rpms/aide
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import aide-0.16-13.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-06-09 19:15:18 +00:00 committed by Andrew Lukoshko
parent ee4c1450c5
commit 6bae3f0315
2 changed files with 75 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
SOURCES/aide.conf
View File

@ -88,20 +88,20 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
# Next decide what directories/files you want in the database. # Next decide what directories/files you want in the database.
/boot/ CONTENT_EX /boot CONTENT_EX
/opt/ CONTENT /opt CONTENT
# Admins dot files constantly change, just check perms # Admins dot files constantly change, just check perms
/root/\..* PERMS /root/\..* PERMS
# Otherwise get all of /root. # Otherwise get all of /root.
/root/ CONTENT_EX /root CONTENT_EX
# These are too volatile # These are too volatile
!/usr/src/ !/usr/src
!/usr/tmp/ !/usr/tmp
# Otherwise get all of /usr. # Otherwise get all of /usr.
/usr/ CONTENT_EX /usr CONTENT_EX
# trusted databases # trusted databases
/etc/hosts$ CONTENT_EX /etc/hosts$ CONTENT_EX
@ -112,10 +112,10 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
/etc/protocols$ CONTENT_EX /etc/protocols$ CONTENT_EX
/etc/services$ CONTENT_EX /etc/services$ CONTENT_EX
/etc/localtime$ CONTENT_EX /etc/localtime$ CONTENT_EX
/etc/alternatives/ CONTENT_EX /etc/alternatives CONTENT_EX
/etc/sysconfig/ CONTENT_EX /etc/sysconfig CONTENT_EX
/etc/mime.types$ CONTENT_EX /etc/mime.types$ CONTENT_EX
/etc/terminfo/ CONTENT_EX /etc/terminfo CONTENT_EX
/etc/exports$ CONTENT_EX /etc/exports$ CONTENT_EX
/etc/fstab$ CONTENT_EX /etc/fstab$ CONTENT_EX
/etc/passwd$ CONTENT_EX /etc/passwd$ CONTENT_EX
@ -125,12 +125,12 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
/etc/subgid$ CONTENT_EX /etc/subgid$ CONTENT_EX
/etc/subuid$ CONTENT_EX /etc/subuid$ CONTENT_EX
/etc/security/opasswd$ CONTENT_EX /etc/security/opasswd$ CONTENT_EX
/etc/skel/ CONTENT_EX /etc/skel CONTENT_EX
/etc/subuid$ CONTENT_EX /etc/subuid$ CONTENT_EX
/etc/subgid$ CONTENT_EX /etc/subgid$ CONTENT_EX
/etc/sssd/ CONTENT_EX /etc/sssd CONTENT_EX
/etc/machine-id$ CONTENT_EX /etc/machine-id$ CONTENT_EX
/etc/swid/ CONTENT_EX /etc/swid CONTENT_EX
/etc/system-release-cpe$ CONTENT_EX /etc/system-release-cpe$ CONTENT_EX
/etc/shells$ CONTENT_EX /etc/shells$ CONTENT_EX
/etc/tmux.conf$ CONTENT_EX /etc/tmux.conf$ CONTENT_EX
@ -140,12 +140,12 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
# networking # networking
/etc/hosts.allow$ CONTENT_EX /etc/hosts.allow$ CONTENT_EX
/etc/hosts.deny$ CONTENT_EX /etc/hosts.deny$ CONTENT_EX
/etc/firewalld/ CONTENT_EX /etc/firewalld CONTENT_EX
!/etc/NetworkManager/system-connections/ !/etc/NetworkManager/system-connections
/etc/NetworkManager/ CONTENT_EX /etc/NetworkManager CONTENT_EX
/etc/networks$ CONTENT_EX /etc/networks$ CONTENT_EX
/etc/dhcp/ CONTENT_EX /etc/dhcp CONTENT_EX
/etc/wpa_supplicant/ CONTENT_EX /etc/wpa_supplicant CONTENT_EX
/etc/resolv.conf$ DATAONLY /etc/resolv.conf$ DATAONLY
/etc/nscd.conf$ CONTENT_EX /etc/nscd.conf$ CONTENT_EX
@ -154,31 +154,31 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
/etc/libuser.conf$ CONTENT_EX /etc/libuser.conf$ CONTENT_EX
/var/log/faillog$ PERMS /var/log/faillog$ PERMS
/var/log/lastlog$ PERMS /var/log/lastlog$ PERMS
/var/run/faillock/ PERMS /var/run/faillock PERMS
/etc/pam.d/ CONTENT_EX /etc/pam.d CONTENT_EX
/etc/security/ CONTENT_EX /etc/security CONTENT_EX
