Listing 1 Initial aide.conf
# version number of this configuration file config_version=v1 # location of the database holding characteristics of file being tracked. database=file:///AIDE/Work/aide.db # location of new database when the database is updated because of # changes in the tracked files or because of a policy change. database_out=file:///AIDE/Work/aide.db.new # to add a little more information about the tracked files. verbose=20 # location of report generated. There can be more than one of these. # here I am using two one for stdout, and one for a file. # every action of aide generates a report and it writes over these files each time. report_url=stdout report_url=file:///AIDE/Work/check.txt # this creates a listing of symlinks that are not pointing to existing files. warn_dead_symlinks=yes # variable declaration (notice no spaces) specifying characteristics of files being tracked. ReadOnly=p+i+n+u+g+s+m+md5 Growing=> Device=p+u+g+s # directories whose files are being tracked. Without a ! or a = preceeding the path, the path is treated # as a regular expression with .* at the end. A depth first search is done for the list of files. /bin ReadOnly /boot ReadOnly /dev Device /etc ReadOnly /initrd ReadOnly /lib ReadOnly /lost+found ReadOnly /misc ReadOnly /mnt ReadOnly /sbin ReadOnly /usr ReadOnly /var/log Growing