--- aide-0.15.1.orig/debian/aide-common.manpages +++ aide-0.15.1/debian/aide-common.manpages @@ -0,0 +1,6 @@ +doc/aide.1 +doc/aide.conf.5 +debian/aideinit.8 +debian/update-aide.conf.8 +debian/aide.wrapper.8 +debian/aide-attributes.1 --- aide-0.15.1.orig/debian/compat +++ aide-0.15.1/debian/compat @@ -0,0 +1 @@ +5 \ No newline at end of file --- aide-0.15.1.orig/debian/aide-common.templates +++ aide-0.15.1/debian/aide-common.templates @@ -0,0 +1,36 @@ +Template: aide/aideinit +Type: boolean +Default: false +_Description: Initialize AIDE database? + Before AIDE can be used, you will have to initialize a database. You + can immediately do this here, or run the '/usr/sbin/aideinit' script + from a shell later. + +Template: aide/newlibdir +Type: boolean +Default: true +_Description: Move AIDE data files from old directory to new? + AIDE now stores its databases in /var/lib/aide by default. It appears that + you have an older version installed which uses /usr/lib/aide. You can + have the data files moved automatically. + +Template: aideinit/overwritenew +Type: boolean +Default: true +_Description: Overwrite existing /var/lib/aide/aide.db.new? + You have already a newly generated AIDE database in + /var/lib/aide/aide.db.new. If you choose this option, the existing file + will be be overwritten by the new data obtained from the current state + of your file system. + +Template: aideinit/copynew +Type: boolean +Default: false +_Description: Copy aide.db.new to aide.db? + It is advisable for you to first look over /var/lib/aide/aide.db.new + file before replacing the existing db. You can have the package + replace the database anyway here. + . + If you do not choose this option, you will need to copy the file + /var/lib/aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use + it. --- aide-0.15.1.orig/debian/aide-dynamic.dirs +++ aide-0.15.1/debian/aide-dynamic.dirs @@ -0,0 +1 @@ +usr/bin \ No newline at end of file --- aide-0.15.1.orig/debian/NEWS +++ aide-0.15.1/debian/NEWS @@ -0,0 +1,180 @@ +aide (0.14.2.git20100726-1) unstable; urgency=low + + The important changes since last NEWS entry are: + - aide is now checking the file type and file attributes on + a Linux second extended file system + - the checksum whirlpool has been disabled as it is broken on sparc + and sparc64 + - the files in the report are now sorted by filename + - new group definition: VarDirTime + - new upstream grouped feature to disable the grouping in the report + - new command 'aide-attributes' (see man page for details) + + Due to the above changes in configuration, you may want to + update your database (the way you usually do it) to avoid + thousands of "different attribute" warnings. + + -- Hannes von Haugwitz Wed, 28 Jul 2010 11:58:58 +0200 + +aide (0.14~rc3-1) unstable; urgency=low + + In this release, a lot of things have changed. Most changes were + inspired and done by Hannes von Haugwitz, who has been a real big help + in preparing the new version of aide, both for Debian and upstream. + + The important changes in this release are: + - added aide.settings.d + Some rules delivered by the aide distributions can be + parametrized. These parameters used to be in the rule directory + itself, but were moved to /etc/aide/aide.settings.d with this + version of the package. Old parameter files still sitting in the + rule directory will take precedence, but trigger a warning. You + may want to review your parameter files and adapt them. + - /etc/default/aide has new options: TRUNCATEDETAILS, FILTERUPDATES, + FILTERINSTALLATIONS, LINES=0, UPAC_SETTINGSD. They are + documented in the file itself. + - many, many updated and new rules + - new group definitions: VarTime, VarInode, VarDirInode + - aide is now checking the target of symbolic links (link name) + - On systems supporting these features aide is now checking ACLs, + extended attributes and selinux attributes. + - The obsolete checksums md5 and sha-1 have been replaced by + sha256 and sha512. + - The upstream summarize_changes feature is disabled by default to + avoid changing the output format, but it may be enabled in a + future release. We would appreciate testing of the new feature, so if + you feel like it, please enable it manually in aide.conf + - The daily e-mail now includes the log file checksum to detect + modifications of the log file on the target system. + + Due to the numerous changes in configuration, you may want to + update your database (the way you usually do it) to avoid + thousands of "different attribute" warnings. + + -- Marc Haber Thu, 25 Feb 2010 11:37:02 +0100 + +aide (0.13.1-10) unstable; urgency=low + + The aide configuration now sets a macro called YEAR4D to the four + digit current year, and makes use of that macro in the + configuration files where a year is included in a file name. This + means that you do not need to adapt your configuration over the + new year and still only exclude files that are concerned with the + current year. However, you'll get a whole bunch of "file changed" + and "new file" reports on new year. If you don't like to manually + accept these changes on new year, you can manually set YEAR4D to a + regexp covering the years you don't want reported. + + In the course of this change, configuration that still acted on + 2006's files only has been fixed. Sheesh. + + -- Marc Haber Sun, 23 Mar 2008 10:07:14 +0100 + +aide (0.12.20061123-0) unstable; urgency=low + + aide now suports a new hash called whirlpool which is enabled in + the default config. This means that aide --update|--check is going + to complain about database entries with different attributes. The + final aide output will be correct though, so it is advised to update + your databases after installing this package. + + -- Marc Haber Fri, 24 Nov 2006 14:35:46 +0100 + +aide (0.11a-4) unstable; urgency=low + + This version has changed the way that the Debian configuration is + handled with regard to local configurations that might be used to + have additional, local checks. + + The AIDE binary is /usr/bin/aide again, and the wrapper handling + locking and special configuration processing is now aide.wrapper. + The scripts delivered with the Debian package now invoke + aide.wrapper to make explicit use of the wrapper. aide is now + compiled to use a non-existing directory and a non-existing + configuration file by default, which will lead to an error message + if invoked parameterless. This is a feature designed to avoid + accidental tampering with the Debian databases. + + The advantage of this change is that /usr/bin/aide now behaves + exactly as upstream AIDE again, removing Debian specialties for + people who are not accustomed to the Debian configuration. If you + use AIDE in a special way, with your own configuration and your + own database directory, you'll likely have to change your + procedures. + + -- Marc Haber Fri, 26 May 2006 11:11:40 +0000 + +aide (0.11a-3) unstable; urgency=low + + Starting with aide 0.11a-2, aide's default configuration has been + changed. Previously, AIDE did only superficial checks of the + static parts of the file system. Now, the entire file system is + included, and the changing parts of the file system are excluded + from the check. We are changing from a "forbid all possibly + dangerous changes" stance to a "allow only changes that we know + are harmless" stance. + + Please note that this might significantly increase aide's + execution times as we now check the whole file system by default. + On systems with big, changing file systems (like shell servers or + big ftp or web servers), you might want to exclude parts of the + file system to bring execution times down to an acceptable level. + This is not done in the default configuration since AIDE aims for + maximum security by default, and big data directories are a + preferred target for crackers to place their root kit binaries. An + example rule file to exclude home directories of users with uid >= + 1000 is included in the package and might be put into use at the + local admin's discretion. + + To allow better updateability, a split configuration scheme has + been introduced with aide 0.10-5, which is now being put into use + for the default configuration. /etc/aide.conf is reduced to + default definitions, while the real work is being done in the + configuration snippets in /etc/aide/aide.conf.d. + + The contents of /etc/aide/aide.conf.d has already been split to + reflect which package contains the files that change too + frequently to be part of a regular check. This allows moving these + configuration snippets into the respective packages at a later + time. + + You might want to accept all conffile changes that are offered + with this update, or otherwise your AIDE will most probably stop + working. + + The new rule sets in 0.11a-2 have been extensively tested on my + productive systems. However, since my productive systems are all + reasonably similar, the new rule sets may not be fully suitable + for other people's systems. Please do not hesitate to file bugs + against aide if your AIDE reports include excessive changes that + should not be flagged as such. Don't forget to include + configuration and report snippets that might help in devising the + new rules. These bugs will be usertagged in the BTS with + "2006-04-configuration" for aide@packages.debian.org. + + Chances are that you don't have all packages installed that are + taken care of by AIDE's default configuration. That way, you might + end up excluding more parts of the namespace than you would need + for your system, but the AIDE protection is still working on a + broader basis than it did with the old configuration. If you are + paranoid, you might want to either delete the config snippets you + don't use (ucf should notice that and not re-install the files on + update) or create your own conf.d directory (like + /etc/aide/aide.conf.local.d), symlink the snippets you want in + there and point aide towards the new conf.d directory by setting + UPAC_CONFD in /etc/default/aide. This last option is the way I + have chosen for my personal systems. + + Package maintainers, if you intend to deliver your own aide.conf.d + snippet in your package, please put your package name after the + number (31_aide_foo => 31_foo_something) to avoid a namespace + clash and file a bug against aide so indicate that aide can remove + its config snippet. It does not hurt to have both installed, so + there is no need to coordinate. + + The source package can optionally build a package aide-config-zg2, + which contains rules that are probably only suitable on my + systems. Of course, building of aide-config-zg2 is disabled by + default. + + -- Marc Haber Fri, 26 May 2006 11:05:10 +0000 --- aide-0.15.1.orig/debian/rules +++ aide-0.15.1/debian/rules @@ -0,0 +1,133 @@ +#!/usr/bin/make -f + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# Should we build aide-config-zg2 +ifndef buildzg2package +buildzg2package=no +endif + +# set variables for packages to build +ifeq ($(buildzg2package),yes) +buildpackages=aide aide-common aide-xen aide-dynamic aide-config-zg2 +else +buildpackages=aide aide-common aide-xen aide-dynamic +endif + +# limit SElinux to Linux architectures +DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) +ifeq ($(DEB_HOST_ARCH_OS),linux) +selinux := --with-selinux +SELINUX="+selinux" +else +SELINUX= +endif + + +# generate -paide -paide-config-zg2 ... commandline for debhelper +dhbuildpackages=$(addprefix -p,$(buildpackages)) + +BUILDDIR = $(CURDIR)/debian/build +BASEDIR = $(CURDIR) +VARIANTS = aide aide-xen aide-dynamic + +CFG1 += --prefix=/usr +CFG1 += --sysconfdir=/var/lib/aide/please-dont-call-aide-without-parameters +CFG1 += --with-config_file=/dev/null --with-zlib +CFG1 += --with-xattr --with-posix-acl --with-e2fsattrs $(selinux) + +CFG_aide = +CFG_aide-xen += --with-extra-libs="-L/usr/lib/xen/" +CFG_aide-dynamic += --disable-static + +CONFIG_aide = $(CFG1) $(CFG_aide) +CONFIG_aide-xen = $(CFG1) $(CFG_aide-xen) +CONFIG_aide-dynamic = $(CFG1) $(CFG_aide-dynamic) + +aide-conf: debian/aide.conf.in + sed -e s/_SELINUX_/$(SELINUX)/g < debian/aide.conf.in > debian/aide.conf + +clean: unpatch $(foreach v,$(VARIANTS),clean-$(v)) + dh_testdir $(dhbuildpackages) + dh_testroot $(dhbuildpackages) + rm -f build-stamp* install-stamp* + rm -rf $(BUILDDIR) + rm -rf $(BASEDIR)/debian/aide.conf + debconf-updatepo + + dh_clean + +clean-%: + rm -rf $(BASEDIR)/debian/$(subst clean-,,$@) + + +build: build-stamp aide-conf +build-stamp: patch-stamp $(foreach v,$(VARIANTS),build-stamp-$(v)) + touch $@ + +build-stamp-%: + dh_testdir + mkdir -p $(BUILDDIR)/$(*) + cd $(BUILDDIR)/$(*) && \ + $(BASEDIR)/configure $(CONFIG_$(*)) + $(MAKE) -C $(BUILDDIR)/$(*) + touch $@ + +install: build +install: install-stamp +install-stamp: $(foreach v,$(VARIANTS),install-stamp-$(v)) + $(MAKE) -C $(BUILDDIR)/aide install DESTDIR=$(CURDIR)/debian/aide-common prefix=/usr mandir=/usr/share/man + rm $(CURDIR)/debian/aide-common/usr/bin/aide + touch $@ + +install-stamp-%: + dh_testdir + dh_testroot + + dh_installdirs $(dhbuildpackages) + #dh_installcron $(dhbuildpackages) do not use, ucf here + #dh_installinit $(dhbuildpackages) do not use, ucf here + + cp $(CURDIR)/debian/build/$(*)/src/aide $(CURDIR)/debian/$(*)/usr/bin/aide + + touch $@ + +binary-indep: build install +# no architecture-independent stuff + +binary-arch: build install + dh_testdir $(dhbuildpackages) + dh_testroot $(dhbuildpackages) + dh_installdocs $(dhbuildpackages) + dh_install $(dhbuildpackages) + cp $(CURDIR)/contrib/aide-attributes.sh $(CURDIR)/debian/aide-common/usr/bin/aide-attributes + #dh_installcron $(dhbuildpackages) do not use, ucf here + dh_installman $(dhbuildpackages) + dh_installchangelogs $(dhbuildpackages) ChangeLog + dh_installdebconf $(dhbuildpackages) + dh_installexamples $(dhbuildpackages) + #dh_link $(dhbuildpackages) usr/share/man/man1/aide.1 usr/share/man/man1/aide.real.1 + dh_strip $(dhbuildpackages) + dh_compress $(dhbuildpackages) + dh_fixperms $(dhbuildpackages) + dh_installdeb $(dhbuildpackages) + dh_shlibdeps $(dhbuildpackages) usr/bin/aide + dh_gencontrol $(dhbuildpackages) + dh_md5sums $(dhbuildpackages) + chmod 755 debian/aide_fixperms $(CURDIR)/debian/aide-common/usr/share/aide/config/cron.daily/aide + debian/aide_fixperms + dh_builddeb $(dhbuildpackages) + +patch: patch-stamp +patch-stamp: + dpatch apply-all + #dpatch call-all -a=pkg-info >patch-stamp + touch patch-stamp + +unpatch: + dpatch deapply-all + rm -rf patch-stamp debian/patched + +binary: binary-indep binary-arch +.PHONY: clean build install binary-indep binary-arch patch unpatch binary --- aide-0.15.1.orig/debian/aide.dirs +++ aide-0.15.1/debian/aide.dirs @@ -0,0 +1 @@ +usr/bin --- aide-0.15.1.orig/debian/control +++ aide-0.15.1/debian/control @@ -0,0 +1,111 @@ +Source: aide +Section: admin +Priority: optional +Maintainer: Aide Maintainers +Uploaders: Marc Haber , Mike Markley , Hannes von Haugwitz +DM-Upload-Allowed: yes +Build-Depends: debhelper (>= 5), dpatch, debconf-utils, zlib1g-dev, libmhash-dev (>= 0.9.7), flex (>= 2.5.32), bison, libgcrypt11-dev, po-debconf (>= 0.5.0), libselinux1-dev [linux-any], libattr1-dev, libacl1-dev, e2fslibs-dev +Vcs-Git: git://git.debian.org/git/pkg-aide/aide.git +Vcs-Browser: http://git.debian.org/?p=pkg-aide/aide.git +Homepage: http://aide.sourceforge.net +Standards-Version: 3.9.1 + +Package: aide +Architecture: any +Depends: ${misc:Depends}, aide-common (= ${source:Version}) +Provides: aide-binary +Conflicts: aide-xen, aide-dynamic +Description: Advanced Intrusion Detection Environment - static binary + AIDE is an intrusion detection system that detects changes to files on + the local system. It creates a database from the regular expression rules + that it finds from the config file. Once this database is initialized + it can be used to verify the integrity of the files. It has several + message digest algorithms (md5, sha1, rmd160, tiger, haval, etc.) that are + used to check the integrity of the file. More algorithms can be added + with relative ease. All of the usual file attributes can also be checked + for inconsistencies. + . + This package contains the statically linked binary for "normal" + systems. + . + You will almost certainly want to tweak the configuration file in + /etc/aide/aide.conf or drop your own config snippets into + /etc/aide/aide.conf.d. + +Package: aide-xen +Priority: extra +Architecture: any +Depends: ${misc:Depends}, aide-common (= ${source:Version}) +Provides: aide-binary +Conflicts: aide, aide-dynamic +Description: Advanced Intrusion Detection Environment - static binary for XEN + AIDE is an intrusion detection system that detects changes to files on + the local system. It creates a database from the regular expression rules + that it finds from the config file. Once this database is initialized + it can be used to verify the integrity of the files. It has several + message digest algorithms (md5, sha1, rmd160, tiger, haval, etc.) that are + used to check the integrity of the file. More algorithms can be added + with relative ease. All of the usual file attributes can also be checked + for inconsistencies. + . + This package contains the statically linked binary for XEN-enabled + systems and should be used in Dom0 and DomU. + . + You will almost certainly want to tweak the configuration file in + /etc/aide/aide.conf or drop your own config snippets into + /etc/aide/aide.conf.d. + +Package: aide-dynamic +Priority: extra +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, aide-common (= ${source:Version}) +Provides: aide-binary +Conflicts: aide, aide-xen +Description: Advanced Intrusion Detection Environment - dynamic binary + AIDE is an intrusion detection system that detects changes to files on + the local system. It creates a database from the regular expression rules + that it finds from the config file. Once this database is initialized + it can be used to verify the integrity of the files. It has several + message digest algorithms (md5, sha1, rmd160, tiger, haval, etc.) that are + used to check the integrity of the file. More algorithms can be added + with relative ease. All of the usual file attributes can also be checked + for inconsistencies. + . + This package contains a dynamically linked binary and should only be + used in exeptional circumstances. To avoid exposure to trojaned + libraries, it is advised to use one of the statically linked binaries. + . + You will almost certainly want to tweak the configuration file in + /etc/aide/aide.conf or drop your own config snippets into + /etc/aide/aide.conf.d. + +Package: aide-common +Architecture: all +Depends: ${misc:Depends}, aide | aide-binary, bsd-mailx | mailx, liblockfile1, ucf (>= 2.0020), initscripts (>= 2.88dsf-13.3) +Recommends: cron +Description: Advanced Intrusion Detection Environment - Common files + AIDE is an intrusion detection system that detects changes to files on + the local system. It creates a database from the regular expression rules + that it finds from the config file. Once this database is initialized + it can be used to verify the integrity of the files. It has several + message digest algorithms (md5, sha1, rmd160, tiger, haval, etc.) that are + used to check the integrity of the file. More algorithms can be added + with relative ease. All of the usual file attributes can also be checked + for inconsistencies. + . + This package contains base and configuration files that are needed to + run the actual binaries. + . + You will almost certainly want to tweak the configuration file in + /etc/aide/aide.conf or drop your own config snippets into + /etc/aide/aide.conf.d. + +Package: aide-config-zg2 +Architecture: all +Depends: ${misc:Depends}, aide, ucf +Description: Advanced Intrusion Detection Environment - Zg2 configuration extension + AIDE is an intrusion detection system that detects changes to files on + the local system. This package has extended configuration which is + probably only suiteable for systems operated by Marc Haber. + . + This package is not built by default. --- aide-0.15.1.orig/debian/update-aide.conf.8 +++ aide-0.15.1/debian/update-aide.conf.8 @@ -0,0 +1,83 @@ +.TH UPDATE-AIDE.CONF 8 "Jan 23, 2005" +.SH NAME +update-aide.conf \- build run-time AIDE configuration +.SH SYNOPSIS +.B update-aide.conf +.SH DESCRIPTION +.B update-aide.conf +rebuilds the runtime AIDE configuration. /etc/aide/aide.conf and the +contents of the /etc/aide/aide.conf.d directory. If one of these files +is executeable, +.B update-aide.conf +executes the file and uses its stdout for the AIDE configuration. For +files that are not executeable, their contents is copied into AIDE +configuration verbatim. The input paths can be controlled from the +command line or using configuration options in /etc/default/aide. +.B update-aide.conf +is primarily used by +.B aideinit +(8), the +.B aide +wrapper and and the +.B /etc/cron.daily/aide +script. +.PP +Debian Packages might drop configuration snippets in +.B /etc/aide/aide.conf.d +, which will be picked up automatically by aide +if the default paths are used. If you would prefer to control your +rules yourself, you might want to point +.B update-aide.conf +to a different conf.d directory by configuring +.B /etc/default/aide +appropriately. You can then use symlinks to select Debian rules. Or +you can edit the files dropped into +.B /etc/aide/aide.conf.d +yourself, they are dpkg-conffiles. +.SH OPTIONS +.TP +.B -v, --verbose +Enable verbose mode, tell about ignored files +.TP +.B -h, --help +Show this message +.TP +.B --keepcomments +Do not remove comment lines +.TP +.B --removecomments +Remove comment lines (default) +.TP +.B -o, --output +write output to file instead of /var/lib/aide/aide.conf.autogenerated +.TP +.B -d, --confdir +read input from given directory instead of /etc/aide. The default can +be overridden using the UPAC_CONFDIR directive in /etc/default/aide. +.TP +.B -D, --confd +read config file snippets from given directory instead of +/etc/aide/aide.conf.d. The default can be overridden using the +UPAC_CONFD directive in /etc/default/aide. +.TP +.B -S, --settingsd +read settings files from given directory instead of +/etc/aide/aide.settings.d. The default can be overridden using the +UPAC_SETTINGSD directive in /etc/default/aide. +.SH FILES +.TP +.B /etc/aide/aide.conf +main AIDE configuration file +.TP +.B /etc/aide/aide.conf.d +configuration file fragments to be added to the master configuration file +.TP +.B /etc/aide/aide.settings.d +settings files parsed by some configuration files in UPAC_CONFD +.TP +.B /etc/default/aide +Debian aide defaults file used for permanently overriding some option defaults. +.SH AUTHOR +This manual page was written by Mike Markley and +Marc Haber , for the Debian GNU/Linux +system (but may be used by others). --- aide-0.15.1.orig/debian/aideinit +++ aide-0.15.1/debian/aideinit @@ -0,0 +1,157 @@ +#!