/etc/securetty$ CONTENT_EX /etc/securetty$ CONTENT_EX
/etc/polkit-1/ CONTENT_EX /etc/polkit-1 CONTENT_EX
/etc/sudo.conf$ CONTENT_EX /etc/sudo.conf$ CONTENT_EX
/etc/sudoers$ CONTENT_EX /etc/sudoers$ CONTENT_EX
/etc/sudoers.d/ CONTENT_EX /etc/sudoers.d CONTENT_EX
# Shell/X startup files # Shell/X startup files
/etc/profile$ CONTENT_EX /etc/profile$ CONTENT_EX
/etc/profile.d/ CONTENT_EX /etc/profile.d CONTENT_EX
/etc/bashrc$ CONTENT_EX /etc/bashrc$ CONTENT_EX
/etc/bash_completion.d/ CONTENT_EX /etc/bash_completion.d CONTENT_EX
/etc/zprofile$ CONTENT_EX /etc/zprofile$ CONTENT_EX
/etc/zshrc$ CONTENT_EX /etc/zshrc$ CONTENT_EX
/etc/zlogin$ CONTENT_EX /etc/zlogin$ CONTENT_EX
/etc/zlogout$ CONTENT_EX /etc/zlogout$ CONTENT_EX
/etc/X11/ CONTENT_EX /etc/X11 CONTENT_EX
# Pkg manager # Pkg manager
/etc/dnf/ CONTENT_EX /etc/dnf CONTENT_EX
/etc/yum.conf$ CONTENT_EX /etc/yum.conf$ CONTENT_EX
/etc/yum/ CONTENT_EX /etc/yum CONTENT_EX
/etc/yum.repos.d/ CONTENT_EX /etc/yum.repos.d CONTENT_EX
# This gets new/removes-old filenames daily # This gets new/removes-old filenames daily
!/var/log/sa !/var/log/sa
@ -187,70 +187,70 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
# auditing # auditing
# AIDE produces an audit record, so this becomes perpetual motion. # AIDE produces an audit record, so this becomes perpetual motion.
/var/log/audit/ PERMS /var/log/audit PERMS
/etc/audit/ CONTENT_EX /etc/audit CONTENT_EX
/etc/libaudit.conf$ CONTENT_EX /etc/libaudit.conf$ CONTENT_EX
/etc/aide.conf$ CONTENT_EX /etc/aide.conf$ CONTENT_EX
# System logs # System logs
/etc/rsyslog.conf$ CONTENT_EX /etc/rsyslog.conf$ CONTENT_EX
/etc/rsyslog.d/ CONTENT_EX /etc/rsyslog.d CONTENT_EX
/etc/logrotate.conf$ CONTENT_EX /etc/logrotate.conf$ CONTENT_EX
/etc/logrotate.d/ CONTENT_EX /etc/logrotate.d CONTENT_EX
/etc/systemd/journald.conf$ CONTENT_EX /etc/systemd/journald.conf$ CONTENT_EX
/var/log/ LOG+ANF+ARF /var/log LOG+ANF+ARF
/var/run/utmp/ LOG /var/run/utmp LOG
# secrets # secrets
/etc/pkcs11/ CONTENT_EX /etc/pkcs11 CONTENT_EX
/etc/pki/ CONTENT_EX /etc/pki CONTENT_EX
/etc/crypto-policies/ CONTENT_EX /etc/crypto-policies CONTENT_EX
/etc/certmonger/ CONTENT_EX /etc/certmonger CONTENT_EX
/var/lib/systemd/random-seed$ PERMS /var/lib/systemd/random-seed$ PERMS
# init system # init system
/etc/systemd/ CONTENT_EX /etc/systemd CONTENT_EX
/etc/rc.d/ CONTENT_EX /etc/rc.d CONTENT_EX
/etc/tmpfiles.d/ CONTENT_EX /etc/tmpfiles.d CONTENT_EX
# boot config # boot config
/etc/default/ CONTENT_EX /etc/default CONTENT_EX
/etc/grub.d/ CONTENT_EX /etc/grub.d CONTENT_EX
/etc/dracut.conf$ CONTENT_EX /etc/dracut.conf$ CONTENT_EX
/etc/dracut.conf.d/ CONTENT_EX /etc/dracut.conf.d CONTENT_EX
# glibc linker # glibc linker
/etc/ld.so.cache$ CONTENT_EX /etc/ld.so.cache$ CONTENT_EX
/etc/ld.so.conf$ CONTENT_EX /etc/ld.so.conf$ CONTENT_EX
/etc/ld.so.conf.d/ CONTENT_EX /etc/ld.so.conf.d CONTENT_EX
/etc/ld.so.preload$ CONTENT_EX /etc/ld.so.preload$ CONTENT_EX
# kernel config # kernel config
/etc/sysctl.conf$ CONTENT_EX /etc/sysctl.conf$ CONTENT_EX
/etc/sysctl.d/ CONTENT_EX /etc/sysctl.d CONTENT_EX
/etc/modprobe.d/ CONTENT_EX /etc/modprobe.d CONTENT_EX
/etc/modules-load.d/ CONTENT_EX /etc/modules-load.d CONTENT_EX
/etc/depmod.d/ CONTENT_EX /etc/depmod.d CONTENT_EX
/etc/udev/ CONTENT_EX /etc/udev CONTENT_EX
/etc/crypttab$ CONTENT_EX /etc/crypttab$ CONTENT_EX
#### Daemons #### #### Daemons ####
# cron jobs # cron jobs
/var/spool/at/ CONTENT /var/spool/at CONTENT
