#
# AIDE @VERSION@
#
# example configuration file
#
# IMPORTANT NOTE!! PLEASE READ
#
# This configuration file checks the integrity of the
# AIDE package.
#
# This file is not intended to be used as the primary aide.conf file for
# your system. This file is intended to be a showcase for different
# features for aide.conf file.
#
# WRITE YOUR OWN CONFIGURATION FILE AND UNDERSTAND WHAT YOU ARE WRITING
#
#
# Default values for the parameters are in comments before the
# corresponding line.
#
@@define TOPDIR @abs_top_srcdir@
@@ifndef TOPDIR
@@define TOPDIR /
@@endif
@@ifdef DEBUG
@@define DEBUG ison
@@undef NOT_DEBUG
@@else
@@define NOT_DEBUG true
@@undef DEBUG
@@endif
@@ifhost korppi
@@define KORPPI yes
@@endif
@@ifnhost ftp
@@define BUMMER true
@@endif
# The location of the database to be read.
#database=file:aide.db
database=file:@@{TOPDIR}/doc/aide.db
# The location of the database to be written.
#database_out=sql:host:port:database:login_name:passwd:table
#database_out=file:aide.db.new
database_out=file:aide.db.new
# Whether to gzip the output to database
# gzip_dbout=no
#verbose=5
verbose=20
#report_url=stdout
#other possibilities
#report_url=stderr
#NOT IMPLEMENTED report_url=mailto:root@foo.com
#report_url=file:/tmp/some_file.txt
#report_url=syslog:LOG_AUTH
report_url=stdout
# @@{TOPDIR} is replaced with @abs_top_srcdir@ when
# read by aide.
#p: permissions
#ftype: file type
#i: inode
#n: number of links
#l: link name
#u: user
#g: group
#s: size
#b: block count
#m: mtime
#a: atime
#c: ctime
#S: check for growing size
#I: ignore changed filename
#md5: md5 checksum
#sha1: sha1 checksum
#sha256: sha256 checksum
#sha512: sha512 checksum
#rmd160: rmd160 checksum
#tiger: tiger checksum
#haval: haval checksum
#crc32: crc32 checksum
#R: p+ftype+i+l+n+u+g+s+m+c+md5
#L: p+ftype+i+l+n+u+g
#E: Empty group
#>: Growing file p+ftype+l+u+g+i+n+S
#The following are available if you have mhash support enabled:
#gost: gost checksum
#whirlpool: whirlpool checksum
#The following are available and added to the default groups R, L and >
#only when explicitly enabled using configure:
#acl: access control list
#selinux SELinux security context
#xattrs: extended file attributes
#e2fsattrs: file attributes on a second extended file system
# Rule definition
All=R+a+sha1+rmd160+sha256+sha512+tiger@aideextragroups@
# report_ignore_added_attrs, report_ignore_removed_attrs and
# report_ignore_changed_attrs are special rule definitions
# the addition, removal or change of the attributes listed are not displayed in
# the final report
#report_ignore_added_attrs = b
#report_ignore_removed_attrs = b
#report_ignore_changed_attrs = b
# report_force_attrs is a special rule definition
# the attributes listed in it are always displayed for changed files in the
# final report. If an attribute is both ignored and forced the attribute is not
# considered for file change but printed in the final report if the file has
# been otherwise changed.
#report_force_attrs = u+g
# Attributes that can be used to verify that aide in intact
# by people that have downloaded it from the web.
# Let's be paranoid
Norm=l+s+n+b+md5+sha1+rmd160+sha256+sha512+tiger@aideextragroups@
# The commented rules are just examples the rest are used by
# make check
#Selection regexp rule
@@{TOPDIR}/.* Norm
#Equals selection only the directory doc is checked and not it's children
#=@@{TOPDIR}/doc L
#Negative selection no rule is necessary but ignored if there
!@@{TOPDIR}/.*~
!@@{TOPDIR}/src/.*\.o
!@@{TOPDIR}/src/(aide|core)$ L
!@@{TOPDIR}/.*RCS
!@@{TOPDIR}/.*CVS
!@@{TOPDIR}/.*aide\.db.*
!@@{TOPDIR}/.*\.cvsignore.*
# @@{TOPDIR}/doc/.* All