/bin/sh +# +# $Id$ +# Copyright 2003 Mike Markley +# This script is free for any purpose whatseoever so long as the above +# copyright notice remains in place. + +if [ -f /etc/default/aide ]; then + . /etc/default/aide +fi + +# Defaults +MAILTO="${MAILTO:-root}" + +# Options +opt_f=0 +opt_y=0 +opt_c=0 +opt_b=0 +defaultconfig="/var/lib/aide/aide.conf.autogenerated" + +if ! [ -x "/usr/bin/aide" ]; then + echo >&2 "no /usr/bin/aide found, check your dependencies" + exit 1 +fi + +aideinit_usage() { + echo "Usage: $0 [options] -- [aide options]" + echo " -y|--yes Overwrite output file" + echo " -f|--force Force overwrite of database" + echo " -c|--config Specify alternate config file" + echo " -o|--output Specify alternate output file" + echo " -d|--database Specify alternate database file" + echo " -b|--background Run in the background" +} + +while [ -n "$1" ]; do + case "$1" in + -h|--help) + aideinit_usage + exit 0 + ;; + -f|--force) + opt_f=1 + shift + ;; + -y|--yes) + opt_y=1 + shift + ;; + -b|--background) + opt_b=1 + shift + ;; + -o|--output) + shift + [ -z "$1" ] && aideinit_usage && exit 1 + outfile=$1 + shift + ;; + -d|--database) + shift + [ -z "$1" ] && aideinit_usage && exit 1 + dbfile=$1 + shift + ;; + -c|--config) + opt_c=1 + shift + [ -z "$1" ] && aideinit_usage && exit 1 + config=$1 + shift + ;; + --) + shift + break 2 + ;; + *) + echo "Unknown option $1 (use -- to delimit aideinit and aide options)" + exit + ;; + esac +done + +if [ -z "$config" ]; then + update-aide.conf +fi + +config=${config:-$defaultconfig} + +if [ ! -f "$config" ]; then + echo "$0: $config: file not found" + exit 1 +fi + +if [ -z "$outfile" ]; then + outfile=$(egrep "^[[:space:]]*database_out=file:" $config | cut -d: -f2) + [ -z "$outfile" ] && outfile="/var/lib/aide/aide.db.new" +fi +if [ -z "$dbfile" ]; then + dbfile=$(egrep "^[[:space:]]*database=file:" $config | cut -d: -f2) + [ -z "$dbfile" ] && dbfile="/var/lib/aide/aide.db" +fi + +if [ -f $outfile ]; then + if [ $opt_y -eq 0 ]; then + echo -n "Overwrite existing $outfile [Yn]? " + read yn + case "$yn" in + [Nn]*) + exit 0 + ;; + esac + fi +fi + +extraflags="" + +if [ $opt_b -eq 1 ]; then + (aide.wrapper --init $extraflags $@ >/var/log/aide/aideinit.log 2>/var/log/aide/aideinit.errors + RET=$? + printf "AIDE --init return code %d" "$RET" >> /var/log/aide/aideinit.log + if [ "$RET" != "0" ]; then + printf "AIDE --init return code %d" "$RET" >> /var/log/aide/aideinit.errors + fi + if [ -f "$dbfile" -a $opt_f -eq 0 ]; then + echo "$dbfile exists and -f was not specified" >> /var/log/aide/aideinit.errors + fi + if [ "$(< /var/log/aide/aideinit.errors wc -l)" -gt 0 ]; then + (echo "AIDE init errors:"; cat /var/log/aide/aideinit.errors) | /usr/bin/mail -s "AIDE initialization problem" $MAILTO + else + cp -f $outfile $dbfile + fi) & + exit 0 +fi + +# this is only reached if we run in foreground +echo "Running aide --init..." +aide.wrapper --init $extraflags $@ + +RET=$? +if [ "$RET" != "0" ]; then + echo "AIDE --init return code $RET" >&2 + exit $return +fi + +if [ -f "$dbfile" -a $opt_f -eq 0 ]; then + echo -n "Overwrite $dbfile [yN]? " + read yn + case "$yn" in + [yY]*) + cp -f $outfile $dbfile + ;; + esac +else + cp -f $outfile $dbfile +fi --- aide-0.15.1.orig/debian/aide.conf.in +++ aide-0.15.1/debian/aide.conf.in @@ -0,0 +1,174 @@ +# AIDE conf + +# The daily cron job depends on these paths +database=file:/var/lib/aide/aide.db +database_out=file:/var/lib/aide/aide.db.new +database_new=file:/var/lib/aide/aide.db.new +gzip_dbout=yes + +# Set to no to disable summarize_changes option. +summarize_changes=yes + +# Set to no to disable grouping of files in report. +grouped=yes + +# if you want to sacrifice security for speed, remove some of these +# checksums. Whirlpool is broken on sparc and sparc64 (see #429180, +# #420547, #152203). +Checksums = sha256+sha512+rmd160+haval+gost+crc32+tiger + +# check permissions, owner, group and file type +OwnerMode = p+u+g+ftype + +# Check size and block count +Size = s+b + +# Files that stay static +InodeData = OwnerMode+n+i+Size+l+acl+xattrs+e2fsattrs_SELINUX_ +StaticFile = m+c+Checksums + +# Files that stay static but are copied to a ram disk on startup +# (causing different inode) +RamdiskData = InodeData-i + +# Check everything +Full = InodeData+StaticFile + +# Files that change their mtimes or ctimes but not their contents +VarTime = InodeData+Checksums + +# Files that are recreated regularly but do not change their contents +VarInode = VarTime-i + +# Files that change their contents during system operation +VarFile = OwnerMode+n+l+acl+xattrs+e2fsattrs_SELINUX_ + +# Directories that change their contents during system operation +VarDir = OwnerMode+n+i+acl+xattrs+e2fsattrs_SELINUX_ + +# Directories that are recreated regularly and change their contents +VarDirInode = OwnerMode+n+acl+xattrs+e2fsattrs_SELINUX_ + +# Directories that change their mtimes or ctimes but not their contents +VarDirTime = InodeData + +# Logs are special: they are continously written to, may be compressed +# have their file name changed in different, mutually incompatibly ways +# and apprear and vanish at will. Handling this is a a complex and error- +# prone issue. +# +# This is best broken down in a number of small tasks: +# +# +# (A) +# While a live log is being written to, it doesn't change its mode and +# inode and its size only increases. +# +# (B) +# When a live log is rotated for the first time, it should not change +# its mode, may change its inode, and its size decreases. The size +# decrease may not be noticed by aide if the file had size x at the last +# aide run, was rotated in the mean time and was written to so that it +# had a size > x at the next aide run. +# +# (C) +# When a log is compressed, this looks to aide like the uncompressed +# file vanished (or was replaced by another file) and the compressed +# file appeared out of the blue. There is (currently) no way to +# associate the (gone) uncompressed file's contents with the (new) +# compressed file's contents +# +# (D) +# The actual log rotation may rename foo.{x}.bar to foo.{x+1}.bar without +# changing the other properties of the file +# +# (E) +# If only a given number of log generations is to be kept, foo.{y}.bar may +# vanish, but usually only when no foo.{z}.bar exists for z>y. +# +# (F) +# The set of files foo.{x}.bar to foo.{y}.bar is called a "log series" +# in aide terms, with the lowest x being called the "LoSerMember" element +# and the highest y being called the "HiSerMember" element, and the z +# with x/dev/null; then + for file in $(ucfq --with-colons "$PKGNAME" | cut --delimiter=: --fields=1); do + for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist; do + rm -f ${file}$ext + done + rm -f ${file} + + if command -v $UCF >/dev/null; then + $UCF --purge ${file} + fi + if command -v $UCFR >/dev/null; then + $UCFR --purge $PKGNAME ${file} + fi + done +fi + +#DEBHELPER# --- aide-0.15.1.orig/debian/aide-xen.dirs +++ aide-0.15.1/debian/aide-xen.dirs @@ -0,0 +1 @@ +usr/bin --- aide-0.15.1.orig/debian/changelog +++ aide-0.15.1/debian/changelog @@ -0,0 +1,1403 @@ +aide (0.15.1-4) unstable; urgency=low + + [ Hannes von Haugwitz ] + * debian/aide-common.README.Debian: + - fixed wrong filename of auto generated config file, thanks to Olivier + Berger for the hint (closes: #623687) + * debian/po/it.po: new + - added Italian debconf translations, thanks to Mark Caglienzi + (closes: #608128) + * debian/control: + - use dpkg architecture wildcard to limit selinux support to linux + architectures only + - changed Homepage field + - build-dep on libgcrypt11-dev instead of libgcrypt-dev + - removed alternative build-dep on flex-old + - removed upstream URL from description, URL is available via Homepage + field + - drop obsolete Breaks/Replaces: aide (<< 0.13.1-6) + - removed redundant dependencies (bsd-mailx, liblockfile1, ucf) and + recommendation (cron) from aide, aide-xen and aide-dynamic + - aide-common: added alternative dep on mailx + - aide-common: added dep on initscripts (>= 2.88dsf-13.3) for + /run transition + * cron.daily/aide: + - replaced "files" by "entries" + * debian/aide.conf.in: + - enabled summarize_changes option by default (to follow upstream) + * debian/aide.wrapper.8: + - fixed path of configuration file, thanks to "A. N. Other" + (closes: #642270) + * Fixed lintian overrides: + - aide,aide-xen: + - statically-linked-binary: fixed path of binary + - embedded-library: added for libm and zlib + - embedded-zlib: removed (now in embedded-library) + - aide,aide-dynamic,aide-xen: + - binary-without-manpage: removed (fixed in lintian) + * /run transition (closes: #633028, #654752) + - 10_aide_run: new (define RUN, RUNLOCK, DEVDOT and LIBINITRW macro) + - 31_aide_lib-init-rw: replaced with empty dummy + - 31_aide_udev: use DEVDOT macro and handle /@@{DEVDOT}udev + - 70_aide_run: new (handle /run and subdirs) + - 70_aide_var: removed rule for /var/run and /var/lock + - Adjusted rules in the following files (use new macros and allow change + of inode): + - 31_aide_acpid + - 31_aide_aide + - 31_aide_amavisd-new + - 31_aide_anubis + - 31_aide_apache + - 31_aide_apache2 + - 31_aide_apcupsd + - 31_aide_aptitude + - 31_aide_at + - 31_aide_bind9 + - 31_aide_clamav + - 31_aide_clamav-freshclam + - 31_aide_console-log + - 31_aide_cron + - 31_aide_cups + - 31_aide_dbus + - 31_aide_ddclient + - 31_aide_dhcp3-client + - 31_aide_dhcpd + - 31_aide_dovecot + - 31_aide_exim4 + - 31_aide_fail2ban + - 31_aide_fcron + - 31_aide_hald + - 31_aide_hapsd + - 31_aide_ifplugd + - 31_aide_inetd + - 31_aide_initscripts + - 31_aide_inn2 + - 31_aide_ippl + - 31_aide_laptop-mode-tools + - 31_aide_libvirt-bin + - 31_aide_lighttpd + - 31_aide_logcheck + - 31_aide_lvm2 + - 31_aide_mailman + - 31_aide_mdadm + - 31_aide_munin + - 31_aide_munin-nodes + - 31_aide_mysql-server + - 31_aide_nagios2 + - 31_aide_nagios3 + - 31_aide_network + - 31_aide_nfs + - 31_aide_nrpe + - 31_aide_nscd + - 31_aide_nslcd + - 31_aide_ntp-server + - 31_aide_openvpn + - 31_aide_pcscd + - 31_aide_pm-utils + - 31_aide_portmap + - 31_aide_postgresql + - 31_aide_proftpd + - 31_aide_resolvconf + - 31_aide_rngd + - 31_aide_rsyslog + - 31_aide_samba + - 31_aide_screen + - 31_aide_slapd + - 31_aide_smartmontools + - 31_aide_smokeping + - 31_aide_snmpd + - 31_aide_spamassassin + - 31_aide_ssh-server + - 31_aide_sudo + - 31_aide_torrus + - 31_aide_utmp + - 31_aide_vpnc + - 31_aide_wpasupplicant + - 31_aide_xinetd + * 70_aide_dev: + - removed support for static dev (closes: #644307) + - replaced for loop with native aide rule (closes: #599930, LP: #456710) + + [ Marc Haber ] + * 31_aide_apt, 31_aide_apt-file: + - factor out shared code, only cat files that actually exist. This + streamlines /etc/apt/sources.list(.d) handling. (closes: #641805) + - provide aide.settings.d/10_aide_sourceslist + * 31_aide_amanda-client: + - adapt to amanda 2.6.1p2 (squeeze) + * 10_aide_distribution: + - add code to reference the current distribution in rule files to be more + flexible. + + -- Hannes von Haugwitz Fri, 06 Jan 2012 21:52:17 +0100 + +aide (0.15.1-3) unstable; urgency=low + + [ Marc Haber ] + * 31_aide_bind9: + - fix wrong group (closes: #612405) + + [ Hannes von Haugwitz ] + * debian/patches/05-configure_32-bit_lfs_fix.dpatch: new + - fixed lfs on 32-bit systems (closes: #615111) + + -- Hannes von Haugwitz Fri, 11 Mar 2011 09:50:46 +0100 + +aide (0.15.1-2) unstable; urgency=low + + * debian/po/da.po: + - updated Danish debconf translations, thanks to Joe Hansen + (closes: #597777) + + -- Hannes von Haugwitz Mon, 18 Oct 2010 09:24:53 +0200 + +aide (0.15.1-1) unstable; urgency=low + + * new upstream version, changes include: + - fixed bug with DB_CHECKINODE (closes: #596230) + * 31_aide_rkhunter: + - adjusted rule for rkhunter.dat and rkhunter.dat.old + * 31_aide_munin: + - handle exim_mailstats- in /var/lib/munin/plugin-state/ + * 31_aide_apt: + - handle backups of APT's extended_states file + + -- Hannes von Haugwitz Tue, 14 Sep 2010 08:22:03 +0200 + +aide (0.15-2) unstable; urgency=low + + * Upload to unstable + + -- Hannes von Haugwitz Wed, 11 Aug 2010 06:56:20 +0200 + +aide (0.15-1) experimental; urgency=low + + * new upstream version + * debian/aide.conf.in: + - added grouped option (by default enabled) + * debian/control: + - aide-common: replaced Conflicts with Breaks/Replaces + + -- Hannes von Haugwitz Sun, 08 Aug 2010 21:37:10 +0200 + +aide (0.14.2.git20100726-1) experimental; urgency=low + + * new upstream git snapshot, changes include: + - fit detailed output in 80 columns (closes: #146112) + - added new attribute 'ftype' for file type change detection + - added new attribute 'e2fsattrs' file attributes on a second extended + file system + - sort files in report by filename (see: #146113) + - new grouped option + * debian/control: + - bumped to Standards-Version 3.9.1 (no changes necessary) + - added e2fslibs-dev to build dependencies + * cron.daily/aide: + - fixed spelling error + * debian/rules: + - enabled e2fsattrs support + * debian/aide.conf.in: + - removed whirlpool from Checksums + - added ftype to OwnerMode + - added e2fsattrs to InodeData, VarFile, VarDir, VarDirInode and Log + * debian/copyright: + - updated upstream copyright + - added myself as co-maintainer + * cron.daily/aide: + - adjusted script to work with new upstream git snapshot + - replaced "New" with "Added" in "End of AIDE output" message + - don't fail when aide.conf contains white spaces, thanks to Adam Bolte + for the patch (LP: #302669) + - update configuration file before parsing it + - exit with code 1 if database doesn't exist + - include database name in error message if database doesn't exist + - exit with fatal error if new database does not exist + - reworked FILTERINSTALLATIONS and FILTERUPDATES + * 31_aide_smartmontools: + - handle files in /var/lib/smartmontools/ + * 31_aide_dhcp3-client: + - /var/lib/dhcp3/ has been moved to /var/lib/dhcp/ + * 31_aide_pm-utils: new + - handle files in /var/run/pm-utils/ + * 31_aide_apt: + - fixed handling of comments in sources.list, thanks to Harvey Muller for + the patch (LP: #112242) + * 31_aide_kerberos: + - handle principal and principal.ok + + -- Hannes von Haugwitz Thu, 29 Jul 2010 08:38:20 +0200 + +aide (0.14.2-1) unstable; urgency=low + + * new upstream version + * debian/control: + - set priority of aide-xen and aide-dynamic to extra + * debian/aide-attributes.1: + - adjusted warning message example to match upstream version + + -- Hannes von Haugwitz Sun, 06 Jun 2010 11:15:59 +0200 + +aide (0.14.1-1) unstable; urgency=low + + [ Hannes von Haugwitz ] + * new upstream version + * Removed unused lintian override from aide-dynamic + * debian/aide-common.doc-base: new + - registered manual.html with doc-base + * debian/{aide.wrapper.8,aideinit.8}: + - fixed spelling errors + * debian/aideinit: + - removed useless hint in error message + * debian/patches/10-manpages.dpatch: + - added patch description + * cron.daily/aide: + - fixed "grep: Unmatched [ or [^" issue, + thanks to Jerome Wittmann for the report + - removed superfluous blank + * 31_aide_dlocate: + - fixed dlocate database name + - handle dlocatedb.stamps + * 31_aide_bind9: + - handle session.key + * 31_aide_clamav-freshclam: + - handle bytecode.cld + * 31_aide_libvirt-bin: + - handle /var/lib/libvirt/qemu/{save,snapshot} + * Added man page for aide-attributes + * debian/{aide-common.manpages,rules}: + - added aide-attributes and man page to aide-common + * debian/control: + - added myself to the Uploaders field + - added DM-Upload-Allowed field + + [ Marc Haber ] + * Add debian/watch, thanks to Guillaume Delacour + * Welcome Hannes to the Debian team + + -- Marc Haber Thu, 03 Jun 2010 20:06:40 +0200 + +aide (0.14-1) unstable; urgency=low + + [ Marc Haber ] + * new upstream version + * Dear Lintian: There is no technical reason to convert a working + package to dpkg maintainers' new toy format, so kindly shut up. + + [ Hannes von Haugwitz ] + * cron.daily/aide: + - the log file checksum is sha256, not sha512 + - fixed aide return value handling + - only truncate details if files have been changed + - reworked "End of AIDE output" message + - print "no significant changes detected" message only if + COPYNEWDB=ifnochange + - use echo instead of printf for printing file names + * aide.conf: + - added new group definition: VarDirTime + * 31_aide_x11-xkb-utils: new + - handle /var/lib/xkb + * 31_aide_man: + - added en and zh to LANGS macro + * 31_aide_wpasupplicant: + - fixed handling of /var/run/wpa_supplicant + * 31_aide_postgresql: + - handle .s.PGSQL.5432 and .s.PGSQL.5432.lock in /var/run/postgresql/ + - handle pgstat.stat in /var/lib/postgresql//main/global/ + * 31_aide_apt: + - exclude *.gpg.reverify files in /var/lib/apt/lists/partial/ + * 31_aide_udev: new + - handle queue.bin + * 31_aide_nfs: + - fixed handling of /var/lib/nfs/etab + * debian/rules, debian/control: + - disabled selinux support on non-linux architectures + * 31_aide_samba: + - handle files in /var/(run|log|cache|lib)/samba + - handle /etc/samba/passdb.tdb + * Moved aide.conf to aide.conf.in + * aide.conf.in + - use _SELINUX_ instead of +selinux to disable selinux support on + non-linux architectures + * update-aide.conf.8: + - fixed wrong path of /etc/aide/aide.settings.d + + -- Marc Haber Fri, 09 Apr 2010 22:22:39 +0200 + +aide (0.14~rc3-1) experimental; urgency=low + + [ Marc Haber ] + * new upstream CVS snapshot + * snprintf.c from rsync (more compatible license) + * new summarize_changes option by Hannes von Haugwitz + * more compatibility with recent autotools (thanks, Steve Grubb) + * 31_aide_aptitude: add /var/lib/aptitude + * aide-common.postinst: remove unneeded CONFDIR variable + * clarify debian/copyright for snprintf.c and fopen.c + * fix debian/NEWS version number 0.13.1-10 + * fix broken mail addresse in changelog + * Standards-Version: 3.8.4 (no changes necessary) + + [ Hannes von Haugwitz ] + * 31_aide_bind9: /var/run/bind/run has been moved to /var/run/named + * Added options to filter package updates or installations (closes: #542621) + * debian/rules: enabled xattr, selinux and posix-acl support + * 10-manpages.dpatch: "block count" patch is now in upstream source + * cron.daily/aide: + - adjusted regex for NOISE to work with new summarize_changes option + - added log file checksum to truncated mail + - removed duplicated "at" in ""End of AIDE daily cron job" line + - don't fail when NOISE removes everything + - replaced obsolete checksums md5 and sha1 with sha256 and sha512 + * 31_aide_svn-server: new + - handle variable files in svn repositories + - provide 31_aide_svn-server_settings + * 31_aide_trac: new + - handle trac.db in trac repositories + - provide 31_aide_trac_settings + * 31_aide_cups: new + - handle files in /var/run/cups, /var/spool/cups, /var/log/cups + and /var/cache/cups + * 31_aide_samba: new + - handle files in /var/run/samba, /var/log/samba and /var/lib/samba + * 31_aide_root-dotfiles: new + - added rules for some dotfiles in root/ (by default disabled) + * Added option to truncate the detailed part in the mail + * Added aide.settings.d directory + * update-aide.conf: added --settingsd option + * default/aide: added UPAC_SETTINGSD variable + * 31_aide_apt: + - read settings file from aide.settings.d + - warn if 31_local_apt_settings is used + * Provide aide.settings.d/31_aide_apt_settings + * Allow LINES=0 to disable option + * 31_aide_wpasupplicant: new + - handle files in /var/run/ + - handle log files + - handle files in /lib/init/rw/wpasupplicant/ + * debian/control: + - added Vcs-Git and Vcs-Browser fields + - added libselinux1-dev, libattr1-dev, libacl1-dev to build dependencies + * 31_aide_postgresql: new (handle log files and pid file) + * 31_aide_ifplugd: new (handle pid file) + * 31_aide_dhcp3-client: added INTERFACES variable + * 31_aide_nfs: new (handle pid files and files in /var/lib/nfs) + * 31_aide_at: new + - handle /var/spool/cron/at(spool|jobs) + - handle /var/run/atd.pid + * 31_aide_laptop-mode-tools: new + - handle files in /var/run/laptop-mode-tools + * 31_aide_nagios3: new + - handle files in /var/lib/nagios3 + - handle files in /var/log/nagios3 + - handle files in /var/run/nagios3 + - handle files in /var/cache/nagios3 + * 31_aide_slapd: new + - handle files in /var/lib/ldap/ + - handle files in /var/run/slapd + - handle /var/run/ldapi + * 31_aide_nslcd: new (handle files in /var/run/nslcd) + * 31_aide_dbus: new (handle files in /var/run/dbus) + * 31_aide_vpnc: new (handle /var/run/vpnc) + * 31_aide_portmap: new + - handle /lib/init/rw/sendsigs.omit.d/portmap + - handle files in /var/run + * 31_aide_kerberos: new (handle temp files) + * 31_aide_dhcpd: new (handle pid file) + * 31_aide_rkhunter: + - fixed handling of old log file + - handle files in /var/lib/rkhunter/db/ + * 31_aide_apcupsd: handle /var/lock/LCK.. + * 31_aide_xfree86-common: replaced with empty dummy, rules + are now in 31_aide_x11-common + * 31_aide_x11-common: new (handle dirs in /tmp) + * 31_aide_opie-server: new (handle /etc/opiekeys) + * 31_aide_network: new (handle /var/run/network) + * 31_aide_anubis: new (handle pid file) + * 31_aide_pcscd: new (handle files in /var/run/pcscd) + * 31_aide_resolvconf: handle files in /lib/init/rw/resolvconf + * 31_aide_tiger: new (handle /var/lib/tiger/work and files in /var/log/tiger) + * 31_aide_alsa: new (handle asound.state file) + * 31_aide_mdadm: new (handle files in /var/run/mdadm and /lib/init/rw/mdadm) + * 31_aide_rsyslog: handle /lib/init/rw/sendsigs.omit.d/rsyslog + * 31_aide_lib-init-rw: new (handle some files in /lib/init/rw) + * 31_aide_hapsd: new (handle pid file) + * 31_aide_smartmontools: new (handle pid file) + * 31_aide_mail: new (handle files in /var/mail) + * 31_aide_fcron: new (handle spool files, fifo and pid file) + * 31_aide_lighttpd: new (handle log files, pid file and php sockets) + * 31_aide_nscd: new (handle /var/run/nscd and cache files) + * 31_aide_aptitude_frqchg: replaced with empty dummy, rules + are contained in 31_aide_aptitude + * 31_aide_hald: removed unneeded rule for acl-list file + * 31_aide_munin: + - added rule for munin-node pid file + - fixed handling of files in /var/run/munin/ + * aide.conf: + - added new rules (VarTime, VarInode, VarDirInode) + - added link name attribute to InodeData and VarFile + - added summarize_changes option (by default disabled) + - added acl, xattrs and selinux attributes to InodeData, VarFile, VarDir, + VarDirInode and Log + - replaced obsolete checksums md5 and sha1 with sha256 and sha512 + * 31_aide_lvm2: fixed handling of cache file and added rule for lock dir + * 31_aide_libvirt-bin: new + - handle files in /var/run/libvirt + - handle /var/lib/libvirt/qemu and /var/cache/libvirt/qemu + * 31_aide_nrpe: new (handle pid file) + * 31_aide_aptitude: added rules for log rotation and exclude lock file + * 31_aide_fail2ban: added rules for /var/run/fail2ban, socket and pid file + * 31_aide_screen: added rule for /var/run/screen + + -- Marc Haber Sun, 28 Feb 2010 17:20:43 +0100 + +aide (0.13.1-11) unstable; urgency=low + + * Fix ] typo in 31_aide_amanda-server. Closes: #476502 + * Add 30_aide_bind9 example to automatically snarf BINDCHROOT + setting from /etc/default/bind9. Modify bind9 rules appropriately. + Thanks to Guido Bozzetto. Closes: #475983 + * 31_aide_mailman: message number in archive dir can have six digits + * 31_aide_proftpd: logs are in a subdir + * Patches by Hannes von Haugwitz: + * 31_aide_exim4_logs: fix log rotation + * 31_aide_clamav: fix log rotation. Closes: #540748 + * 31_aide_munin: apply patch from Hannes von Haugwitz. Closes: #541680 + * 31_aide_cron-apt: fix log rotation: Closes: #540987 + * 31_aide_clamav-freshclam: fix log rotation. Closes: #544688 + * 31_aide_mailman: fix log rotation. Closes: #544765 + * 31_aide_apache2: fix log rotation. Closes: #544768 + * 31_aide_acpid: process pid file. Closes: #544817 + * 31_aide_clamav-freshclam, 31_aide_clamav: handle pid file. + Closes: #544818 + * 31_aide_munin-nodes. don't fail if munin is not installed. + Closes: #545011 + * 31_aide_bind9. Fix typo in svn version. Closes: #545014 + * New files by Hannes von Haugwitz: + * 31_aide_rsyslogd + * 31_aide_cracklib-runtime + * 31_aide_logcheck + * 31_aide_rkhunter + * 31_aide_apt-file. Closes: #542541 + * 31_aide_hald. Closes: #541478 + * 31_aide_fail2ban. Closes: #541345 + * 31_aide_apt-show-versions. Closes: #544690 + * 31_aide_ddclient: Closes: #544815 + * 31_aide_apcupsd. Closes: #544816 + * Apply patches by Guido Günther: + * New postgrey rule. Closes: #500438 + * Optimize munin rules (and add munin-nodes). Closes: #500159 + * fix udev backslash escaping (also thanks to Ian Redfern). + Closes: #506747, #472692 + * 31_aide_syslog: replace with empty dummy + * cron.daily: protect $LOGHEAD and $MAILHEAD with :- in two more + places. Closes: #544414 + * more README.Debian clarifications, again, thanks to Russell Gadd + and Bill Wohler. + * remove obsolete TODO file + * Fix typo in debian/control, thanks to Rogério Brito. Closes: #520019 + * debian/control: clarify that aide-xen should be used in both DomU + and Dom0 + * Adapt Package to later Debian policy: + * make sure that /var/run exists in daily cron job. Closes: #501848. + * Add Homepage: field. + * Standards-Version now 3.8.3 + * build depend on debhelper 5 + * add README.source refering to /usr/share/doc/dpatch/README.source.gz + * Add lintian overrides to aide and aide-xen for embedded-zlib + ./usr/bin/aide. The binaries _are_ statically linked as a feature. + * Have aide-common depend on aide | aide-binary + * depend on bsd-mailx instead of mailx + + -- Marc Haber Tue, 08 Sep 2009 14:45:51 +0200 + +aide (0.13.1-10) unstable; urgency=low + + * debian/control: fix deprecated "<" in Conflicts + * Add explanation "b: block count" to aide.conf.5. + Thanks to Francois Gouget. Closes: #469503 + * 31_aide_syslog: modify regexp to match kern.log as well. + Thanks to Francois Gouget. This partly addresses #469507 + * 31_aide_checksecurity: add file with rules from + Francois Gouget, thanks. Closes: #469508 + * example rules for debian-multimedia packages from Francois Gouget. + * mythweb. Closes: #469511 + * mythbackend. Closes: #469509 + * Move README.Debian to aide-common + * README.Debian: add missing space, remove vote request (no votes + received, ever) + * /etc/default/aide: Add hint how to obtain a variable subject + * update-aide.conf now adds @@{ROOTPREFIX} to all lines, making + audit of chroots and vservers with identical rules easier without + uglifying the actual rules. Thanks to Russell Gadd. + * more fixes to aide_fixperms, thanks to Tom Geissler. + * introduce YEAR4D variable, make use of it + * remove bashism from debian/rules. + Thanks to Raphael Geissert. Closes: #472905 + * README.Debian changes, thanks to Russell Gadd: + * clarify the role of debconf in README.Debian + * move the wrapper paragraph lower + * Add a little more prose about Debian's configuration scheme + * 31_aide_apt: allow tildes in archive names + * enable gzip_dbout again + * Collect modified rules from Marc's productive systems: + * re-work log mechanics, add lots of documentation + * 31_aide_aide: Log rotation hopefully fixed + * 31_aide_amanda-server: Take verified rule from productive system + * 31_aide_amanda-client: Parse data from amanda config + * 31_aide_apt: Add Release and IndexDiff for deb-src lines, remove + sarge support including APT_VERS code. Add new var and log rules. + * 31_aide_aptitude: add rule for /var/lock/aptitude, and config + files in /root + * 31_aide_bind9: BINDCHROOT is now the path to the chroot + * 31_aide_clamav: fix log rotation rules + * 31_aide_dokuwiki: new + * 31_aide_exim4: remove /root/.rnd, add /var/spool/exim4/.rnd + and -J spool files. exim4 >= 4.69-3 will place the .rnd file + in /var/spool/exim4 + * 31_aide_exim4_logs: introduce macros, explain how to include + paniclog + * 31_aide_mailman: new + * 31_aide_man: adapt to new directory structure + * 31_aide_munin: rule for munin server socket + * 31_aide_mlocate: new + * 31_aide_nagios2: adapt to current packaging + * 31_aide_php4: no-op file + * 31_aide_privoxy: new + * 31_aide_smokeping: new + * 31_aide_spamassassin: add rule (default disabled) for rule updates + * 31_aide_syslog: logs are rotated with seven cycles + * 31_aide_torrus: adapt to current packages + * R.I.P. linda + + -- Marc Haber Sun, 13 Apr 2008 09:27:49 +0200 + +aide (0.13.1-9) unstable; urgency=low + + * Add versioned conflicts of aide-common with earlier aide. + Thanks to Zoe Parsons. Closes: #443784 + * Move php4 rule to php5. + * Add database_new to default configuration to allow aide --compare + to be used. Thanks to Bill Wohler. Closes: #442620 + * Have aide_fixperms go through aide-common's files instead of aide. + Thanks to Tom Geissler. Closes: #447769 + * Add ${shlibs:Depends} to aide-dynamic's Depends. + Thanks to Tom Geissler. Closes: #447773 + * build-depend on libmhash 0.9.7 instead of 0.9.7-1 (lintian) + * Standards-Version: 3.7.3 (no changes necessary) (lintian) + * remove unused linda override directory from aide-common.dirs (lintian) + * override start-stop-daemon-in-maintainer-script error for + aide-common (lintian) + * Add proper copyright (lintian) + + -- Marc Haber Tue, 26 Feb 2008 23:36:16 +0100 + +aide (0.13.1-8) unstable; urgency=low + + * Have aide, aide-xen and aide-dynamic conflict mutually. + Thanks to Michael Ablassmeier. Closes: #429906 + * 70_aide_dev: Escape hashes in file names. + Thanks to Sebastian Maus. Closes: #440674 + + -- Marc Haber Wed, 12 Sep 2007 23:30:57 +0200 + +aide (0.13.1-7) unstable; urgency=low + + * fix log file rules for clamav and freshclam. Fix regexp for clamav. + Thanks, again, to Tim Stoop. Closes: #418623 + * better exclusion rule for /var/lib/amavis/tmp. + Tim again. Closes: #418626 + * Remove /var/run/aide on aide-common purge. + Thanks to Dr. Markus Waldeck. Closes: #426089 + + -- Marc Haber Sat, 16 Jun 2007 22:26:07 +0200 + +aide (0.13.1-6) experimental; urgency=low + + * remove unecessary confmodule call from postrm. + Thanks to Michael Ablassmeier. Closes: #416641 + * Use ucfr/ucfq. Depend on ucf >= 2.0020. + * Add clamav-freshclam recipe. Thanks to Tim Stoop. Closes: #418623 + * Add libapache2-mod-fastcgi recipe from Tim Stoop. Closes: #418628 + * Add preliminary amavisd-new recipe from Tim Stoop. Closes: #418626 + * 31_aide_apt: Fix gratuitous "VarFile" in ARCHIVESDIR handling. + Thanks to Tim Stoop, again. + * Change sysconfdir in configure call to + /var/lib/aide/please-dont-call-aide-without-parameters + to no longer point to a world writeable location and to give a + better error message. Thanks to Goswin von Brederlow. Closes: #373255 + * cron.daily/aide: Fix broken temp file handling in de-noising code + and adapt code to new aide output format. + Thanks to Guillaume Lécroart. Closes: #419676 + * Split package into -common and different binary packages to help + architectures that do not cope well with statically linked binaries. + * remove DH_COMPAT line from debian/rules + + -- Marc Haber Thu, 24 May 2007 15:33:50 +0200 + +aide (0.13.1-5) unstable; urgency=low + + * 31_aide_apt: + * add rule generation for deb-src lines + * fix ARCHIVESDIR/lock for sarge + * 31_aide_aide: Apply patch by Tim Stoop. Closes: #412320 + * cron.daily: + * handle broken hostname + * fix language issue regarding return code + * remove last references to former CHANGES variable. + Thanks to P.M. van Aalten. Closes: #411823 + * zg2.d/31_local_apt_settings: set IGNORE_FRQCHG yes by default + * 31_aide_dovecot: add /var/lib/dovecot + * 31_aide_exim4: + * zap obsolete rule for dh-params + * add /root/.rnd (side effect of openssl gendh) + + -- Marc Haber Tue, 6 Mar 2007 12:03:24 +0100 + +aide (0.13.1-4) unstable; urgency=low + + * Rule tweaks thanks to Tim Stoop. Closes: #407280 + * 31_aide_syslog: add mail.err and mail.warn, move mail.log to mail clause + * 31_aide_apt_unstable, 31_aide_apt_stable, 31_aide_apt_frqchange: + no-op contents with comments, replace functionality with new + scripted rule 31_aide_apt. + * 10_aide_hostname: set @@{ARCH}. Closes: #407328 + * postinst: handle OLDSUM correctly if no old file found. Closes: #407326 + * 31_aide_ifupdown: make IFSTATE a variable, handle non-symlinks as + well + * update-aide.conf: Export some variables to make them available in + config scripts + * 70_aide_tmp, 31_aide_tetex-bin: add rules + * add 31_aide_dlocate thanks to Tim Stoop + * examples/31_example_exclude-homes: use awk -v + * debian/control: add ucf dependency for zg2 package + * README.Debian: add warning that aide needs memory + + -- Marc Haber Sun, 11 Feb 2007 12:05:39 +0100 + +aide (0.13.1-3) unstable; urgency=low + + * add trailing slash to home directory in zg2 rules to avoid + unexpected prefix + * Adapt 31_aide_ifupdown rule: ifstate has moved to /etc/network/run + and might be hidden behind a symlink. Leave option to select sarge + behavior. + * refactor cron job to handle lock files and cleanup better. + Thanks to Matthijs van Aalten. Closes: #406206 + * aide.conf.d/31_aide_modules: Allow hyphens in kernel version number. + * Have aide wrapper hand through aide's return code. + * have aideinit and cron job do useful things with aide's return code. + Closes: #226138 + * debian/copyright: Add myself as co-maintainer + * 31_aide_syslog: Add user.log to syslog file list. + Thanks to Tim Stoop. Closes: #407247 + + -- Marc Haber Wed, 17 Jan 2007 11:48:00 +0100 + +aide (0.13.1-2) unstable; urgency=low + + * Fix aide.db paths in aideinit man page. Closes: #403342, #377383 + * Fix ERRORTMP occurrence in cron job. + Thanks to Fridtjof Busse. Closes: #403437 + + -- Marc Haber Tue, 19 Dec 2006 12:51:03 +0100 + +aide (0.13.1-1) unstable; urgency=low + + * new upstream version. Closes: #402785 + + -- Marc Haber Fri, 15 Dec 2006 17:53:46 +0100 + +aide (0.13-1) unstable; urgency=low + + * new upstream version + * mkdir /var/run/aide in postinst + + -- Marc Haber Fri, 8 Dec 2006 10:44:04 +0100 + +aide (0.13~rc2-1) experimental; urgency=low + + * upstream release candidate + * remove --with-mhash, --with-gcrypt from configure command line, + the libs are now detected automatically + * Activate the whirlpool hash in the default configuration + * Build-Depends: + * allow building with flex (not flex-old) while avoiding the known + broken flex 2.5.31 + * tighten up versioned build dependency on libmash-dev, older + libmhash (known: the 0.9.1 from sarge) do not support whirlpool. + * major re-work of daily aide cron job: + * Include aide data including checksums of the new and old AIDE + database in the daily cron job report. Thanks to Mike Markley for + this great idea. + * More quotes + * Better handling of temp files + * Adapt 31_aide_aide to properly cope with the new temp files + * Adapt numerous rule files to changed package behavior + * Fix postrm to now cleanly purge. + + -- Marc Haber Sun, 26 Nov 2006 10:42:52 +0100 + +aide (0.12.20061028-1) experimental; urgency=low + + * upstream CVS snapshot including a lot of stabilty patches from Redhat + + -- Marc Haber Sat, 28 Oct 2006 11:17:45 +0000 + +aide (0.12-2) unstable; urgency=low + + * first try at dotlocking the cron job. This might be a possible + solution for #245423. + * Update French (fr) debconf translation. + Thanks to Gregory Colpart. Closes: #393294 + * Update Spanish (es) debconf translation. + Thanks to Rudy Godoy. Closes: #393781 + + -- Marc Haber Fri, 20 Oct 2006 07:39:25 +0000 + +aide (0.12-1) unstable; urgency=low + + * new upstream version + + -- Marc Haber Thu, 5 Oct 2006 07:44:53 +0000 + +aide (0.11.99.20061004-1) experimental; urgency=low + + * New upstream release candidate 0.12-rc2 + * Re-word copynew template and remove warnnew template as suggested + by Thomas Huriaux. Closes: #385999 + * Update Russian (ru) debconf translation. + Thanks to Yuri Kozlov. (mh) Closes: #386790, #388994 + * Update Dutch (nl) debconf translation. + Thanks to cobaco (aka Bart Cornelis). Closes: #390619 + * Update Vietnamese (vi) debconf translation. + Thanks to Clytie Siddall. Closes: #390307 + * Update Portuguese (pt) debconf translation. + Thanks to Marco Ferra. + * Update Czech (cs) debconf translation. + Thanks to Miroslav Kure. Closes: #389117 + * Update Swedish (sv) debconf translation. + Thanks to Daniel Nylander. Closes: #388778 + * Update Polish (pl) debconf translation. + Thanks to Marcin Owsiany. + * Update French (fr) debconf translation. + Thanks to Gregory Colpart. Closes: #381547 + * Update Japanese (ja) debconf translation. + Thanks to Hideki Yamane. Closes: #389062 + * Update Brazilian Portuguese (pt_BR) debconf translation. + Thanks to André Luís Lopes. + * Update German (de) debconf translation. + Thanks to Erik Schanze. Closes: #390763 + * Fix abuse of debconf notes: + * Remove setmailaddress template, move text to README.Debian. + * Remove mustaideinit template, make aideinit template more verbose. + * Make debconf templates more policy compliant. + * Thanks to Christian Perrier. Closes: #388704 + * Streamline aide and AIDE use: AIDE refers to the project and the + program, while aide is the Debian package and the actual binary. + Thanks to Erik Schanze. + * Add vserver section to README.Debian. Thanks to Christian Thaeter + for this idea. Closes: #387463 + + -- Marc Haber Wed, 4 Oct 2006 13:16:06 +0000 + +aide (0.11.99.20060718-1) experimental; urgency=low + + * New post-0.12-rc1 CVS snapshot. + * No extra "No such file or directory" error messages any more. + Closes: #247685. + * No longer segfaults on --config-check and @@ifnhost. + Thanks to Andy Spiegl. Closes: #244917. + * Adapt 10-manpages.dpatch + * remove all other patches (incorporated upstream) + * Update French (fr) debconf translation. + Thanks to Christian Perrier. (mh) Closes: #369242 + * Update Czech (cs) debconf translation. + Thanks to Miroslav Kure. (mh) Closes: #370312 + * Fix/Remove paths in FILES section of aide.1 man page. + Thanks to Dr. Markus Waldeck. Closes: #377383 + * Fix typo in README.Debian. + Thanks to Richard van den Berg. Closes: #378438 + * Fix syslog rules. Thanks to Richard van den Berg. + + -- Marc Haber Tue, 8 Aug 2006 13:57:39 +0200 + +aide (0.11a-4) unstable; urgency=low + + * statically link against libmhash 0.9.6-2, which might fix some + issues on big-endian archs. + * Tighten up build-deps to force buildds to link against the same + libmhash. The versioned build-dep can be removed for backports, at the + price of probably not running on big-endian archs. + * 70_aide_dev: allow two digit /dev/pts numbers. + * 31_aide_inn2: /var/spool/news/incoming is VarDir itself + * Update Dutch (nl) debconf translation. + Thanks to cobaco (aka Bart Cornelis). (mh) Closes: #363652 + * Update Swedish (sv) debconf translation. + Thanks to Daniel Nylander. (mh) Closes: #365774 + * Call dh_installexamples from debian/rules, to actually include + 31_example_exclude-homes into package. + Thanks to Glyn Kennington for spotting this. (mh) Closes: #361714 + * Do not define HOSTNAME, DNSDOMAINNAME and FQDN if the + corresponding binary gives no output. Adapt rules to not fail in + case of undefined variable. + Thanks to Corey Wright and Craig Small. Closes: #366776 + * Fix badly formatted debian/NEWS file. + * Fix incorrect dotlockfile presence test. + Thanks to Bob Proulx. Closes: #367333 + * Fix issues addressed by Bob Proulx (thanks!). Closes: #367337. + * Move + * aide wrapper to aide.wrapper + * add man page for aide.wrapper + * aide.real to aide + * fix lintian and linda overrides + * This kind of restores expected aide behavior. + * Debian scripts now call aide.wrapper explicitly + * thus, our lock locks the Debian configuration only and + not the aide binary. + * use "$@" instead of $@ in aide.wrapper + * keep accidentally invoked aide from tampering with Debian database: + * set sysconfdir to /tmp/empty + * set config_file to /dev/null + * have wrapper explicitly set --config /etc/aide/aide.conf + * do not set --config explicitly in aideinit + * zap /var/lib files instead of /var/log in postinst + * replace ` with $() in aideinit + * handle /var/log/apache2/suexec.log.