aide/aide_service.conf

80 lines
1.5 KiB
Plaintext

#
# AIDE Configuration file for systemd service aide.service
#
#
# Configuration parameters
#
database_in=file:/var/lib/aide/aide.db
database_out=file:/var/lib/aide/aide.db.new
report_url=file:/var/log/aide_service.log
warn_dead_symlinks=yes
#
# Custom rules
#
Binlib = p+i+n+u+g+s+b+m+c+sha256+sha512
ConfFiles = p+i+n+u+g+s+b+m+c+sha256+sha512
Logs = p+i+n+u+g+S
Devices = p+i+n+u+g+s+b+c+sha256+sha512
Databases = p+n+u+g
StaticDir = p+i+n+u+g
ManPages = p+i+n+u+g+s+b+m+c+sha256+sha512
#
# Directories and files
#
# Kernel, system map, etc.
/boot Binlib
# watch config files, but exclude, what changes at boot time, ...
!/etc/mtab
!/etc/lvm*
/etc ConfFiles
# Binaries
/bin Binlib
/sbin Binlib
# Libraries
/lib Binlib
# Complete /usr and /opt
/usr Binlib
/opt Binlib
# Log files
/var/log$ StaticDir
#/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
#/var/log/aide/error.log(.[0-9])?(.gz)? Databases
#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
/var/log Logs
# Devices
!/dev/pts
/dev Devices
# Other miscellaneous files
/var/run$ StaticDir
!/var/run
/var/lib Databases
# Test only the directory when dealing with /proc
/proc$ StaticDir
!/proc
# manpages can be trojaned, especially depending on *roff implementation
#/usr/man ManPages
#/usr/share/man ManPages
#/usr/local/man ManPages
# check sources for modifications
#/usr/src L
#/usr/local/src L
# Check headers for same
#/usr/include L
#/usr/local/include L