/etc/at.allow$ CONTENT /etc/at.allow$ CONTENT
/etc/at.deny$ CONTENT /etc/at.deny$ CONTENT
/var/spool/anacron/ CONTENT /var/spool/anacron CONTENT
/etc/anacrontab$ CONTENT_EX /etc/anacrontab$ CONTENT_EX
/etc/cron.allow$ CONTENT_EX /etc/cron.allow$ CONTENT_EX
/etc/cron.deny$ CONTENT_EX /etc/cron.deny$ CONTENT_EX
/etc/cron.d/ CONTENT_EX /etc/cron.d CONTENT_EX
/etc/cron.daily/ CONTENT_EX /etc/cron.daily CONTENT_EX
/etc/cron.hourly/ CONTENT_EX /etc/cron.hourly CONTENT_EX
/etc/cron.monthly/ CONTENT_EX /etc/cron.monthly CONTENT_EX
/etc/cron.weekly/ CONTENT_EX /etc/cron.weekly CONTENT_EX
/etc/crontab$ CONTENT_EX /etc/crontab$ CONTENT_EX
/var/spool/cron/root/ CONTENT /var/spool/cron/root CONTENT
# time keeping # time keeping
/etc/chrony.conf$ CONTENT_EX /etc/chrony.conf$ CONTENT_EX
@ -259,25 +259,25 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
# mail # mail
/etc/aliases$ CONTENT_EX /etc/aliases$ CONTENT_EX
/etc/aliases.db$ CONTENT_EX /etc/aliases.db$ CONTENT_EX
/etc/postfix/ CONTENT_EX /etc/postfix CONTENT_EX
# ssh # ssh
/etc/ssh/sshd_config$ CONTENT_EX /etc/ssh/sshd_config$ CONTENT_EX
/etc/ssh/ssh_config$ CONTENT_EX /etc/ssh/ssh_config$ CONTENT_EX
# stunnel # stunnel
/etc/stunnel/ CONTENT_EX /etc/stunnel CONTENT_EX
# printing # printing
/etc/cups/ CONTENT_EX /etc/cups CONTENT_EX
/etc/cupshelpers/ CONTENT_EX /etc/cupshelpers CONTENT_EX
/etc/avahi/ CONTENT_EX /etc/avahi CONTENT_EX
# web server # web server
/etc/httpd/ CONTENT_EX /etc/httpd CONTENT_EX
# dns # dns
/etc/named/ CONTENT_EX /etc/named CONTENT_EX
/etc/named.conf$ CONTENT_EX /etc/named.conf$ CONTENT_EX
/etc/named.iscdlv.key$ CONTENT_EX /etc/named.iscdlv.key$ CONTENT_EX
/etc/named.rfc1912.zones$ CONTENT_EX /etc/named.rfc1912.zones$ CONTENT_EX
@ -285,22 +285,22 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
# xinetd # xinetd
/etc/xinetd.conf$ CONTENT_EX /etc/xinetd.conf$ CONTENT_EX
/etc/xinetd.d/ CONTENT_EX /etc/xinetd.d CONTENT_EX
# IPsec # IPsec
/etc/ipsec.conf$ CONTENT_EX /etc/ipsec.conf$ CONTENT_EX
/etc/ipsec.secrets$ CONTENT_EX /etc/ipsec.secrets$ CONTENT_EX
/etc/ipsec.d/ CONTENT_EX /etc/ipsec.d CONTENT_EX
# USB guard # USB guard
/etc/usbguard/ CONTENT_EX /etc/usbguard CONTENT_EX
# Ignore some files # Ignore some files
!/etc/mtab$ !/etc/mtab$
!/etc/.*~ !/etc/.*~
# Now everything else # Now everything else
/etc/ PERMS /etc PERMS
# With AIDE's default verbosity level of 5, these would give lots of # With AIDE's default verbosity level of 5, these would give lots of

7
SPECS/aide.spec
View File

@ -1,7 +1,7 @@
Summary: Intrusion detection environment Summary: Intrusion detection environment
Name: aide Name: aide
Version: 0.16 Version: 0.16
Release: 12%{?dist} Release: 13%{?dist}
URL: http://sourceforge.net/projects/aide URL: http://sourceforge.net/projects/aide
License: GPLv2+ License: GPLv2+
@ -81,6 +81,11 @@ mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide
%dir %attr(0700,root,root) %{_localstatedir}/log/aide %dir %attr(0700,root,root) %{_localstatedir}/log/aide
%changelog %changelog
* Tue May 19 2020 Attila Lakatos <alakatos@redhat.com> - 0.16-13
- RHEL 8.3
- minor edit of aide.conf to make it consistent
resolves: rhbz#1740754
* Mon Apr 06 2020 Attila Lakatos <alakatos@redhat.com> - 0.16-12 * Mon Apr 06 2020 Attila Lakatos <alakatos@redhat.com> - 0.16-12
- RHEL 8.3 - RHEL 8.3
- minor edit of aide.conf - minor edit of aide.conf