* if + /etc/apache2/mods-enabled/suexec.load exists. + Thanks to Craig Small. Closes: #368935 + * Fix dumb scripting error in aide.conf.d/31_aide_amanda-server + Thanks to Craig Small. Closes: #368409 + * Minor modifications to the Debconf templates to make lintian happy. + * Standards-Version: 3.7.2 (no change necessary). + + -- Marc Haber Fri, 26 May 2006 12:44:51 +0000 + +aide (0.11a-3) unstable; urgency=low + + * fix bashism in /etc/aide/aide.conf.d/10_aide_hostname. + Thanks to Michael Gurski. Closes: #361550 + * Update Russian (ru) debconf translation. + Thanks to Yuri Kozlov. (mh) Closes: #361647 + * fix rules: + * 31_aide_exim4: /var/spool/exim4 is VarDir itself + * Document that aide might run for a long time on big systems, add + 31_example_exclude-homes to show how to exclude home directories. + Thanks to Frank Lichtenheld and maximilian attems. (mh) Closes: #361714 + * Fix cron job quiet reports. + Thanks to Fridtjof Busse. (mh) Closes: #362441 + + -- Marc Haber Sat, 15 Apr 2006 10:43:26 +0000 + +aide (0.11a-2) unstable; urgency=low + + * include end timestamp and run time into cron job log file + * New configuration scheme: + * add aide.conf.d to package + * new aide.conf file + * aide.conf.d with package-dependent files + * Documentation in NEWS + * use ucf + * add aide.* prefix to debhelper control files to ease creation of + second binary package + * introduce optional (default=off) aide-config-zg2 package holding + non-standard rules + * patch aide to avoid "There are rules referring to non-existing + directories" by default. Patch submitted upstream. + * update-aide.conf: change default handling for UPAC_CONFD[DIR] to + allow more flexible configuration. + * debian/rules: use more debhelper magic + * dh_installcron + * dh_installinit (to move /etc/default/aide) + * dh_install + * fix debian/rules so that the package actually gets built only once. + * add space after "added:" and similar output strings + + -- Marc Haber Tue, 4 Apr 2006 06:06:45 +0000 + +aide (0.11a-1) unstable; urgency=low + + * New upstream CVS snapshot version with some minor fixes. Inclusion + in Debian coordinated with Upstream. + * Fix wrongly reported version number. See + http://sourceforge.net/mailarchive/forum.php?thread_id=9797743&forum_id=34655. + Thanks to Stefan Sontheimer for noticing. Closes: #355091 + * Document that aide cannot be killed with SIGTERM in man page. + Closes: #168264 + * Update German (de) debconf translation. + Thanks to Erik Schanze. (mh) Closes: #345696 + * Update Dutch (nl) debconf translation. + Thanks to Bart Cornelis. (mh) Closes: #354589 + * re-work cron job and defaults file + * Fix QUIETREPORTS which was broken since aide began generating + output even if no changes were detected + * Introduce COPYNEWDB parameter to have new database copied to old + one, making ANF/ARF actually useful for rotated log files + * Use $() instead of `` + * Introduce MAILSUBJ to cron.daily, document in /etc/default/aide. + * Pull FQDN initialization before /etc/default/aide source, allowing + FQDN to be used and changed in /etc/default/aide. Document. + * zap aide.conf.autogenerated on purge. + * re-work README.Debian. + * update-aide.conf: + * Allow --confdir to be overridden from /etc/default/aide + * Introduce --confd to allow snippet directory to be set + independently. Overrideable from /etc/default/aide + * If an input file is executeable, use its standard output for aide + configuration + * Documentation + + -- Marc Haber Tue, 14 Mar 2006 14:18:11 +0000 + +aide (0.11-1) unstable; urgency=low + + * new released upstream version + * Have /var/lib/dpkg/info/*.md5sums rule also allow dots in the file + name. Thanks to Glyn Kennington. Closes: #351433 + * add some $ to regexp ends in default config. + + -- Marc Haber Sun, 19 Feb 2006 17:53:00 +0000 + +aide (0.10.99.20060202.rc3-1) experimental; urgency=low + + * new upstream version + * remove patches that are not needed any more because of adapted + upstream. + * Update Swedish (sv) debconf translation. + Thanks to Daniel Nylander. (mh) Closes: #350721 + * Swap Mike and Marc in Uploaders to reflect new responsibilities. + + -- Marc Haber Thu, 2 Feb 2006 21:07:14 +0000 + +aide (0.10.99.20051215-1) experimental; urgency=low + + * new upstream CVS snapshot + * this allows more verbose logging of file matching + + -- Marc Haber Thu, 15 Dec 2005 18:25:20 +0000 + +aide (0.10.99.20051122-2) experimental; urgency=low + + * the "Thanks Mr. Troup for breaking dpkg-sig" release, see #340306 + * not signed with dpkg-sig but with debsign + * reducing upload security at ftpmaster's request + + -- Marc Haber Thu, 24 Nov 2005 09:56:27 +0000 + +aide (0.10.99.20051122-1) experimental; urgency=low + + * new upstream CVS snapshot + * added/removed files are now reported again. + * bump DH_COMPAT to 4 + + -- Marc Haber Wed, 23 Nov 2005 09:09:24 +0000 + +aide (0.10.99.20051120-1) UNRELEASED; urgency=low + + * new local CVS snapshot of which Pablo says that reporting + added/removed files works again. + * wrapper now refuses to run aide twice, depend on liblockfile1 + + -- Marc Haber Tue, 22 Nov 2005 07:50:31 +0100 + +aide (0.10.99.20051115-0) UNRELEASED; urgency=low + + * new upstream CVS snapshot which fixes ANF (allow new files) + * new upstream CVS snapshot which adds ARF (allow removed files) + * Fix typo in Debconf template and all po files, hopefully not + fuzzying them that way. Thanks to Morten Brix Pedersen. + * Update Danish (da) debconf translation thanks for Morten Brix + Pedersen. (mh) Closes: #340136 + + -- Marc Haber Mon, 21 Nov 2005 08:51:21 +0100 + +aide (0.10.99.20051107-1) experimental; urgency=low + + * new upstream CVS snapshot which adds ANF (allow new files) + + -- Marc Haber Wed, 9 Nov 2005 14:00:26 +0000 + +aide (0.10.99.20051103.rc2-1) experimental; urgency=low + + * new upstream release candidate + * have pkg-aide-maintainers as Maintainer, Mike and Marc as Uploaders + * New Portuguese (pt) debconf translation thanks to Miguel + Figueiredo and Marco Ferra. (mh) Closes: #336336 + + -- Marc Haber Thu, 3 Nov 2005 20:31:46 +0000 + +aide (0.10.99.20051026-1) experimental; urgency=low + + * new upstream CVS snapshot after 0.11rc1 + * Prints stop timestamp whenever start timestamp is printed. + Closes: #247954 + * Fix 0.10.99.20051025-1 changelog entry that didn't close bug. + (mh) Closes: #226256. + + -- Marc Haber Thu, 27 Oct 2005 09:12:47 +0000 + +aide (0.10.99.20051025-1) experimental; urgency=low + + * new upstream CVS snapshot after 0.11rc1 + * doesn't segfault any more on two close backslashes in config file. + Closes: #247210 + * doesn't segfault any more on aide -c, more robustly detects errors + in config file. Closes: #237969 + * adapt Debian patches. (mh) + * remove error level patches to see what upstream's defaults are. (mh) + * remove typo patches, they're fixed upstream. (mh) + * Add Last-Translator setting to sv.po, (mh) + * Updated French (fr) debconf translation thanks to Christian Perrier. + (mh) Closes: #334256 + * Updated Czech (cs) debconf translation thanks to Miroslav Kure. + (mh) Closes: #335576 + * Add upstream URL to debian/control, minor cosmetic changes. (mh) + * Fix download URL in debian/copyright. (mh) + * remove $ERRORTMP on abnormal cron job exit. Thanks to Bart + Cortooms. (mh) Closes: #325731 + * Have egrep expressions in aideinit only match if the keyword is + first in line. Thanks to Guido Bozzetto. (mh) Closes: #226256 + * Updated Swedish debconf translation thanks to Daniel Nylander. + (mh) Closes: #335331 + * apply patchlet to allow variables in /etc/defaults/aide. + (mh) Closes: #247510 + * fix aide wrapper to not mistetect --config-check as --config. (mh) + + -- Marc Haber Tue, 25 Oct 2005 12:58:26 +0000 + +aide (0.10-11) unstable; urgency=low + + * correct wrong path to the templates file in POTFILES.in. Run + debconf-updatepo in debian/rules clean. Execute debconf-updatepo in + source package. Thanks, Thomas Huriaux. (mh) Closes: #331681 + + -- Marc Haber Tue, 4 Oct 2005 17:01:37 +0000 + +aide (0.10-10) unstable; urgency=low + + * Updated Swedish debconf translation thanks to Daniel Nylander. + (mh) Closes: #330259 + + -- Marc Haber Mon, 3 Oct 2005 08:09:39 +0000 + +aide (0.10-9) experimental; urgency=low + + * Only invoke update-aide.conf from wrapper if no --config option + was given. Thanks to Bob Proulx and Al Nikolov. (mh) Closes: #293457 + * Invoke update-aide.conf from daily cronjob, invoke + update-aide.conf from aideinit if no special --config option was + given. Thanks to David Robb, Rolf Kutz, Herbert Thielen, Bob Proulx, + and Hadmut Danisch. (mh) Closes: #293073, #293456, #299765 + * Change Debconf template so that the hint to /etc/default/aide + doesn't appear as a question. Thanks to the anonymous bug reporter. + (mh) Closes: #315630. + * Remove artificial libc6 dependency. aide is statically linked and + does not depend on libc at all. Re-enable debhelper magic. + Thanks to Santiago Vila. (mh) Closes: #298303 + * New Vietnamese debconf translation thanks to Clytie Siddall. + (mh) Closes: #313017 + * New Czech debconf translation thanks to Miroslav Kure. + (mh) Closes: #315819 + * Lower debconf priorities. Thanks to Maximilian Attems. + (mh) Closes: #295190 + * Ship with empty NOISE in /etc/defaults/aide. Thanks to Herbert + Thielen, Christophe Chisogne and Ralf Hildebrandt. (mh) Closes: #260942 + * Move AIDEARGS to /etc/defaults/aide. (mh) Closes: #247686 + * More manpage fixes to aide.1. + Thanks to Sven Hoexter. (mh) Closes: #312671 + * remove po-debconf woody backporting helper, use misc:Depends for + debconf dependency to no longer hinder cdebconf migration. + + -- Marc Haber Tue, 27 Sep 2005 17:39:10 +0000 + +aide (0.10-8) experimental; urgency=low + + * acknowledge NMUs 0.10-6.1 and 0.10-6.2. Thanks guys. + * move development to alioth SVN repository, import Mike's CVS + * Include pl.po and zh_TW.po in repository which weren't there. + Forgotten cvs add? (mh) + * Less aggressive removals of files on purge. (mm) + * Move upstream patches to debian/patches, use dpatch. (mh) + * Standards-Version: 3.6.2 (no changes necessary). (mh) + * put quotes around .IP parameters in man pages to get rid of + errors. (mh) + * fix broken /usr/doc handling in prerm, remove bashisms. (mh) + * Add debugging code to maintainer scripts. (mh) + * Call update-aide.conf in postinst before creating database. (mh) + + -- Marc Haber Sun, 18 Sep 2005 16:24:43 +0000 + +aide (0.10-7) unstable; urgency=low + + * Added errormessage() function to update-aide.conf (Closes: #300454) + + -- Mike Markley Sat, 7 May 2005 19:21:54 -0700 + +aide (0.10-6.2) unstable; urgency=medium + + * NMU to update static zlib with one that is not vulnerable to + CAN-2005-2096. Closes: #317523 + + -- Joey Hess Sun, 4 Sep 2005 15:55:43 -0400 + +aide (0.10-6.1) unstable; urgency=low + + * Non-maintainer upload + * Updated Dutch debconf translation thanks to Bart Cornelis + (Closes: #260296) + * Updated German debconf translation thanks to Erik Schanze + (Closes: #252495) + * New Traditional Chinese debconf translation thanks to Asho Yeh + * New Polish debconf translation thanks to Marcin Owsiany + * doc/aide.1 doc/aide.conf.5: Fixed hyphen as minus sign + + -- Luk Claes Fri, 18 Feb 2005 08:36:15 +0100 + +aide (0.10-6) unstable; urgency=low + + * Oops. Wrong PATH in the new wrapper in -5. + + -- Mike Markley Sun, 30 Jan 2005 18:18:59 -0800 + +aide (0.10-5) unstable; urgency=low + + * Added support for /etc/aide/aide.conf.d directory with patch + from Marc Haber (Closes: #267978) + * Added updated Japanese debconf translation I'd overlooked + (Closes: #266790) + * Added Marc Haber as a co-maintainer. + + -- Mike Markley Sun, 30 Jan 2005 18:17:02 -0800 + +aide (0.10-4) unstable; urgency=medium + + * Changed $DENOISE check in cron script to $NOISE (Closes: #247689) + * Updated Brazilian debconf template (Closes: #262600) + * Updated Danish debconf template (Closes: #243070) + * Updated Japanese debconf template (Closes: #243265) + + -- Mike Markley Sun, 1 Aug 2004 18:20:46 -0700 + +aide (0.10-3) unstable; urgency=low + + * Tweak the debug levels again. This is a patch from CVS that + makes the debug levels between 0 and 5 a great deal more granular + than they were, while leaving the default level as it was before. + * Adjust the cron script to use -V4 as per the new verbosity levels + provided by the aforementioned patch (Closes: #243140) + * Add /dev/xconsole to ignored devices in aide.conf + * Fiddle with default /var/log config lines + + -- Mike Markley Sun, 2 May 2004 14:37:32 -0700 + +aide (0.10-2) unstable; urgency=low + + * Patch src/Makefile.am and .in for include directory precedence + to fix the conflict that sometimes happens when building with + libdb-dev installed + * Added Japanese debconf translation (Closes: #225847) + * Added Greek debconf translation (Closes: #229532, #229500, #229524) + * Added Russian debconf translation (Closes: #140888) + * Use ISO-8601 date format (Closes: #228201) + * Move configuration for cron and update scripts to /etc/default/aide + * Add QUIETREPORTS option to suppress mail reports when there's nothing + changed (Closes: #190186) + * Some debconf templates have changed; I gladly accept any updated + translations + + -- Mike Markley Sun, 28 Mar 2004 19:31:52 -0800 + +aide (0.10-1) unstable; urgency=low + + * The "Bite the Bullet" release + * New upstream version (Closes: #222427) + * Now ignoring /var/log/ksymoops by default (Closes: #166681) + * Depends: on mailx instead of Recommends: (Closes: #213135) + * Clarified purpose in long description (Closes: #171977) + * Added Danish debconf translation (Closes: #174739) + * Added Dutch debconf translation (Closes: #206324) + * Added Colin Watson's code for po-debconf handling on woody + as per Marc Haber's suggestion (Closes: #217830) + * Add checks to the /var/lib/dpkg/info/*.md5sums example to make + it syntatically correct without changes (Closes: #222114, #222422) + * Add README.Debian note about mmap() error and modify default + config to skip /dev/cpu/mtrr (Closes: #224010) + * Included Marc Haber's replacement cron script basically verbatim + (Closes: #130375, #148147) + * New separate error condition for @@end_db should take care of the + not implemented errors (Closes: #163233, #222739) + * Update to DH_COMPAT 3 + * Remove patches that are integrated upstream + * Temporarily leave output_readability patch unapplied because + it would break po translation. I'll integrate this into upstream + CVS with appropriate po changes. + * Tighten up build-deps on libmhash-dev to exclude the versions + that did not include libmhash.a. Allow old versions with the + proper lib to aid backporting. + * Standards version 3.6.1. + * Remove debconf ugliness from the aideinit script. All debconf + prompting is now done in config. + + -- Mike Markley Fri, 19 Dec 2003 04:33:44 -0800 + +aide (0.9-4) unstable; urgency=low + + * Applied patch for va_list problems and a bad malloc, many thanks + to Sam Hocevar (Closes: #154829) + + -- Mike Markley Fri, 13 Jun 2003 23:26:48 -0700 + +aide (0.9-3) unstable; urgency=low + + * Fix LC_MESSAGES directory (Closes: #190411) + * Moved debconf templates to po-debconf w/patch from Andre Luis Lopes + (Closes: #187508) + * Build-Depends: on flex-old until changes for new flex are made + (Closes: #191184) + + -- Mike Markley Sat, 24 May 2003 03:02:34 -0700 + +aide (0.9-2) unstable; urgency=low + + * Added patch to conf_yacc.y for missing ;s (Closes: #165342) + + -- Mike Markley Thu, 7 Nov 2002 22:51:20 -0800 + +aide (0.9-1) unstable; urgency=low + + * New upstream release. + * Tiger support works again (Closes: #144092) + + -- Mike Markley Sat, 22 Jun 2002 02:05:10 -0700 + +aide (0.8-2) unstable; urgency=low + + * Added build-dep for libgcrypt-dev (Closes: #136408, #137808) + + -- Mike Markley Fri, 15 Mar 2002 20:20:06 -0800 + +aide (0.8-1) unstable; urgency=low + + * New upstream release. + * Added english back into debconf templates as per barbier's + suggestions (Closes: #134500) + + -- Mike Markley Tue, 19 Feb 2002 23:41:29 -0800 + +aide (0.7-11) unstable; urgency=low + + * Fixed errorlog output display in cron script (Closes: #118013) + * Made output a little more readable with newlines (Closes: #90471) + * Implemented a LINES define as per Marc Haber's suggestions + Closes: #96734 + * Added Brazilian Portuguese debconf template (Closes: #106939) + * Now testing just /proc, not its contents, in default config + * Updated build-dep from libz-dev to zlib1g-dev + * Accidentally uploaded broken mkdep script previously, fixed now + Closes: #123888 + + -- Mike Markley Fri, 14 Dec 2001 00:17:22 -0800 + +aide (0.7-10) unstable; urgency=low + + * Added Spanish debconf template (Closes: #84414) + * Updated the ugly mkdep script to know about hurd + + -- Mike Markley Fri, 27 Jul 2001 01:51:51 -0700 + +aide (0.7-9) unstable; urgency=high + + * Fixed the call to debian/mkdep in rules - can now build from source + (Closes: #89214) + * Now uses dpkg-gencontrol -V instead of directly modifying substvars + + -- Mike Markley Fri, 16 Mar 2001 11:42:52 -0800 + +aide (0.7-8) unstable; urgency=high + + * The build should now correctly determine the correct libc dependencies + (Closes: #87597) + + -- Mike Markley Wed, 28 Feb 2001 16:02:53 -0800 + +aide (0.7-7) unstable; urgency=medium + + * Added swedish debconf templates (closes: #83746) + * Added french debconf templates (closes: #83763) + * Added german debconf template (closes: #83885) + * Added Build-Dep for debconf-utils + * Cron script now only mails first 1000 lines of each output file and directs + the recipient of the reports to the filename in which to find the output. + Closes: #83108 + + -- Mike Markley Mon, 29 Jan 2001 14:23:23 -0800 + +aide (0.7-6) unstable; urgency=medium + + * Added debhelper to build-depends (I need to somehow remind myself to do this + on all packages :), Closes: #68818 + + -- Mike Markley Wed, 9 Aug 2000 13:56:19 -0700 + +aide (0.7-5) unstable; urgency=medium + + * Added a test -f for the binary at the top of cron script (Closes: #67681) + * Cron script defaults to root if it can't find a MAILTO + + -- Mike Markley Mon, 7 Aug 2000 22:18:32 -0700 + +aide (0.7-4) unstable; urgency=medium + + * Added flex and bison to Build-Depends. closes: #64209 + + -- Mike Markley Tue, 16 May 2000 12:56:22 -0700 + +aide (0.7-3) unstable; urgency=medium + + * New heavily-commented config file with a bit more caution by default + * Removed old dir /usr/lib/aide from debian/dirs + * Further tweaks to cron script, now puts FQDN in all reports and warns + if the database doesn't exist (in case an attacker has simply deleted it) + + -- Mike Markley Thu, 4 May 2000 00:11:22 -0700 + +aide (0.7-2) unstable; urgency=medium + + * The cron script now gets the email address from /etc/aide/aide.conf + * Config file now defaults to specifying gzipped databases + * The aideinit script now passes any command-line params to aide + + -- Mike Markley Wed, 3 May 2000 00:40:50 -0700 + +aide (0.7-1) unstable; urgency=medium + + * New upstream source + * Patch for configure.in is now in upstream source + * Now passing --with-zlib to configure (allows compressed databases) + * Now passing --with-mhash to configure (gives a wider variety of hash algorithms) + * Moved data dir to /var/lib (for FHS compliancy) + + -- Mike Markley Sat, 29 Apr 2000 00:34:49 -0700 + +aide (0.6-3) unstable; urgency=low + + * Safe handling of tmp files + * Now strips aide binary + * Fixed manpath + * Fixed changelog filename + + -- Mike Markley Fri, 7 Apr 2000 18:52:11 -0700 + +aide (0.6-2) unstable; urgency=low + + * Compiled for potato and moved it over to debconf + + -- Mike Markley Tue, 28 Mar 2000 16:31:23 -0800 + +aide (0.6-1) unstable; urgency=low + + * Initial Release. + * Added a basic conf mostly yanked from manual.html + * Modified configure.in to actually honor the --sysconfdir + * debian/rules installs sample conf in /usr/lib/aide + + -- Mike Markley Thu, 17 Feb 2000 13:57:06 -0500 --- aide-0.15.1.orig/debian/update-aide.conf +++ aide-0.15.1/debian/update-aide.conf @@ -0,0 +1,206 @@ +#!