3 database=file:/var/lib/aide/aide.db
4 database_out=file:/var/lib/aide/aide.db.new
6 # Change this to "no" or remove it to not gzip output
7 # (only useful on systems with few CPU cycles to spare)
10 # Here are all the things we can check - these are the default rules
22 #S: check for growing size
25 #rmd160: rmd160 checksum
26 #tiger: tiger checksum
27 #R: p+i+n+u+g+s+m+c+md5
30 #>: Growing logfile p+u+g+i+n+S
31 #haval: haval checksum
33 #crc32: crc32 checksum
35 # Defines formerly set here have been moved to /etc/default/aide.
38 Binlib = p+i+n+u+g+s+b+m+c+md5+sha1
39 ConfFiles = p+i+n+u+g+s+b+m+c+md5+sha1
41 Devices = p+i+n+u+g+s+b+c+md5+sha1
44 ManPages = p+i+n+u+g+s+b+m+c+md5+sha1
46 # Next decide what directories/files you want in the database
48 # Kernel, system map, etc.
56 /usr/local/sbin Binlib
65 /var/log/aide/aide.log(.[0-9])?(.gz)? Databases
66 /var/log/aide/error.log(.[0-9])?(.gz)? Databases
67 /var/log/setuid.changes(.[0-9])?(.gz)? Databases
72 # If you get spurious warnings about being unable to mmap() /dev/cpu/mtrr,
73 # you may uncomment this to get rid of them. They're harmless but sometimes
78 # Other miscellaneous files
81 # Test only the directory when dealing with /proc
85 # You can look through these examples to get further ideas
87 # MD5 sum files - especially useful with debsums -g
88 #/var/lib/dpkg/info/([^\.]+).md5sums u+g+s+m+md5+sha1
91 #/var/spool/anacron/cron.daily Databases
92 #/var/spool/anacron/cron.monthly Databases
93 #/var/spool/anacron/cron.weekly Databases
94 #/var/spool/cron Databases
95 #/var/spool/cron/crontabs Databases
97 # manpages can be trojaned, especially depending on *roff implementation
99 #/usr/share/man ManPages
100 #/usr/local/man ManPages
104 #/usr/share/doc ManPages
106 # check users' home directories
109 # check sources for modifications
113 # Check headers for same
115 #/usr/local/include L