Ubuntu
aide package

AIDE should ignore files in /home/.ecryptfs

Bug #629045 reported by Simon Déziel
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
aide (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Binary package hint: aide

I use home encryption for my account and AIDE keeps reporting that files under /home/.ecryptfs/simon are changing. I think that those file should be exclude from the check list of AIDE as they should be tamper resistant by their nature.

I also think that users having a ecrypt directory associated with their account should have their real home (ie: /home/simon) exclude from the check list because when AIDE scans the files the user may not be logged.

I think that those 2 exclusions could reduce the noise generated by running AIDE.

$ lsb_release -rd
Description: Ubuntu 10.04.1 LTS
Release: 10.04

$ apt-cache policy aide
aide:
  Installed: 0.13.1-11ubuntu2
  Candidate: 0.13.1-11ubuntu2
  Version table:
 *** 0.13.1-11ubuntu2 0
        500 http://archive.ubuntu.com/ubuntu/ lucid/main Packages
        100 /var/lib/dpkg/status

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: aide 0.13.1-11ubuntu2
ProcVersionSignature: Ubuntu 2.6.35-19.25~lucid1-generic 2.6.35.3
Uname: Linux 2.6.35-19-generic x86_64
Architecture: amd64
Date: Thu Sep 2 14:48:09 2010
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100429)
ProcEnviron:
 LANGUAGE=en
 LANG=en_CA.utf8
 SHELL=/bin/bash
SourcePackage: aide

Revision history for this message
Simon Déziel (sdeziel) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in aide (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.