/bin/bash +# update-aide.conf(8) - Generate /var/lib/aide/aide.conf.autogenerated + +# this has been mercilessly ripped from exim4's update-exim4.conf + +UPAC_CONFDIR="/etc/aide" +UPAC_CONFD="$UPAC_CONFDIR/aide.conf.d" +UPAC_SETTINGSD="$UPAC_CONFDIR/aide.settings.d" + +if [ -f /etc/default/aide ]; then + . /etc/default/aide +fi + +UPAC_confdir="$UPAC_CONFDIR" +UPAC_confd="$UPAC_CONFD" +UPAC_settingsd="$UPAC_SETTINGSD" +UPAC_verbose=no +UPAC_comments=no +UPAC_autoconfigfile=/var/lib/aide/aide.conf.autogenerated +UPAC_outputfile="${UPAC_autoconfigfile}" + +export UPAC_verbose +export UPAC_confdir +export UPAC_confd +export UPAC_settingsd + +usage() { +cat <&2 + exit 1 +fi + +eval set -- ${TEMP} +while test "$1" != "--"; do + case $1 in + -h|--help) + usage + exit 0 + ;; + -v|--verbose) + UPAC_verbose=yes + ;; + --keepcomments) + UPAC_comments=yes + ;; + --removecomments) + UPAC_comments=no + ;; + -o|--output) + shift + UPAC_outputfile="$1" + ;; + -d|--confdir) + shift + UPAC_confdir="$1" + ;; + -D|--confd) + shift + UPAC_confd="$1" + ;; + -S|--settingsd) + shift + UPAC_settingsd="$1" + ;; + esac + shift +done +shift + +# No non-option arguments allowed. +if [ "$#" -ne 0 ]; then + echo "No non option arguments ($@) allowed" >&2 + usage >&2 + exit 1 +fi + +[ -d ${UPAC_confd} ] || \ +{ printf "$0: Error, no ${UPAC_confd}, exiting.\n" 1>&2 ; exit 1 ; } + +[ -d $(dirname $UPAC_outputfile) ] || \ +{ printf "$0: Error, missing $(dirname $UPAC_outputfile), exiting.\n" 1>&2 ; exit 1 ; } + +# run-parts emulation, stolen from Branden's /etc/X11/Xsession +# Addition: Use file.rul instead if file if it exists. +run_parts () { + # reset LC_COLLATE + unset LANG LC_COLLATE LC_ALL + + if [ -z "$1" ]; then + errormessage "$0: internal run_parts called without an argument" + fi + if [ ! -d "$1" ]; then + errormessage "$0: internal run_parts called, but $1 does not exist or is not a directory." + fi + for F in $(ls $1); do + if expr "$F" : '[[:alnum:]_-]\+$' > /dev/null 2>&1; then + if [ -f "$1/$F" ] ; then + if [ -f "$1/${F}.rul" ] ; then + echo "$1/${F}.rul" + else + echo "$1/$F" + fi + fi + fi + done; +} + +cat_parts() { + if [ -z "$1" ]; then + errormessage "$0: internal cat_parts called without an argument" + fi + if [ ! -d "$1" ]; then + errormessage "$0: internal cat_parts called, but $1 does not exist or is not a directory." + fi + for file in $(run_parts $1); do + if [ -x "$file" ]; then + echo "#####################################################" + echo "### output of invoking $file" + echo "#####################################################" + $file + echo + echo "#####################################################" + echo "### end of $file output" + echo "#####################################################" + else + echo "#####################################################" + echo "### $file" + echo "#####################################################" + cat $file + echo + echo "#####################################################" + echo "### end $file" + echo "#####################################################" + fi + done +} + +removecomments(){ + if [ "x${UPAC_comments}" = "xno" ] ; then + grep -E -v '^[[:space:]]*#' | sed -e '/^$/N;/\n$/D' ; + else + cat + fi +} + +# also from Branden +errormessage () { + # pretty-print messages of arbitrary length (no trailing newline) + echo "$*" | fold -s -w ${COLUMNS:-80} >&2; +} + +cat << EOF > ${UPAC_outputfile}.tmp +######### +# WARNING WARNING WARNING +# WARNING WARNING WARNING +# WARNING WARNING WARNING +# WARNING WARNING WARNING +# WARNING WARNING WARNING +# this file is generated dynamically from /etc/aide/aide.conf and the files +# in /etc/aide/aide.conf.d +# Any changes you make here will be lost. +# WARNING WARNING WARNING +# WARNING WARNING WARNING +# WARNING WARNING WARNING +# WARNING WARNING WARNING +# WARNING WARNING WARNING +######### +EOF + +(cat ${UPAC_confdir}/aide.conf 2>/dev/null; cat_parts ${UPAC_confd}) | \ + removecomments | \ + sed '\;^[=!/]; s;/;/@@{ROOTPREFIX};' \ + >> ${UPAC_outputfile}.tmp + +# test validity if called without -o +# this is not currently possible with AIDE (see bug #289171), +# but can be easily enabled with this (of course untested) example code +#if [ "x${UPAC_outputfile}" = "x${UPAC_autoconfigfile}" ] && \ +# [ -x ${AIDE} ] ; then +# if ! ${AIDE} --config "${UPAC_outputfile}.tmp" > /dev/null ; then +# errormessage "Invalid new configfile ${UPAC_outputfile}.tmp" +# errormessage "not installing ${UPAC_outputfile}.tmp to ${UPAC_outputfile}" +# exit 1 +# fi +#fi + +mv -f ${UPAC_outputfile}.tmp ${UPAC_outputfile} --- aide-0.15.1.orig/debian/watch +++ aide-0.15.1/debian/watch @@ -0,0 +1,3 @@ +version=3 +opts=versionmangle=s/-rc/~rc/ \ + http://sf.net/aide/aide-(.+)\.tar\.gz --- aide-0.15.1.orig/debian/aide-common.examples +++ aide-0.15.1/debian/aide-common.examples @@ -0,0 +1 @@ +debian/examples/31_example_exclude-homes --- aide-0.15.1.orig/debian/copyright +++ aide-0.15.1/debian/copyright @@ -0,0 +1,75 @@ +This package was debianized by Mike Markley mike@markley.org on +Thu, 17 Feb 2000 13:57:06 -0500. + +It was downloaded from ftp://ftp.cs.tut.fi/pub/src/gnu/ and is +currently available from http://sourceforge.net/projects/aide + +Upstream Authors: Rami Lehti + Pablo Virolainen + +Copyright 1999-2002 by Rami Lehti and Pablo +Virolainen + +Copyright 2003-2009 by Richard van den Berg , Rami +Lehti , Pablo Virolainen + +Copyright 2010 by Richard van den Berg , Hannes von +Haugwitz , Rami Lehti , Pablo +Virolainen + +Debian packaging is done by Mike Markley, Marc Haber and Hannes von Haugwitz. + +Copyright: + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +A copy of the GNU General Public License, version 2, can be found in +/usr/share/common-licenses/GPL or in the COPYING file included with the +source. + +Files with differing copyright: + +src/snprintf.c (from rsync) +/* + * Copyright Patrick Powell 1995 + * This code is based on code written by Patrick Powell (papowell@astart.com) + * It may be used for any purpose as long as this notice remains intact + * on all source code distributions + */ + +src/fopen.c - non-standard license: + * Coyright (c)2003 Simtec Electronics + * + * Re-implemented by Vincent Sanders with extensive + * reference to original curl example code + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +(this is nearly verbatim a 3 clause BSD license) --- aide-0.15.1.orig/debian/aide-common.dirs +++ aide-0.15.1/debian/aide-common.dirs @@ -0,0 +1,10 @@ +usr/bin +usr/sbin +etc/aide +etc/aide/aide.conf.d +etc/aide/aide.settings.d +etc/cron.daily +etc/default +var/lib/aide +var/log/aide +usr/share/lintian/overrides --- aide-0.15.1.orig/debian/README.source +++ aide-0.15.1/debian/README.source @@ -0,0 +1,5 @@ +This package uses dpatch to manage all modifications to the upstream +source. Changes are stored in the source package as diffs in +debian/patches and applied during the build. + +For more information, see /usr/share/doc/dpatch/README.source.gz --- aide-0.15.1.orig/debian/aide-attributes.1 +++ aide-0.15.1/debian/aide-attributes.1 @@ -0,0 +1,53 @@ +.TH aide-attributes 1 "May 30, 2010" +.SH NAME +aide-attributes \- decode and compare hex-encoded attribute numbers +.SH SYNOPSIS +.B aide\-attributes +.I HEX_NUMBER +.RI [ HEX_NUMBER ] +.SH DESCRIPTION +.B aide-attributes +decodes hex-encoded attribute numbers to attribute names or displays the +differences between two attribute numbers. The script is useful to decode +the attribute numbers as shown in the 'Entry X in database has different +attributes: OLD_HEX_NUMBER NEW_HEX_NUMBER' message. +.SH EXAMPLES +.PP +Decode the hex number 'c3d' to attribute names: +.RS +.fam C +$ aide-attributes c3d +.br +filename +.br +perm +.br +uid +.br +gid +.br +size +.br +bcount +.br +lnkcount +.fam T +.RE +.PP +Display the differences between two hex-encoded attribute numbers: +.RS +.fam C +$ aide-attributes c3d fbd +.br ++ctime +.br ++mtime +.br ++inode +.fam T +.RE +.SH "SEE ALSO" +\fBaide\fR(1) +.SH "AUTHOR" +This manual was written by Hannes von Haugwitz , +for the Debian GNU/Linux system (but may be used by others). --- aide-0.15.1.orig/debian/aide-common.config +++ aide-0.15.1/debian/aide-common.config @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +# We need debconf. +. /usr/share/debconf/confmodule + +if [ -n "$AIDEDEBUG" ]; then + echo "now debugging $0 $@" + set -x +fi + +STATE=1 +while [ "$STATE" != "stop" ]; do + case "$STATE" in + 1) + db_input medium aide/aideinit || true + db_go + db_get aide/aideinit + if [ "$RET" = "true" ]; then + if [ -f "/var/lib/aide/aide.db.new" ]; then + db_input medium aideinit/overwritenew || true + db_go + db_get aideinit/overwritenew + else + RET="true" + fi + if [ "$RET" = "true" ]; then + db_input high aideinit/copynew || true + db_go + fi + fi + db_go && STATE=2 + ;; + 2) + if [ -d /usr/lib/aide ]; then + db_input medium aide/newlibdir || true + db_go && STATE=stop + else + db_set aide/newlibdir false + STATE=stop + fi + ;; + esac +done --- aide-0.15.1.orig/debian/aide-common.postinst +++ aide-0.15.1/debian/aide-common.postinst @@ -0,0 +1,104 @@ +#!/bin/sh +# +# post-installation script for AIDE +# A whole lot of this is "borrowed" from tripwire's postinst +# + +set -e + +# We need debconf. +. /usr/share/debconf/confmodule + +if [ -n "$AIDEDEBUG" ]; then + echo "now debugging $0 $@" + set -x +fi + +PKGNAME="aide" + +# Flags to be passed to aideinit +aideinitflags="-b" + +# Make sure we should be running... +case "$1" in + configure) + # continue below + ;; + abort-upgrade|abort-remove|abort-deconfigure) + exit 0 + ;; + *) + echo "postinst called with unknown argument "$1 >&2 + exit 0 + ;; +esac + +SRCDIR="/usr/share/$PKGNAME/config" +TRGDIR="/etc" +UCF="ucf --debconf-ok --three-way" +UCFR="ucfr" + +(cd "$SRCDIR" && find -type d -print0 ) | \ + (cd "$TRGDIR"&& xargs -0 mkdir -p --) + +for file in $(find $SRCDIR -type f -printf '%P\n' ); do + OLDSUM="" + if [ -f "$TRGDIR/$file" ]; then + OLDSUM="$(md5sum "$TRGDIR/$file")" + fi + $UCF "$SRCDIR/$file" "$TRGDIR/$file" + $UCFR "$PKGNAME" "$TRGDIR/$file" + if cmp --quiet "$SRCDIR/$file" "$TRGDIR/$file" && \ + [ "$OLDSUM" != "$(md5sum "$TRGDIR/$file")" ]; then + # "$TRGDIR/$file" has changed while ucf was running and it changed + # to the file that was shipped with the package. We (hopefully safely) + # assume that this means that the user decided to accept the new + # version, and we're now copying over the file mode as well. + # This is a workaround for ucf issue #406476. + chmod --reference="$SRCDIR/$file" "$TRGDIR/$file" + fi +done + +(umask 077 && mkdir -p /var/run/aide) + +db_get aide/newlibdir +if [ "$RET" = "true" ]; then + if [ -d /var/lib/aide ]; then + echo "It appears that /usr/lib/aide and /var/lib/aide both exist." + echo "You'll have to fix this one yourself." + else + echo "Moving /usr/lib/aide to /var/lib..." + mv /usr/lib/aide /var/lib/aide + fi + db_set aide/newlibdir false +fi + +if ! [ -x "/usr/bin/aide" ]; then + echo >&2 "no /usr/bin/aide found, check your dependencies" + exit 1 +fi + +db_get aide/aideinit +if [ "$RET" = "true" ]; then + if [ -f "/var/lib/aide/aide.db.new" ]; then + db_get aideinit/overwritenew + if [ "$RET" = "true" ]; then + aideinitflags="$aideinitflags -y" + fi + fi + db_get aideinit/copynew + if [ "$RET" = "true" ]; then + aideinitflags="$aideinitflags -f" + fi + # generate configuration + update-aide.conf + # borrowed this trick from man-db + # just making sure it actually ends up in the background... + start-stop-daemon --start --background --pidfile /dev/null \ + --startas /usr/sbin/aideinit -- $aideinitflags + db_set aide/aideinit false +fi + +#DEBHELPER# + +exit 0 --- aide-0.15.1.orig/debian/aide-common.README.Debian +++ aide-0.15.1/debian/aide-common.README.Debian @@ -0,0 +1,226 @@ +AIDE for Debian +--------------- + +Debian's aide packages add some value and functionality to AIDE. Most +of this functionality is delivered by scripts and is configured via +the Debian configuration file in /etc/default/aide. That file is +extensively commented. + +In normal use, aide runs unattended as a daily cron job +(/etc/cron.daily/aide, which is explained below). In its default +setup, it sends out daily reports. + + +Installation +^^^^^^^^^^^^ +On installation, debconf questions are asked at medium priority +to query the user whether to initialize the AIDE database and whether +to automatically place the new database at a place where aide can +pick it up as a reference. aideinit, the script used to initialize +the database, has a man page, and can be invoked at the users' +discretion at a later time. + + +Configuring AIDE the Debian way +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +AIDE's Debian default configuration takes a very paranoid stance and +is likely to report more changes than you will need to focus your +attention on. + +The AIDE configuration used by the Debian scripts is maintained in +/etc/aide/aide.conf and /etc/aide/aide.conf.d. The script +update-aide.conf is used to concatenate /etc/aide/aide.conf and +/etc/aide/aide.conf.d to /var/lib/aide/aide.conf.autogenerated, which +is the input configuration file for the actual aide binary. The +databases are kept in /var/lib/aide by default. update-aide.conf has +a man page. + +The aide wrapper will invoke update-aide.conf automatically before +running aide. Using update-aide.conf is generally not necessary in +normal operation. + +After changing your aide configuration, you might want to re-build +your database either by using the aideinit script, or aide itself via +aide --init or aide --update. Otherwise, you will on the next run get +a spurious comparison between a newly generated database and the old +reference database. Doing this update with aide --update is generally +recommended since this gives you a chance to spot changes in the file +system that were done between the last aide run and re-building of the +database. + + +Common configuration issues +^^^^^^^^^^^^^^^^^^^^^^^^^^^ +By default, aide checks the entire file system, including /home. This +may be undesireable for a system with actively used shell accounts. +You might want to exclude the home directories of your active shell +users explicitly, which will cut down aide run time severely for big +home directories. + +Aide's default configuration includes rule files for the most common +packages. For a more comprehensive set of rules, users of other +packages are encouraged to submit their rules for inclusion in the +aide distribution. Aide rules can both be included with aide, or with +the respective package. From a security point of view, it is desirable +to have the aide rules come with the respective package, since this +makes sure that the only files excluded from the aide check are those +that are actually in use on the system. This approach minimizes the +amount of unneeded aide rules being in place in normal system +operation, but needs the cooperation of the other maintainers. + +Aide rules that come with other packages should be placed as +/etc/aide/aide.conf.d/nn_foo_rulename, with foo being the name of the +package that contains them, to minimize the potential of conflict. +Fellow Debian maintainers, if you include aide rules in your package, +please file a bug against aide, so that the respective rules can be +removed from the aide package. Users, if you detect a conflict between +a rule in the aide package and a rule from another package, please +file a bug against aide so that the issue can be cleared up. Of +course, the local admin of a system can locally resolve the rule +conflict by editing the files - they are dpkg-conffiles. + +Administrators who would like to have full control about their rules +can - for example - set UPAC_CONFD="$UPAC_CONFDIR/aide.conf.local.d" +in /etc/default/aide and populate aide.conf.local.d with the rules +that they really want. Symlinks are accepted, so it is possible to +take advantage of future rule updates by symlinking from +/etc/aide/aide.conf.d. + + +the daily AIDE cron job +^^^^^^^^^^^^^^^^^^^^^^^ +Main work of the aide package happens in a daily cron job, which is +installed to /etc/cron.daily/aide and thus runs as part of cron.daily +processing. + +The daily cron job invokes aide.wrapper and captures standard output +and standard error to files. The actual command which is invoked is +controlled by the COMMAND variable in /etc/default/aide, and +additional parameters can be passed in via AIDEARGS in +/etc/default/aide. Standard output ends up in /var/log/aide/aide.log, +and standard error in /var/log/aide/error.log. Both files are rotated, +so that older reports stay available. + +After running aide, the newly generated database which was created +with COMMAND="update" is optionally copied over the old reference +database. This might be necessary for the ANF/ARF feature to properly +handle logs that have been rotated multiple times. COPYNEWDB="no" is +the default because automatically copying the database unconditionally +(COPYNEWDB="yes") might be dangerous since detected changes are only +reported once. If you use COPYNEWDB="yes" and do not manually increase +the verbosity level by setting (for example) AIDEARGS="-V5" in +/etc/default/aide, you lose the possibility of inspecting the changes +more closely. A third option, COPYNEWDB="ifnochange" only copies the +new database over the old one if aide has not detected any changes. In +this case, you need to manually copy over the databases after the +first report showing changes, or your ANF+ARF rules (including rotated +log files etc) are going to stop working. + +The cron job then mails aide's output to the address configured as +MAILTO if either + - reportable changes have been found or + - no reportable changes have been found and QUIETREPORTS is not + set to "yes". +These mails go to root by default. + +That means, that if QUIETREPORTS="yes", no message with contents "no +changes detected, everything is fine" will be sent. + +Error and standard output are truncated to the first LINES lines each +in the e-mail message. If the output was truncated, this is +prominently visible in the e-mail. Also, if aide returned a non-zero +exit value, this is mentioned in the e-mail as this is usually a sign +of things having gone very wrong. + +MAILTO is run through one stage of shell evaluation, so it is possible +to have the message mailed to recipients depending on variable values, +such as the host name. + +If NOISE is set to a regular expression, lines matching are filtered +out in the e-mail report. This is commonly used in environments where +some changes are not important enough to be part of the e-mail +report that is read by humans, but should be in the log nevertheless +for future reference. A second, not de-noised copy of the output is +included as well. + + +/usr/bin/aide.wrapper +^^^^^^^^^^^^^^^^^^^^^ +The Debian scripts invoke aide via the wrapper /usr/bin/aide.wrapper +which re-builds the aide configuration, gives Debian-specific +parameters to the aide binary and uses dotlockfile to make sure that +only one aide process runs at a time. Multiple aide processes running +on the same databases might corrupt the database and do bad things +with the logs. + +If you intend to use AIDE for your own use, please note that aide is +compiled to use /dev/null as the default configuration file, so you +_always_ need to give the path to a configuration file. This is to +prevent a local invocation of aide from messing with the Debian +database. + +aide.wrapper needs to run with root privileges. + + +error mmap'ing some/file +^^^^^^^^^^^^^^^^^^^^^^^^ +aide performs an mmap() on files that it scans in order to perform its +various checksums more quickly. Some special files, however, may not +be mmap()ed. The new default config excludes these files in +particular. + + +statically linked +^^^^^^^^^^^^^^^^^ +Also note that aide is statically linked by default. This is because of the +possibility of an attacker modifying libc or the like, wrapping system calls +and compromising the integrity of aide's reports even if the binary and data- +base are sitting on physically write-protected media. Of course this could +be done at the kernel level as well, but changing the currently running kernel +results in a lot more disruption (i.e. reboot) than sneaking a new libc in. +It's a security tool, of course we're paranoid ;). + + +how to audit vservers and chroots from the host system +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +You can easily audit vservers and chroots from the host system. If you +are sure that all your systems need the same audit rules, you can +set the variable @@{ROOTPREFIX} to a regexp that matches the empty string +_and_ the path to your vserver file systems: +@@define ROOTPREFIX (|vservers/foo/|vservers/bar/) +Make sure that it matches the empty string or your exceptions will not +work for the host system. ROOTPREFIX can also be set by code like + #!