[meta-security][PATCH 9/9] aide.conf: adjust to allow for build time db creation

Home Messages Hashtags Subgroups

Armin Kuster #57351 Signed-off-by: Armin Kuster <akuster808@...> --- recipes-ids/aide/aide/aide.conf \| 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/recipes-ids/aide/aide/aide.conf b/recipes-ids/aide/aide/aide.conf index 2c99e07..c4b917e 100644 --- a/recipes-ids/aide/aide/aide.conf +++ b/recipes-ids/aide/aide/aide.conf @@ -51,7 +51,7 @@ report_url=stdout #crc32: crc32 checksum (MHASH only) #whirlpool: whirlpool checksum (MHASH only) -FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256 +FIPSR = p+u+g+s+acl+xattrs+sha256 #R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5 #L: p+i+n+u+g+acl+selinux+xattrs @@ -70,10 +70,10 @@ EVERYTHING = R+ALLXTRAHASHES NORMAL = FIPSR+sha512 # For directories, don't bother doing hashes -DIR = p+i+n+u+g+acl+selinux+xattrs +DIR = p+u+g+acl+xattrs # Access control only -PERMS = p+i+u+g+acl+selinux +PERMS = p+u+g+acl # Logfile are special, in that they often change LOG = > @@ -83,12 +83,9 @@ LSPP = FIPSR+sha512 # Some files get updated automatically, so the inode/ctime/mtime change # but we want to know when the data inside them changes -DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha256 +DATAONLY = p+u+g+s+acl+xattrs+sha256 # Next decide what directories/files you want in the database. # Check only permissions, inode, user and group for /etc, but # cover some important files closely. -/bin NORMAL -/sbin NORMAL -/lib NORMAL -- 2.25.1
More All Messages By This Member

Join {yocto@lists.yoctoproject.org to automatically receive all group messages.