproduce the issue ::
- Install the current version of aide
- Check that none of the scripts have the execute bit set in /usr/share/
:: Check the fix ::
- Install the -proposed version of aide
- Check that some scripts have the execute bit set in /usr/share/
All files listed by
# for file in /etc/aide/
should show the execution bit set (e.g. mode -rwxr-xr-x)
Changed in aide: | |
status: | Unknown → Fix Committed |
Changed in aide: | |
status: | New → Confirmed |
Changed in aide: | |
status: | Fix Committed → Fix Released |
Changed in aide: | |
status: | New → Fix Committed |
description: | updated |
Changed in aide: | |
status: | Triaged → Fix Committed |
I can confirm the bug.
A fresh install of aide (after --purge) leaves the files
10_aide_hostname amanda- server
30_aide_apache2
30_inn2_vars
31_aide_
31_aide_apt
31_aide_ifupdown
31_aide_torrus
70_aide_dev
without the necessary execute-flag in directory /etc/aide/ aide.conf. d/
Thus, the generated aide.conf. autogenerated includes shell-code, which aide fails to parse.
This renders the package out-of-the-box unuseable.
Thanks for considering this report.