/bin/sh + ROOTLIST="" + for i in $(ls /vservers); do + ROOTLIST="$ROOTLIST|/vservers/$i" + done + echo "@@define VSERVERS $ROOTLIST" +in an executeable rule "early" in your AIDE setup. update-aide.conf +will automatically add @@{ROOTPREFIX} to all rules, eliminating the +need to touch the rules. Thanks to Christian Theater for that idea +and to Russell Gadd for additional input. + +If you want your vservers to be audited differently, you'll need to +replicate the rules. Even a mixture of the automatic method outlined +above and this more manual approach is possible. + + +Low Memory Systems +~~~~~~~~~~~~~~~~~~ +AIDE keeps its database and some additional information in memory at +run-time. Please make sure that an adequate amount of physical memory +and swap is available when aide runs. If adding more memory and/or +swap is not possible, it might be helpful to exclude bigger parts of +the file system using a "!" directive. Please note that this +sacrifices some security as parts of the file system remain unchecked. + + +authors +^^^^^^^ +This file is maintained by Marc Haber, starting from the README.Debian +by Mike Markley , last changed on Fri, 19 Dec 2003 +02:47:49 -0800. + +See /usr/share/doc/aide/changelog.Debian.gz for an actual changelog +and current timestamps for package and docs. --- aide-0.15.1.orig/debian/aide-common.postrm +++ aide-0.15.1/debian/aide-common.postrm @@ -0,0 +1,47 @@ +#!/bin/sh +# +# post-removal script for AIDE +# A whole lot of this is "borrowed" from tripwire's postinst +# + +set -e + +if [ -n "$AIDEDEBUG" ]; then + echo "now debugging $0 $@" + set -x +fi + +PKGNAME="aide" + +# Make sure we should be running... +[ "$1" = "purge" ] || exit 0 + +UCF="ucf" +UCFR="ucfr" + +if command -v ucfq >/dev/null; then + for file in $(ucfq --with-colons "$PKGNAME" | cut --delimiter=: --fields=1); do + for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist; do + rm -f ${file}$ext + done + rm -f ${file} + + if command -v $UCF >/dev/null; then + $UCF --purge ${file} + fi + if command -v $UCFR >/dev/null; then + $UCFR --purge $PKGNAME ${file} + fi + done +else + echo >&2 "ucf no longer installed, not cleaning up" +fi + +rm -f /var/lib/aide/aide.db /var/lib/aide/aide.db.new /var/lib/aide/aide.conf.autogenerated +for dir in /var/lib/aide /var/run/aide; do + if [ -d "$dir" ]; then + rmdir --ignore-fail-on-non-empty "$dir" + fi +done + +#DEBHELPER# --- aide-0.15.1.orig/debian/aide.install +++ aide-0.15.1/debian/aide.install @@ -0,0 +1 @@ +debian/lintian/overrides/aide usr/share/lintian/overrides --- aide-0.15.1.orig/debian/aide-xen.install +++ aide-0.15.1/debian/aide-xen.install @@ -0,0 +1 @@ +debian/lintian/overrides/aide-xen usr/share/lintian/overrides --- aide-0.15.1.orig/debian/aide.wrapper.8 +++ aide-0.15.1/debian/aide.wrapper.8 @@ -0,0 +1,52 @@ +.TH AIDE.WRAPPER 8 "May 26, 2006" +.SH NAME +aide.wrapper \- call aide binary for Debian mechanisms +.SH SYNOPSIS +.B aide.wrapper +.RI [ options ] +.SH DESCRIPTION +.B aide.wrapper +calls the +.B aide +binary with +.B --config +appropriate for the mechanisms automatically used in the Debian +package. To prevent damage to the database, +.B aide.wrapper +takes out a lock and will refuse to run a second aide process when +there is still another one running. + +If no +.B --config +option explicitly given, +.B aide.wrapper +will set +.B --config +to +.B /var/lib/aide/aide.conf.autogenerated +and invoke +.B update-aide.conf +prior to invoking the aide binary. +.PP +.SH OPTIONS +.B aide.wrapper +hands down all options down to the aide binary verbatim and only +detects the presence of +.B --config +to determine whether to call +.B update-aide.conf +or not. +.SH FILES +.TP +.B /etc/aide/aide.conf +AIDE configuration file +.TP +.B /usr/bin/aide +AIDE binary +.TP +.B /var/run/aide.lock +Lock file +.SH AUTHOR +This manual page was written by Marc Haber + for the Debian GNU/Linux system +(but may be used by others). --- aide-0.15.1.orig/debian/aide_fixperms +++ aide-0.15.1/debian/aide_fixperms @@ -0,0 +1,20 @@ +#!/bin/bash + +EXTRAPACKAGES="aide-config-zg2" + +fixperm() { + file=$1 + if < $file head -n 1 | grep -q '^#!'; then + chmod 755 $file + fi +} + +for file in $(find debian/aide-common/usr/share/aide/config/aide -type f -print 2>/dev/null); do + fixperm $file +done + +for package in $EXTRAPACKAGES; do + for file in $(find debian/$package/usr/share/$package/config/aide -type f -print 2>/dev/null); do + fixperm $file + done +done --- aide-0.15.1.orig/debian/aide-config-zg2.install +++ aide-0.15.1/debian/aide-config-zg2.install @@ -0,0 +1 @@ +debian/aide.conf.zg2.d usr/share/aide-config-zg2/config/aide --- aide-0.15.1.orig/debian/aide-common.doc-base +++ aide-0.15.1/debian/aide-common.doc-base @@ -0,0 +1,10 @@ +Document: aide +Title: The AIDE manual +Author: Rami Lehti +Abstract: The AIDE manual describes what aide is and how it can be compiled, + configured and used. +Section: System/Security + +Format: HTML +Index: /usr/share/doc/aide-common/manual.html +Files: /usr/share/doc/aide-common/manual.html --- aide-0.15.1.orig/debian/aide-config-zg2.postinst +++ aide-0.15.1/debian/aide-config-zg2.postinst @@ -0,0 +1,44 @@ +#!/bin/sh +# +set -e + +# We need debconf. +. /usr/share/debconf/confmodule + +if [ -n "$AIDEDEBUG" ]; then + echo "now debugging $0 $@" + set -x +fi + +PKGNAME="aide-config-zg2" + +# Make sure we should be running... +case "$1" in + configure) + # continue below + ;; + abort-upgrade|abort-remove|abort-deconfigure) + exit 0 + ;; + *) + echo "postinst called with unknown argument "$1 >&2 + exit 0 + ;; +esac + +SRCDIR="/usr/share/$PKGNAME/config" +TRGDIR="/etc" +UCF="ucf --debconf-ok --three-way" +UCFR="ucfr" + +(cd "$SRCDIR" && find -type d -print0 ) | \ + (cd "$TRGDIR"&& xargs -0 mkdir -p --) + +for file in $(find "$SRCDIR" -type f -printf '%P\n' ); do + $UCF "$SRCDIR/$file" "$TRGDIR/$file" + $UCFR "$PKGNAME" "$TRGDIR/$file" +done + +#DEBHELPER# + +exit 0 --- aide-0.15.1.orig/debian/aide-common.docs +++ aide-0.15.1/debian/aide-common.docs @@ -0,0 +1 @@ +AUTHORS NEWS README doc/manual.html --- aide-0.15.1.orig/debian/aide-common.install +++ aide-0.15.1/debian/aide-common.install @@ -0,0 +1,9 @@ +debian/aide.conf usr/share/aide/config/aide +debian/aide.conf.d usr/share/aide/config/aide +debian/aide.settings.d usr/share/aide/config/aide +debian/default/aide usr/share/aide/config/default +debian/cron.daily/aide usr/share/aide/config/cron.daily +debian/aideinit usr/sbin +debian/update-aide.conf usr/sbin +debian/wrapper/aide.wrapper usr/bin +debian/lintian/overrides/aide-common usr/share/lintian/overrides \ No newline at end of file --- aide-0.15.1.orig/debian/aideinit.8 +++ aide-0.15.1/debian/aideinit.8 @@ -0,0 +1,44 @@ +.TH AIDEINIT 8 "Dec 19, 2003" +.SH NAME +aideinit \- create a new AIDE database +.SH SYNOPSIS +.B aideinit +.RI [ options ] +.SH DESCRIPTION +.B aideinit +creates a new AIDE database. It will initialize an AIDE database in the default database_out location. It will then prompt you to replace your existing AIDE database. In most cases you will want to check for any problems before doing this. +.PP +.B aideinit +attempts to automatically detect the correct locations of your database and database_out files based on your aide.conf settings. These settings may be overridden on the command line, as may the prompts. +.SH OPTIONS +.TP +.B -y, --yes +Overwrite database_out file +.TP +.B -f, --force +Force overwrite of database with new database +.TP +.B -c, --config +Specify alternate config file +.TP +.B -o, --output +Specify alternate output file +.TP +.B -d, --database +Specify alternate database file +.TP +.B -b, --background +Run in the background (will mail any errors to aide.conf MAILTO or root) +.SH FILES +.TP +.B /etc/aide/aide.conf, /etc/aide/aide.conf.d +Default AIDE configuration files +.TP +.B /var/lib/aide/aide.db +Default location for AIDE database +.TP +.B /var/lib/aide/aide.db.new +Default location for newly-created AIDE database +.SH AUTHOR +This manual page was written by Mike Markley , +for the Debian GNU/Linux system (but may be used by others). --- aide-0.15.1.orig/debian/aide-common.prerm +++ aide-0.15.1/debian/aide-common.prerm @@ -0,0 +1,15 @@ +#!/bin/sh + +set -e + +if [ -n "$AIDEDEBUG" ]; then + echo "now debugging $0 $@" + set -x +fi + +pkg=aide +if ( [ "$1" = "upgrade" ] || [ "$1" = "remove" ] ) && [ -L /usr/doc/$pkg ]; then + rm -f /usr/doc/$pkg +fi + +#DEBHELPER# --- aide-0.15.1.orig/debian/source/format +++ aide-0.15.1/debian/source/format @@ -0,0 +1 @@ +1.0 \ No newline at end of file --- aide-0.15.1.orig/debian/po/vi.po +++ aide-0.15.1/debian/po/vi.po @@ -0,0 +1,122 @@ +# Vietnamese Translation for aide. +# Copyright © 2006 Free Software Foundation, Inc. +# Clytie Siddall , 2005-2006. +# +msgid "" +msgstr "" +"Project-Id-Version: aide 0.11.99.20060718-1.0\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-30 20:36+0930\n" +"Last-Translator: Clytie Siddall \n" +"Language-Team: Vietnamese \n" +"Language: vi\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0;\n" +"X-Generator: LocFactoryEditor 1.6fc1\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Khởi động cơ sở dữ liệu AIDE không?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Trước khi có thể sử dụng AIDE, bạn sẽ cần phải khởi tạo một co sở dữ liệu. " +"Bạn có thể làm việc này ngay bây giờ ở đây, hoặc chạy tập lệnh « /usr/sbin/" +"aideinit » từ trình bao sau này." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Di chuyển các tập tin dữ liệu AIDE từ thư mục cũ đến điều mới không?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"Trình AIDE lúc bây giờ cất giữ các cơ sở dữ liệu trong « /var/lib/aide » " +"theo mặc định. Hình như bạn đã cài đặt một phiên bản cũ hơn mà dùng « /usr/" +"lib/aide ». Bạn có khả năng di chuyển tự động các tập tin dữ liệu." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Ghi đè lên tập tin « /var/lib/aide/aide.db.new » tồn tại không?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Bạn đã có một co sở dữ liệu AIDE mới tạo ra trong « /var/lib/aide/aide.db." +"new ». Nếu bạn bật tùy chọn này, tập tin tồn tại sẽ bị ghi đè bằng dữ liệu " +"mới đã được giành từ tình trạng hiện thời của hệ thống tập tin của bạn." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Sao chép « aide.db.new » sang « aide.db » không?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Đệ nghị bạn kiểm tra xem tập tin mới « /var/lib/aide/aide.db.new » là thích " +"hợp, trước khi thay thế cơ sở dữ liệu đã có. Ở đây, bạn vẫn còn có khả năng " +"báo gói này thay thế co sở dữ liệu đó." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Nếu bạn không bật tùy chọn này, bạn sẽ cần phải sao chép tập tin « /var/lib/" +"aide/aide.db.new » sang « /var/lib/aide/aide.db » để cho trình AIDE sử dụng " +"nó được." + +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "Mặc định là gửi thông báo hàng ngày cho người chủ (root)." + +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "" +#~ "Bạn có khả năng thay đổi tùy chọn này trong tập tin « /etc/default/aide »." + +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "Để sử dụng trình AIDE, bạn cần phải khởi động một cơ sở dữ liệu" + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "" +#~ "Để làm như thế, chỉ đơn giản hãy sử dụng tập lệnh « /usr/sbin/aideinit »." + +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "" +#~ "Bạn cần phải cài đặt tập tin «aide.db.new» là «/var/lib/aide/aide.db»." + +#~ msgid "Where should daily reports be mailed?" +#~ msgstr "Bạn có muốn gửi thông báo hàng ngày cho địa chỉ nào?" --- aide-0.15.1.orig/debian/po/de.po +++ aide-0.15.1/debian/po/de.po @@ -0,0 +1,110 @@ +# translation of aide_0.11.99.20060718-1.0_de.po to German +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# +# Erik Schanze , 2004-2006. +msgid "" +msgstr "" +"Project-Id-Version: aide_0.11.99.20060718-1.0_de\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-10-03 00:24+0200\n" +"Last-Translator: Erik Schanze \n" +"Language-Team: German \n" +"Language: de\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.2\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Datenbank für AIDE anlegen?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Bevor Sie AIDE benutzen können, müssen Sie eine Datenbank einrichten. Sie " +"können das gleich jetzt erledigen oder später das Skript '/usr/sbin/" +"aideinit' in der Kommandozeile aufrufen." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "AIDE-Dateien aus dem alten ins neue Verzeichnis verschieben?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE legt die Datenbank jetzt standardmäßig im Verzeichnis /var/lib/aide ab. " +"Es scheint bereits eine ältere Version installiert zu sein, die das " +"Verzeichnis /usr/lib/aide verwendet. Sie können die Dateien automatisch " +"verschieben lassen." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Vorhandene Datei /var/lib/aide/aide.db.new überschreiben?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Es gibt bereits eine neu erstellte AIDE-Datenbank in der Datei /var/lib/aide/" +"aide.db.new. Wenn Sie dieser Auswahl zustimmen, wird die bestehende Datei " +"mit den Daten überschrieben, die vom aktuellen Zustand Ihres Systems " +"ermittelt wurden." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Soll aide.db.new nach aide.db kopiert werden?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Sie sollten sich die Datei /var/lib/aide/aide.db.new erst einmal ansehen, " +"bevor Sie die vorhandene Datenbank überschreiben. Sie können die Datenbank " +"aber trotzdem jetzt ersetzen." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Wenn Sie diese Auswahl ablehnen, müssen Sie die Datei /var/lib/aide/aide.db." +"new selbst nach /var/lib/aide/aide.db kopieren, bevor AIDE sie nutzen kann." --- aide-0.15.1.orig/debian/po/cs.po +++ aide-0.15.1/debian/po/cs.po @@ -0,0 +1,119 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: aide\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-23 21:03+0200\n" +"Last-Translator: Miroslav Kure \n" +"Language-Team: Czech \n" +"Language: cs\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Inicializovat databázi AIDE?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Dříve, než budete moci AIDE používat, musíte inicializovat databázi. Buď to " +"můžete provést rovnou zde, nebo můžete později v shellu spustit skript '/usr/" +"sbin/aideinit'." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Přesunout datové soubory ze starého do nového adresáře?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE nyní uchovává svou databázi ve /var/lib/aide. Zdá se, že máte " +"nainstalovanou starší verzi, která ještě používá /usr/lib/aide. Balík může " +"přesunout datové soubory na nové místo automaticky." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Přepsat stávající /var/lib/aide/aide.db.new?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Ve /var/lib/aide/aide.db.new se již nachází nově vygenerovaná databáze AIDE. " +"Povolíte-li tuto možnost, stávající soubor bude přepsán novými daty " +"získanými z aktuálního stavu vašeho souborového systému." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Zkopírovat aide.db.new na aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Před samotným nahrazením stávající databáze souborem /var/lib/aide/aide.db." +"new jej doporučujeme prohlédnout. Přesto můžete nechat balík, aby databázi " +"nahradil." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Jestliže tuto možnost nezvolíte, budete muset před použitím AIDE ručně " +"zkopírovat soubor /var/lib/aide/aide.db.new na /var/lib/aide/aide.db." + +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "Denní hlášení se implicitně zasílají uživateli root" + +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "Změnit to můžete v souboru /etc/default/aide." + +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "Než budete moci AIDE používat, musíte inicializovat databázi." + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "Pro to stačí jednoduše spustit skript '/usr/sbin/aideinit'." --- aide-0.15.1.orig/debian/po/ru.po +++ aide-0.15.1/debian/po/ru.po @@ -0,0 +1,110 @@ +# translation of aide_0.11.99.20060718-1.0-ru.po to Russian +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# +# Yuri Kozlov , 2006. +msgid "" +msgstr "" +"Project-Id-Version: 0.11.99.20060718-1.0\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-23 10:46+0400\n" +"Last-Translator: Yuri Kozlov \n" +"Language-Team: Russian \n" +"Language: ru\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.2\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" +"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Инициализировать базу данных AIDE?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Перед использованием AIDE вы должны инициализировать базу данных. Это можно " +"сделать прямо сейчас или запустив сценарий '/usr/sbin/aideinit' позже." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Переместить файлы данных AIDE из старого каталога в новый?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"Теперь AIDE по умолчанию хранит свои базы данных в каталоге /var/lib/aide. " +"Похоже, у вас установлена устаревшая версия программы, которая использует " +"каталог /usr/lib/aide. Можно переместить содержимое каталога автоматически." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Перезаписать существующий файл /var/lib/aide/aide.db.new?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"У вас уже есть созданная база AIDE в /var/lib/aide/aide.db. Если вы ответите " +"утвердительно, то существующий файл будет перезаписан новыми данными, " +"согласно состоянию файловой системы на данный момент." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Скопировать файл aide.db.new в aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Перед замещением существующей базы данных рекомендуется сначала посмотреть " +"содержимое файла /var/lib/aide/aide.db.new. Хотя можно заменить базу данных " +"прямо сейчас." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Если вы ответите отрицательно, то для того, чтобы AIDE могла использовать " +"базу данных, вам нужно скопировать файл /var/lib/aide/aide.db.new в файл /" +"var/lib/aide/aide.db." --- aide-0.15.1.orig/debian/po/el.po +++ aide-0.15.1/debian/po/el.po @@ -0,0 +1,143 @@ +# translation of el.po to Greek +# translation of templates.po to Greek +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# Konstantinos Margaritis , 2004. +# +msgid "" +msgstr "" +"Project-Id-Version: el\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2004-01-16 01:15EEST\n" +"Last-Translator: Konstantinos Margaritis \n" +"Language-Team: Greek \n" +"Language: el\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.0.2\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Να αρχικοποιηθεί η βάση δεδομένων του AIDE;" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "" +"Να μεταφερθούν τα αρχεία δεδομένων του AIDE από τον παλιό κατάλογο στο νέο;" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +#, fuzzy +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"Τώρα το AIDE, αποθηκεύει τις βάσεις δεδομένων του στον κατάλογο /var/lib/" +"aide εξ' ορισμού. Απ' ό,τι φαίνεται έχετε μια παλιότερη έκδοση που " +"χρησιμοποιεί τον κατάλογο /usr/lib/aide. Απαντήστε καταφατικά στην ερώτηση " +"για να μεταφερθεί ο κατάλογος αυτός." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Να αντικατασταθεί το υπάρχον αρχείο /var/lib/aide/aide.db.new;" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Να αντιγραφτεί το aide.db.new στο aide.db;" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +#, fuzzy +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "Θα πρέπει να αντιγράψετε το αρχείο /var/lib/aide/aide.db.new στο" + +#, fuzzy +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "Ημερήσιες αναφορές αποστέλλονται στο χρήστη root εξ ορισμού" + +#, fuzzy +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "Ημερήσιες αναφορές αποστέλλονται στο χρήστη root εξ ορισμού" + +#, fuzzy +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "" +#~ "Προτού το AIDE είναι έτοιμο για χρήση, θα πρέπει να αρχικοποιήσει τη βάση " +#~ "του." + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "" +#~ "Για να επιτευχθεί αυτό, απλώς εκτελέστε το σενάριο κελύφους '/usr/sbin/" +#~ "aideinit'." + +#, fuzzy +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "Θα πρέπει να αντιγράψετε το αρχείο /var/lib/aide/aide.db.new στο" + +#~ msgid "" +#~ "To change this, you can edit the @@define MAILTO line in /etc/aide/aide." +#~ "conf" +#~ msgstr "" +#~ "Για να αλλάξετε αυτή τη ρύθμιση, μπορείτε να τροποποιήσετε τη γραμμή " +#~ "@@define MAILTO στο αρχείο /etc/aide/aide.conf" + +#~ msgid "/var/lib/aide/aide.db before AIDE uses it." +#~ msgstr "" +#~ "/var/lib/aide/aide.db για να μπορέσει να χρησιμοποιηθεί από το AIDE." + +#~ msgid "" +#~ "It is advisable for you to first look over the new db. Say y to ignore " +#~ "this sage advice." +#~ msgstr "" +#~ "Συνιστάται να κοιτάξετε πρώτα τη νέα βάση. Απαντήστε καταφατικά για να " +#~ "αγνοήσετε αυτήν τη σοφή συμβουλή." --- aide-0.15.1.orig/debian/po/es.po +++ aide-0.15.1/debian/po/es.po @@ -0,0 +1,161 @@ +# aide po-debconf translation to spanish +# Copyright (C) 2004 Software in the Public Interest +# This file is distributed under the same license as the postfix package. +# +# Changes: +# - Initial translation +# Rudy Godoy , 2006 +# +# +# Traductores, si no conoce el formato PO, merece la pena leer la +# documentacin de gettext, especialmente las secciones dedicadas a este +# formato, por ejemplo ejecutando: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Equipo de traduccin al espaol, por favor lean antes de traducir +# los siguientes documentos: +# +# - El proyecto de traduccin de Debian al espaol +# http://www.debian.org/intl/spanish/coordinacion +# especialmente las notas de traduccin en +# http://www.debian.org/intl/spanish/notas +# +# - La gua de traduccin de po's de debconf: +# /usr/share/doc/po-debconf/README-trans +# o http://www.debian.org/intl/l10n/po-debconf/README-trans +# +msgid "" +msgstr "" +"Project-Id-Version: aide 0.12\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-10-17 14:08-0500\n" +"Last-Translator: Rudy Godoy \n" +"Language-Team: Debian Spanish \n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Inicializar la base de datos de AIDE?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Antes de que pueda usar AIDE, deber inicializar una base de\n" +"datos. Puede hacer esto inmediatamente ahora, o despus ejecutar desde\n" +"un shell el programa /usr/sbin/aideinit." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Mover datos de AIDE del directorio antiguo al nuevo?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"Ahora AIDE almacena su base de datos en /var/lib/aide de manera\n" +"predeterminada. Parece que tiene instalada una versin antigua que\n" +"usa /usr/lib/aide. Los ficheros de datos se pueden mover automticamente." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Reemplazar el fichero /var/lib/aide/aide.db.new existente?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Ya tiene una nueva base de datos de AIDE generada en\n" +"/var/lib/aide/aide.db.new. Si elige esta opcin, el fichero existente\n" +"ser sobreescrito con la nueva informacin obtenida del estado actual\n" +"de su sistema de ficheros." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Copiar aide.db.new a aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Se le aconseja que primero revise el fichero /var/lib/aide/aide.db.new\n" +"antes de reemplazar la base de datos existente. De cualquier modo el\n" +"paquete puede reemplazar la base de datos en este momento." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Si no elige esta opcin, necesitar copiar el fichero\n" +"/var/lib/aide/aide.db.new a /var/lib/aide/aide.db antes de que pueda\n" +"ser usado por AIDE." + +#, fuzzy +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "Las informaciones diarias se envan a root por defecto" + +#, fuzzy +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "Las informaciones diarias se envan a root por defecto" + +#, fuzzy +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "Antes de que pueda usar AIDE debe inicializar la base de" + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "" +#~ "datos. Para realizar esta tarea simplemente use el guin '/usr/sbin/" +#~ "aideinit'." + +#, fuzzy +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "Necesita copiar el fichero /var/lib/aide/aide.db.new a" + +#~ msgid "" +#~ "To change this, you can edit the @@define MAILTO line in /etc/aide/aide." +#~ "conf" +#~ msgstr "" +#~ "Para cambiar este comportamiento, debe editar la lnea @@define MAILTO " +#~ "en /etc/aide/aide.conf" + +#~ msgid "/var/lib/aide/aide.db before AIDE uses it." +#~ msgstr "/var/lib/aide/aide.db para que AIDE lo use." + +#~ msgid "" +#~ "It is advisable for you to first look over the new db. Say y to ignore " +#~ "this sage advice." +#~ msgstr "" +#~ "Es aconsejable que eche un vistazo a la nueva base de datos. Reponda S " +#~ "para ignorar este sabio consejo." --- aide-0.15.1.orig/debian/po/ja.po +++ aide-0.15.1/debian/po/ja.po @@ -0,0 +1,143 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: aide 0.11.99.20060718-1.0\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-24 01:22+0900\n" +"Last-Translator: Hideki Yamane (Debian-JP) \n" +"Language-Team: Japanese \n" +"Language: ja\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "AIDE データベースを初期化しますか?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"AIDE を使えるようにする前に、データベースを初期化する必要があります。ここで直" +"ちに初期化を行ってもよいですし、後ほど shell から '/usr/sbin/aideinit' として" +"スクリプトを実行もできます。" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "" +"AIDE のデータファイルを古いディレクトリから新しいディレクトリに移動しますか?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE は標準で /var/lib/aide にデータベースを保持するようになりました。今のと" +"ころでは /usr/lib/aide を利用している古いバージョンがインストールされているよ" +"うです。データファイルは自動的に移動できます。" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "既にある /var/lib/aide/aide.db.new ファイルを上書きしますか?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"既に /var/lib/aide/aide.db.new に新しく生成した AIDE データベースが存在してい" +"ます。この選択肢を選ぶと、現在のファイルシステムの状態から得られた新しいデー" +"タによって、既にあるファイルは上書きされます" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "aide.db.new を aide.db にコピーしますか?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"既存の db ファイルを置き換える前に、まず /var/lib/aide/aide.db.new ファイルの" +"内容を確認するのをお勧めします。何にせよ、ここでパッケージがデータベースを置" +"き換えるようにできます。" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"置き換えを選ばないのであれば、AIDE がデータベースを使えるようになる前に /var/" +"lib/aide.db.new ファイルを /var/lib/aide/aide.db にコピーする必要があります。" + +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "デフォルトの状態では日次レポートが root にメールされます。" + +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "これについては /etc/default/aide の設定で変更できます。" + +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "" +#~ "AIDE を使えるようにする前に、データベースを初期化する必要があります。" + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "" +#~ "これを行うには、単に '/usr/sbin/aideinit' スクリプトを実行するだけです。" + +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "aide.db.new を /var/lib/aide/aide.db としてインストールが必要です" + +#~ msgid "Where should daily reports be mailed?" +#~ msgstr "日次レポートはどこへメールしますか?" + +#~ msgid "" +#~ "To change this, you can edit the @@define MAILTO line in /etc/aide/aide." +#~ "conf" +#~ msgstr "" +#~ "これを変更するには、/etc/aide/aide.conf 中の @@define MAILTO 行を編集しま" +#~ "す。" + +#~ msgid "" +#~ "It is advisable for you to first look over the new db. Say y to ignore " +#~ "this sage advice." +#~ msgstr "" +#~ "まず、古い DB を上書きをして構わないものかどうか新しい DB を調べたほうがよ" +#~ "いでしょう。y と入力することでこの賢明なアドバイスを無視します。" --- aide-0.15.1.orig/debian/po/nl.po +++ aide-0.15.1/debian/po/nl.po @@ -0,0 +1,113 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: aide\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-29 10:25+0100\n" +"Last-Translator: Bart Cornelis \n" +"Language-Team: dutch \n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Zal ik de AIDE database initialiseren?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Voordat AIDE gebruikt kan worden dient er een database genitialiseerd te " +"worden. U kunt dit nu doen, of later door het '/usr/sbin/aideinit'-script " +"uit te voeren van in een commandoregel." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "AIDE databestanden van de oude map naar de nieuwe verplaatsen?" + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE slaat zijn databases nu standaard op in /var/lib/aide. Het lijkt erop " +"dat u een oudere versie genstalleerd heeft die hiervoor nog /usr/lib/aide " +"gebruikt. Wilt u de databestanden automatisch verplaatsen?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Bestaande /var/lib/aide/aide.db.new overschrijven?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"U heeft reeds een nieuw aangemaakte AIDE-database in /var/lib/aide/aide.db." +"new. Als u toch voor deze optie kiest wordt het bestaande bestande " +"overschreven door de niewe data van de huidige status van uw bestandssysteem." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "aide.db.new naar aide.db kopiren?" + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Het is aan te raden om het bestand '/var/lib/aide/aide.db.new' eerst na te " +"kijken alvorens de bestaande db te vervangen. U kunt de bestaande database " +"hier toch door het pakket laten vervangen." + +# Type: note +# Description +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Als u deze optie afslaat zult u het bestand /var/lib/aide/aide.db.new naar /" +"var/lib/aide/aide.db moeten kopieren alvorens AIDE dit kan gebruiken." --- aide-0.15.1.orig/debian/po/POTFILES.in +++ aide-0.15.1/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] aide-common.templates --- aide-0.15.1.orig/debian/po/fr.po +++ aide-0.15.1/debian/po/fr.po @@ -0,0 +1,125 @@ +# translation of fr.po to French +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# Christian Perrier , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: fr\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-10-11 09:23+0200\n" +"Last-Translator: Gregory Colpart \n" +"Language-Team: French \n" +"Language: fr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Faut-il crer la base de donnes d'AIDE?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Avant de pouvoir utiliser AIDE, vous devez crer une base de donnes. Vous " +"pouvez le faire ds maintenant ou excuter le script /usr/sbin/aideinit " +"par la suite." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Faut-il dplacer les fichiers de donnes depuis l'ancien rpertoire?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE place dsormais ses bases de donnes dans /var/lib/aide par dfaut. " +"La version plus ancienne que vous utilisiez les plaait dans /usr/lib/" +"aide. Choisissez cette option pour que les donnes soient automatiquement " +"dplaces." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Faut-il craser /var/lib/aide/aide.db.new?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Vous avez dj une nouvelle base de donnes /var/lib/aide/aide.db.new. " +"Si vous confirmez, ce fichier sera cras par les nouvelles donnes obtenues " +"par l'tat actuel de votre systme de fichiers." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Faut-il copier aide.db.new vers aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Vous devriez d'abord vrifier la nouvelle base de donnes /var/lib/aide/" +"aide.db.new avant de la remplacer. Veuillez confirmer si vous souhaitez la " +"remplacer maintenant." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Si vous ne confirmez pas, vous devrez copier le fichier /var/lib/aide/aide." +"db.new vers /var/lib/aide/aide.db avant de pouvoir l'utiliser." + +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "Envoi des rapports quotidiens au superutilisateur" + +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "" +#~ "Par dfaut, les rapports quotidiens sont envoys au superutilisateur. Ce " +#~ "rglage peut tre modifi dans le fichier /etc/default/aide." + +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "" +#~ "Avant de pouvoir utiliser AIDE, vous devez crer une base de donnes." + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "Pour cela, vous pouvez utiliser le script /usr/sbin/aideinit." --- aide-0.15.1.orig/debian/po/it.po +++ aide-0.15.1/debian/po/it.po @@ -0,0 +1,103 @@ +# Italian translation of aide +# Copyright (C) 2010 Free Software Foundation, Inc. +# This file is distributed under the same license as the aide package. +# +# Mark Caglienzi +# Collaboratively translated during an online sprint, thanks to all contributors! +# +msgid "" +msgstr "" +"Project-Id-Version: aide 0.15.1-2\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2010-12-15 22:44+0200\n" +"Last-Translator: Mark Caglienzi \n" +"Language-Team: Italian \n" +"Language: it\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Inizializzare il database di AIDE?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Prima che AIDE possa essere usato, bisogna inizializzare un database. Si può " +"fare in questo momento, oppure lanciando in seguito lo script '/usr/sbin/" +"aideinit' da shell." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Spostare i file di dati di AIDE dalla vecchia alla nuova directory?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"La versione attuale di AIDE memorizza di default i propri database in /var/" +"lib/aide. Attualmente risulta installata una versione precedente che usa /" +"usr/lib/aide. Se richiesto, i file di dati possono essere spostati " +"automaticamente." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Sovrascrivere il file /var/lib/aide/aide.db.new esistente?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Un nuovo database di AIDE è stato generato in /var/lib/aide/aide.db.new.Se " +"viene selezionata questa opzione, il file esistente verrà sovrascritto coi " +"nuovi dati, ottenuti dallo stato attuale del filesystem." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Copiare aide.db.new come aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"È consigliabile controllare il file /var/lib/aide/aide.db.new prima di " +"cambiare il database esistente. Se richiesto, in questa fase il pacchetto " +"potrà occuparsi della sovrascrittura." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Se non viene selezionata questa opzione, sarà necessario copiare il file /" +"var/lib/aide/aide.db.new come /var/lib/aide/aide.db prima che AIDE possa " +"usarlo." --- aide-0.15.1.orig/debian/po/da.po +++ aide-0.15.1/debian/po/da.po @@ -0,0 +1,100 @@ +# Danish translation aide. +# Copyright (C) 2010 aide & nedenstående oversættere. +# This file is distributed under the same license as the aide package. +# Morten Brix Pedersen , 2005. +# Joe Hansen , 2010. +# +msgid "" +msgstr "" +"Project-Id-Version: aide\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2010-09-22 17:30+01:00\n" +"Last-Translator: Joe Hansen \n" +"Language-Team: Danish \n" +"Language: da\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Initialiser AIDE-databasen?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Før AIDE kan bruges, skal du initialisere en database. Du kan gøre dette " +"øjeblikkeligt her, eller køre skriptet '/usr/sbin/aideinit' fra en skal " +"senere." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Flyt AIDE-datafiler fra gammel mappe til ny?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE gemmer nu sine databaser i /var/lib/aide som standard. Det ser ud til, " +"at du har en gammel version installeret, som bruger /usr/lib/aide. Vil du " +"have indholdet flyttet for dig?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Overskriv eksisterende /var/lib/aide/aide.db.new?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Du har allerede en nylig oprettet AIDE-database i /var/lib/aide/aide.db.new. " +"Hvis du vælger denne indstilling, vil den eksisterende fil blive overskrevet " +"af de nye data indhentet fra den aktuelle tilstand på dit filsystem." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Kopier aide.db.new til aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Det anbefales, at du først kigger den nye fil /var/lib/aide/aide.db.new " +"igennem, inden du erstatter din eksisterende db. Du kan her lade pakken " +"erstatte databasen alligevel." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Hvis du ikke vælger denne indstilling, skal du kopiere filen /var/lib/aide/" +"aide.db.new til /var/lib/aide/aide.db før AIDE kan bruge den." --- aide-0.15.1.orig/debian/po/pt_BR.po +++ aide-0.15.1/debian/po/pt_BR.po @@ -0,0 +1,151 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: aide\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-23 18:52-0300\n" +"Last-Translator: André Luís Lopes \n" +"Language-Team: Debian-BR Project \n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Inicializar a base de dados do AIDE ?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Antes que o AIDE possa ser usado, você precisará inicializar uma base de " +"dados. Você pode fazer isso imediatamente aqui ou executar o script '/usr/" +"sbin/aideinit' a partir do prompt de comandos posteriormente." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Mover arquivos de dados do AIDE do diretório antigo para o novo ?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"O AIDE agorá armazena suas bases de dados em /var/lib/aide por padrão. " +"Parece que você possui uma versão antiga instalada que usa o diretório /usr/" +"lib/aide. Esses arquivos de dados podem ser movidos automaticamente." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Sobrescrever /var/lib/aide/aide.db.new existente ?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Você já possui uma nova base de dados AIDE gerada em /var/lib/aide/aide.db." +"new. Caso você escolha esta opção, o arquivo existente será sobreescrito " +"pelos novos dados obtidos a partir do estado atual de seu sistema." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Copiar aide.db.new para aide.db ?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"É recomendável que você confira o arquivo /var/lib/aide/aide.db.new antes de " +"substituir a base de dados existente. Você pode optar por fazer com que o " +"pacote substitua a base de dados de qualquer forma aqui." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Caso você não escolha esta opção, você precisará copiar o arquivo /var/lib/" +"aide/aide.db.new para /var/lib/aide/aide.db antes que o AIDE possa usá-lo." + +#, fuzzy +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "" +#~ "Relatórios diários são enviados para o root por padrão. Você pode mudar " +#~ "isso aqui ou em /etc/default/aide." + +#, fuzzy +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "" +#~ "Relatórios diários são enviados para o root por padrão. Você pode mudar " +#~ "isso aqui ou em /etc/default/aide." + +#, fuzzy +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "" +#~ "Antes que o AIDE possa ser usado você prcisará inicializar a base de " +#~ "dados." + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "Para fazê-lo, simplesmente use o script '/usr/sbin/aideinit'." + +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "Você deve instalar o arquivo aide.db.new como /var/lib/aide/aide.db" + +#~ msgid "Where should daily reports be mailed?" +#~ msgstr "Para onde os relatórios diários via e-mail devem ser enviados ?" + +#~ msgid "" +#~ "To change this, you can edit the @@define MAILTO line in /etc/aide/aide." +#~ "conf" +#~ msgstr "" +#~ "Para mudar isso você pode editara linha @@define MAILTO em /etc/aide/aide." +#~ "conf." + +#~ msgid "/var/lib/aide/aide.db before AIDE uses it." +#~ msgstr "var/lib/aide/aide.db antes de usá-lo." + +#~ msgid "" +#~ "It is advisable for you to first look over the new db. Say y to ignore " +#~ "this sage advice." +#~ msgstr "" +#~ "É recomendável primeiro olhar a nova base de dados. Rerponda sim para " +#~ "ignorar este sábio conselho." --- aide-0.15.1.orig/debian/po/pt.po +++ aide-0.15.1/debian/po/pt.po @@ -0,0 +1,113 @@ +# 2005-10-27 - Marco Ferra (initial translation) +# +msgid "" +msgstr "" +"Project-Id-Version: aide 0.10-11\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-09 18:45+0100\n" +"Last-Translator: Marco Ferra \n" +"Language-Team: Portuguese \n" +"Language: pt\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Inicializar a base de dados AIDE?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Antes que o AIDE possa ser usado terá de inicializar uma base de dados. Pode " +"fazer isso imediatamente aqui ou correr mais tarde o script '/usr/sbin/" +"aideinit'." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "" +"Mover os ficheiros de dados do AIDE de um directório antigo para um novo?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"Por omissão a AIDE agora guarda as suas base de dados em /var/lib/aide. " +"Parece que tem uma versão antiga instalada que usa o /usr/lib/aide. Pode " +"querer que os ficheiros sejam movidos automaticamente." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Escrever por cima do /var/lib/aide/aide.db.new existente?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Tem uma base de dados nova para o AIDE em /var/lib/aide/aide.db.new. Se " +"optar por esta escolha o ficheiro existente será sobre-escrito por dados " +"actualizados do estado do seu sistema de ficheiros." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Copiar o aide.db.new para aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"É aconselhável que veja primeiro o ficheiro /var/lib/aide/aide.db.new antes " +"de substituir a base de dados existente. Pode querer substituir a base de " +"dados do pacote de qualquer das formas aqui." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Se não optar por esta escolha terá de copiar o ficheiro /var/lib/aide/aide." +"db.new para /var/lib/aide/aide.db antes que o AIDE o possa usar." + +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "Por omissão os relatórios diários são enviados para o root" + +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "Pode alterar isto em /etc/default/aide." + +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "Antes de poder usar o AIDE deve inicializar uma base de dados." + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "" +#~ "Para fazer isto basta correr simplesmente o script '/usr/sbin/aideinit'." + +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "Deve instalar o aide.db.new como /var/lib/aide/aide.db" --- aide-0.15.1.orig/debian/po/pl.po +++ aide-0.15.1/debian/po/pl.po @@ -0,0 +1,125 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-09 19:46+0100\n" +"Last-Translator: Marcin Owsiany \n" +"Language-Team: Polish \n" +"Language: pl\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-2\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Zainicjalizowa baz danych AIDE?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Przed uyciem AIDE konieczne jest zainicjalizowanie bazy danych. Mona to " +"zrobi teraz, albo pniej uruchomi skrypt '/usr/sbin/aideinit' z poziomu " +"powoki." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Przenie pliki danych AIDE ze starego do nowego katalogu?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE domylnie przechowuje teraz bazy danych w katalogu /var/lib/aide. " +"Wyglda na to, e obecnie zainstalowana jest starsza wersja, ktra uywa " +"katalogu /usr/lib/aide. Pliki mog zosta przeniesione automatycznie." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Nadpisa istniejcy plik /var/lib/aide/aide.db.new?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"W pliku /var/lib/aide/aide.db.new istnieje ju wygenerowana baza danych " +"AIDE. Jeli wybierzesz t opcj, zostanie ona nadpisana danymi uzyskanymi z " +"obecnego stanu systemu plikw." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Skopiowa aide.db.new do aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Zaleca si sprawdzenie pliku /var/lib/aide/aide.db.new przed uyciem go jako " +"nowej bazy danych. Mona jednak zleci pakietowi uycie go teraz." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Jeli nie wybierzesz tej opcji, konieczne bdzie skopiowanie pliku /var/lib/" +"aide/aide.db.new do /var/lib/aide/aide.db, aby AIDE mogo go uy." + +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "Codzienne raporty s domylnie wysyane do nadzorcy." + +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "Moesz zmieni to ustawienie w /etc/default/aide." + +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "Przed uyciem AIDE konieczne jest zainicjalizowanie bazy danych." + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "Aby to zrobi, wystarczy uy skryptu \"/usr/sbin/aideinit\"." + +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "Naley zainstalowa aide.db.new jako /var/lib/aide/aide.db" + +#~ msgid "Where should daily reports be mailed?" +#~ msgstr "Na jaki adres maj by wysyane codzienne raporty?" --- aide-0.15.1.orig/debian/po/sv.po +++ aide-0.15.1/debian/po/sv.po @@ -0,0 +1,143 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# , fuzzy +# root <>, 2005. +# +# +msgid "" +msgstr "" +"Project-Id-Version: aide 0.10-11\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2006-09-22 15:52+0100\n" +"Last-Translator: Daniel Nylander \n" +"Language-Team: Swedish \n" +"Language: sv\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "Initiera AIDE-databasen?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" +"Innan AIDE kan anvndas mste du initiera en databas. Du kan gra det hr " +"och nu, eller kra skriptet \"/usr/sbin/aideinit\" frn ett skal senare." + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "Flytta AIDEs datafiler frn den gamla katalogen till den nya?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE lagrar numera sina databaser i /var/lib/aide som standard. Det verkar " +"som om du har en ldre version installerad som anvnder /usr/lib/aide. Du " +"kan f datafilerna flyttade automatiskt till rtt stlle." + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "Skriv ver den existerande /var/lib/aide/aide.db.new?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" +"Du har redan en nyligen genererad AIDE-databas i /var/lib/aide/aide.db.new. " +"Om du vljer det hr alternativet kommer den existerande filen att skrivas " +"ver av det nya datat som hmtas in frn det aktuella tillstndet fr ditt " +"filsystem." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "Kopiera aide.db.new till aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"Det rekommenderas att du frst tar en titt p filen /var/lib/aide/aide.db." +"new innan den erstter den existerande db-filen. Paketet kan erstta " +"databasen t dig om du nskar." + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"Om du inte vljer detta alternativet behver du kopiera filen /var/lib/aide/" +"aide.db.new till /var/lib/aide/aide.db innan AIDE kan anvnda den." + +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "Dagliga rapporter skickas som standard via e-post till root" + +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "Du kan ndra det i /etc/default/aide." + +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "Innan AIDE kan anvndas mste du initiera en databas" + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "" +#~ "Fr att gra detta kr du helt enkelt skriptet \"/usr/sbin/aideinit\"." + +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "Du mste installera aide.db.new som /var/lib/aide/aide.db" + +#~ msgid "Where should daily reports be mailed?" +#~ msgstr "Till vilken address ska dagliga rapporter skickas via epost?" + +#~ msgid "" +#~ "To change this, you can edit the @@define MAILTO line in /etc/aide/aide." +#~ "conf" +#~ msgstr "" +#~ "För att ändra detta kan du redigera raden \"@@define MAILTO\" i /etc/" +#~ "aide/aide.conf" + +#~ msgid "/var/lib/aide/aide.db before AIDE uses it." +#~ msgstr "/var/lib/aide/aide.db innan AIDE använder den." + +#~ msgid "" +#~ "It is advisable for you to first look over the new db. Say y to ignore " +#~ "this sage advice." +#~ msgstr "" +#~ "Det är klokt av dig att först se över den nya databasen. Säg j " +#~ "för att ignorera detta förstÃ¥ndiga rÃ¥d." --- aide-0.15.1.orig/debian/po/templates.pot +++ aide-0.15.1/debian/po/templates.pot @@ -0,0 +1,85 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" --- aide-0.15.1.orig/debian/po/zh_TW.po +++ aide-0.15.1/debian/po/zh_TW.po @@ -0,0 +1,125 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: aide 0.10-6\n" +"Report-Msgid-Bugs-To: pkg-aide-maintainers@lists.alioth.debian.org\n" +"POT-Creation-Date: 2006-09-22 15:14+0200\n" +"PO-Revision-Date: 2005-02-16 15:13+0800\n" +"Last-Translator: Asho Yeh \n" +"Language-Team: Chinese (traditional) \n" +"Language: zh_TW\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: Chinese\n" +"X-Poedit-Country: TAIWAN\n" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "Initialize AIDE database?" +msgstr "是否要初始化 AIDE 資料庫?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:1001 +msgid "" +"Before AIDE can be used, you will have to initialize a database. You can " +"immediately do this here, or run the '/usr/sbin/aideinit' script from a " +"shell later." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +msgid "Move AIDE data files from old directory to new?" +msgstr "移動舊有目錄下的 AIDE 資料檔到新目錄嗎?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:2001 +#, fuzzy +msgid "" +"AIDE now stores its databases in /var/lib/aide by default. It appears that " +"you have an older version installed which uses /usr/lib/aide. You can have " +"the data files moved automatically." +msgstr "" +"AIDE 目前預設儲存資料庫到 /var/lib/aide 下。該訊息出現的話表示您還有較舊的版" +"本使用 /usr/lib/aide。您想要移動這些資料嗎?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "Overwrite existing /var/lib/aide/aide.db.new?" +msgstr "要複寫 /var/lib/aide/aide.db.new 嗎?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:3001 +msgid "" +"You have already a newly generated AIDE database in /var/lib/aide/aide.db." +"new. If you choose this option, the existing file will be be overwritten by " +"the new data obtained from the current state of your file system." +msgstr "" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +msgid "Copy aide.db.new to aide.db?" +msgstr "要複製 aide.db.new 成 aide.db?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +#, fuzzy +msgid "" +"It is advisable for you to first look over /var/lib/aide/aide.db.new file " +"before replacing the existing db. You can have the package replace the " +"database anyway here." +msgstr "" +"複寫以存在的 db 檔前,建議先查閱過 /var/lib/aide/aide.db.new。您要複寫它了" +"嗎?" + +#. Type: boolean +#. Description +#: ../aide-common.templates:4001 +#, fuzzy +msgid "" +"If you do not choose this option, you will need to copy the file /var/lib/" +"aide/aide.db.new to /var/lib/aide/aide.db before AIDE can use it." +msgstr "" +"使用 AIDE 之前,您必須先複製 /var/lib/aide/aide.db.new 成 /var/lib/aide/aide." +"db。" + +#, fuzzy +#~ msgid "Daily reports are mailed to root by default" +#~ msgstr "每日記錄報告預設是寄給 root。您能修改 /etc/default/aide 來改變它。" + +#, fuzzy +#~ msgid "You may change that in /etc/default/aide." +#~ msgstr "每日記錄報告預設是寄給 root。您能修改 /etc/default/aide 來改變它。" + +#, fuzzy +#~ msgid "Before AIDE can be used, you will have to initialize a database" +#~ msgstr "您必須初使化資料庫才能使用 AIDE。" + +#~ msgid "In order to do this, simply use the '/usr/sbin/aideinit' script." +#~ msgstr "要完成該目的,只要使用 '/usr/sbin/aideinit' script。" + +#~ msgid "You must install aide.db.new as /var/lib/aide/aide.db" +#~ msgstr "您必須安裝 aide.db.new 成 /var/lib/aide/aide.db" + +#~ msgid "Where should daily reports be mailed?" +#~ msgstr "指定每日記錄報告的寄件位址?" --- aide-0.15.1.orig/debian/examples/31_multimedia_mythbackend +++ aide-0.15.1/debian/examples/31_multimedia_mythbackend @@ -0,0 +1,6 @@ +/var/log/mythtv/mythbackend\.log$ Log +/var/log/mythtv/mythbackend\.log\.1$ LoSerMemberLog +/var/log/mythtv/mythbackend\.log\.[2345]$ SerMemberLog +/var/log/mythtv/mythbackend\.log\.6$ HiSerMemberLog +/var/run/mythtv/mythbackend\.pid$ VarFile +/var/(log|run)/mythtv$ VarDir --- aide-0.15.1.orig/debian/examples/31_multimedia_mythweb +++ aide-0.15.1/debian/examples/31_multimedia_mythweb @@ -0,0 +1,2 @@ +/usr/share/mythtv/mythweb/data/cache$ VarDir +/usr/share/mythtv/mythweb/data/cache/[0-9_]+\.mpg\.png$ VarFile+ANF+ARF --- aide-0.15.1.orig/debian/examples/31_example_exclude-homes +++ aide-0.15.1/debian/examples/31_example_exclude-homes @@ -0,0 +1,6 @@ +#!/bin/bash + +# this excludes the home directories of system accounts with +# uid >= 1000 from the AIDE check. + +getent passwd | awk -v FS=":" '{ if( $3 >= 1000) { print "!" $6 }}' --- aide-0.15.1.orig/debian/default/aide +++ aide-0.15.1/debian/default/aide @@ -0,0 +1,77 @@ +# These settings are mainly for the wrapper scripts around aide, +# such as aideinit and /etc/cron.daily/aide + +# This is used as the host name in the AIDE reports that are sent out +# via e-mail. It defaults to the output of $(hostname --fqdn), but can +# be set to arbitrary values. +# FQDN= + +# This is used as the subject for the e-mail reports. +# If your mail system only threads by subject, you might want to add +# some variable content here (for example $(date +%Y-%m-%d)). +MAILSUBJ="Daily AIDE report for $FQDN" + +# This is the email address reports get mailed to +# default is root +# This variable is expanded before it is used, so you can use variables +# here. For example, MAILTO=$FQDN-aide@domain.example will send the +# report to host.name.example-aide@domain.example is the local FQDN is +# host.name.example. +MAILTO=root + +# Set this to yes to suppress mailings when no changes have been +# detected during the AIDE run and no error output was given. +#QUIETREPORTS=no + +# This parameter defines which AIDE command to run from the cron script. +# Sensible values are "update" and "check". +# Default is "check", ensuring backwards compatibility. +# Since "update" does not take any longer, it is recommended to use "update", +# so that a new database is created every day. The new database needs to be +# manually copied over the current one, though. +COMMAND=update + +# This parameter defines what to do with a new database created by +# COMMAND=update. It is ignored if COMMAND!=update. +# no: Do not copy new database to old database. This is the default. +# yes: Copy new database to old database. This means that changes to the +# file system are only reported once. Possibly dangerous. +# ifnochange: Copy new database to old database if no changes have +# been reported. This is needed for ANF/ARF to work reliably. +COPYNEWDB=no + +# Set this to yes to truncate the detailed changes part in the mail. The full +# output will still be listed in the log file. +TRUNCATEDETAILS=no + +# Set this to yes to suppress file changes by package and security +# updates from appearing in the e-mail report. Filtered file changes will +# still be listed in the log file. This option parses the /var/log/dpkg.log +# file and implies TRUNCATEDETAILS=yes +FILTERUPDATES=no + +# Set this to yes to suppress file changes by package installations +# from appearing in the e-mail report. Filtered file changes will still +# be listed in the log file. This option parses the /var/log/dpkg.log file and +# implies TRUNCATEDETAILS=yes. +FILTERINSTALLATIONS=no + +# This parameter defines how many lines to return per e-mail. Output longer +# than this value will be truncated in the e-mail sent out. +# Set value to "0" to disable this option. +LINES=1000 + +# This parameter gives a grep regular expression. If given, all output lines +# that _don't_ match the regexp are listed first in the script's output. This +# allows to easily remove noise from the AIDE report. +NOISE="" + +# This parameter defines which options are given to aide in the daily +# cron job. The default is "-V4". +AIDEARGS="" + +# These parameters control update-aide.conf and give the defaults for +# the --confdir, --confd and --settingsd options +# UPAC_CONFDIR="/etc/aide" +# UPAC_CONFD="$UPAC_CONFDIR/aide.conf.d" +# UPAC_SETTINGSD="$UPAC_CONFDIR/aide.settings.d" --- aide-0.15.1.orig/debian/aide.conf.zg2.d/31_zg2_ulog-acctd_dateext +++ aide-0.15.1/debian/aide.conf.zg2.d/31_zg2_ulog-acctd_dateext @@ -0,0 +1,5 @@ +/var/log/ulog-acctd/(account|debug)\.log$ Log +/var/log/ulog-acctd/(account|debug)\.log-[0-9]{8}$ LowDELog +/var/log/ulog-acctd/(account|debug)\.log-[0-9]{8}\.gz$ SerMemberDELog +/var/log/ulog-acctd/dump$ VarFile +/var/log/ulog-acctd$ VarDir --- aide-0.15.1.orig/debian/aide.conf.zg2.d/31_zg2_afiobackup +++ aide-0.15.1/debian/aide.conf.zg2.d/31_zg2_afiobackup @@ -0,0 +1,3 @@ +/root/\.lftp/(cwd|rl)_history$ VarFile +/root/\.lftp$ VarDir +/root/\.gnupg/random_seed$ VarFile --- aide-0.15.1.orig/debian/aide.conf.zg2.d/31_zg2_lvm2 +++ aide-0.15.1/debian/aide.conf.zg2.d/31_zg2_lvm2 @@ -0,0 +1,10 @@ +#!/bin/bash + +if ! [ -e "/dev/.udev" ]; then +cat <&2 "error determining FQDN: hostname -f does not give output" + hostname -f >&2 + exit 1 +fi + +traphandler() { + trap - INT ERR + if [ -n "${LOCKED:-}" ]; then + # we have the lock, + pidof aide | xargs --no-run-if-empty kill -9 + fi + onexit signal $1 + return 0 +} +trap ' traphandler INT; trap - INT ERR' INT +trap ' traphandler ERR; trap - INT ERR' ERR + +# bail if no aide binary found + +[ -f "/usr/bin/aide" ] || exit 0 + +# default variables + +PATH="/sbin:/usr/sbin:/bin:/usr/bin" +LOGDIR="/var/log/aide" +# LOGFILE: /var/log/aide/aide.log - all logs untruncated (not temp) +LOGFILE="$LOGDIR/aide.log" +CONFFILE="/var/lib/aide/aide.conf.autogenerated" +PREFIX="aide" +TMPBASE="/var/run/aide" +LOCKFILE="$TMPBASE/cron.daily.lock" +TMPDIRIN="$TMPBASE/cron.daily" + +AIDEARGS="-V4" +MAILSUBJ="Daily AIDE report for $FQDN" + +DATE="$(date +"%Y-%m-%d %H:%M")" +BEGINSTAMP="$(date +"%Y-%m-%d %H:%M:%S")" + +# make sure $TMPBASE exists + +if ! [ -d "$TMPBASE" ]; then + mkdir -p $TMPBASE + chown root:root $TMPBASE + chmod 600 $TMPBASE +fi + +# have /etc/default/aide override variables + +if [ -f "/etc/default/aide" ]; then + . "/etc/default/aide" +fi + +# from here on, we're going to bail on unbound variables + +set -u + +# umask + +umask 077 + +# grep aide configuration data from aide config + +update-aide.conf +DATABASE="$(< "$CONFFILE" grep "^database[[:space:]]*=[[:space:]]*file:/" | head -n 1 | cut --delimiter=: --fields=2)" +DATABASE_OUT="$(< "$CONFFILE" grep "^database_out[[:space:]]*=[[:space:]]*file:/" | head -n 1 | cut --delimiter=: --fields=2)" +< "$CONFFILE" grep -qE "^grouped[[:space:]]*=[[:space:]]*(no|false)[[:space:]]*$" && GROUPED="false" || GROUPED="true" + +# default values + +MAILTO="${MAILTO:-root}" +eval MAILTO="$MAILTO" +DATABASE="${DATABASE:-/var/lib/aide/aide.db}" +LINES="${LINES:-1000}" +COMMAND="${COMMAND:-check}" +COPYNEWDB="${COPYNEWDB:-no}" +QUIETREPORTS="${QUIETREPORTS:-no}" +TRUNCATEDETAILS="${TRUNCATEDETAILS:-no}" +FILTERUPDATES="${FILTERUPDATES:-no}" +FILTERINSTALLATIONS="${FILTERINSTALLATIONS:-no}" +ONEXIT="" + +# Get the database's date +DATABASEDATE="" +if [ -f $DATABASE ]; then + DATABASEDATE="$(stat -c %y $DATABASE | sed -e "s/\..*//")" +fi + +# Force TRUNCATEDETAILS when filter updates/installations +if [ "$FILTERUPDATES" = "yes" ] || [ "$FILTERINSTALLATIONS" = "yes" ] ; then + TRUNCATEDETAILS="yes" +fi + +# functions + +mytempfile() { + NAME="$1" + echo "$TMPDIR/$NAME" + touch "$TMPDIR/$NAME" +} + +frame() { + WIDTH=78 + STARS="*******************************************************************************" + SPACES=" " + printf "%s\n" "${STARS:1:$WIDTH}" + while read line ; do + HALF="${SPACES:1:$((($WIDTH-${#line})/2))}" + LINE="$HALF$line$SPACES" + printf "*%s*\n" "${LINE:1:$(($WIDTH-2))}" + done + printf "%s\n" "${STARS:1:$WIDTH}" +} + +onexit() { + if [ "$ONEXIT" = "running" ]; then + return 1 + fi + + ONEXIT="running" + + local LOGHEAD + local MAILHEAD + + case "$1" in + signal) + LOGHEAD="$(printf "terminated with signal %s" "$2")" + MAILHEAD="$(printf "The cron job was terminated with signal %s" "$2")" + ;; + fatal) + LOGHEAD="$(printf "terminated by fatal error.")" + MAILHEAD="$(printf "The cron job was terminated by a fatal error.")" + ;; + nolock) + LOGHEAD="$(printf "terminated because lock %s could not be obtained." "$LOCKFILE")" + MAILHEAD="$(printf "The cron job was terminated because lock %s could not be obtained." "$LOCKFILE")" + ;; + cantmovetmp) + LOGHEAD="$(printf "terminated: Cannot move away %s." "$TMPDIRIN")" + MAILHEAD="$(printf "The cron job was terminated: Cannot move away %s." "$TMPDIRIN")" + ;; + cantcreatetmp) + LOGHEAD="$(printf "terminated: Cannot create temporary directory %s." "$TMPDIRIN")" + MAILHEAD="$(printf "The cron job was terminated: Cannot create temporary directory %s." "$TMPDIRIN")" + ;; + success) + ;; + *) + LOGHEAD="$(printf "wrong parameter (\"%s\") to onexit." "$1")" + MAILHEAD="$(printf "The cron job was terminated for unknown reasons, and a wrong parameter (\"%s\")was given to onexit." "$1")" + ;; + esac + + if [ -z "${TMPDIR:-}" ] || [ -z "${MAILFILE:-}" ]; then + # we are being called so early that we are not yet fully initialized + # LOGHEAD goes to syslog instead of LOGFILE since we do not know + # what's up with LOGFILE + logger -t aide-cron-daily "$LOGHEAD" + echo "$MAILHEAD" | /usr/bin/mail -s "premature termination - $MAILSUBJ" "$MAILTO" + else + # we are being called after the cron job was properly set up. + # To the full works. + + [ -f "$LOGFILE" ] && savelog -t -g adm -m 640 -u root -c 7 "$LOGFILE" > /dev/null + + printf >> "$MAILFILE" \ +"This is an automated report generated by the Advanced Intrusion Detection +Environment on %s started at %s.\n\n" "$FQDN" "$BEGINSTAMP" + + printf >> "$LOGFILE" \ +"aide run on %s started at %s.\n" "$FQDN" "$BEGINSTAMP" + + if [ -n "${LOGHEAD:-}" ]; then + printf "$LOGHEAD\n" | frame >> "$LOGFILE" + printf "\n" >> "$LOGFILE" + fi + if [ -n "${MAILHEAD:-}" ]; then + printf "$MAILHEAD\n" | frame >> "$MAILFILE" + printf "\n\n" >> "$MAILFILE" + fi + + # report about AIDE's return value + + if [ -n "${ARETVAL:-}" ]; then + ARETEXPL="" + ARETERR="" + PREFIX="$(printf "AIDE returned with exit code %d." "$ARETVAL")" + case "$ARETVAL" in + -1) + PREFIX="" + ARETERR="the cron job was interrupted before AIDE could return an exit code.";; + 0) + PREFIX="AIDE returned with a zero exit code." + ARETEXPL="No changes detected!";; + 1) + ARETEXPL="Added entries detected!";; + 2) + ARETEXPL="Removed entries detected!";; + 3) + ARETEXPL="Added and removed entries detected!";; + 4) + ARETEXPL="Changed entries detected!";; + 5) + ARETEXPL="Added and changed entries detected!";; + 6) + ARETEXPL="Removed and changed entries detected!";; + 7) + ARETEXPL="Added, removed and changed entries detected!";; + 14) + ARETERR="Error writing!";; + 15) + ARETERR="Invalid Argument!";; + 16) + ARETERR="Unimplemented function!";; + 17) + ARETERR="Invalid configuration!";; + 18) + ARETERR="Input/Output error!";; + *) + ARETERR="$(printf "AIDE returned an unknown non-zero exit value\nexit value is %d\n\n" "$ARETVAL")";; + esac + if [ -n "$ARETEXPL" ]; then + echo "$PREFIX $ARETEXPL" >> "$MAILFILE" + echo "$PREFIX $ARETEXPL" >> "$LOGFILE" + fi + if [ -n "$ARETERR" ]; then + echo "$PREFIX $ARETERR" | frame >> "$MAILFILE" + echo "$PREFIX $ARETERR" | frame >> "$LOGFILE" + fi + unset ARETEXPL + unset ARETERR + unset PREFIX + else + ARETEXPL="ARETVAL not initialized. cron job was aborted prematurely." + ARETVAL=255 + echo $ARETEXPL | frame >> "$LOGFILE" + echo $ARETEXPL | frame >> "$MAILFILE" + unset ARETEXPL + printf "\n" >> "$LOGFILE" + printf "\n\n" >> "$MAILFILE" + fi + + # script errors + + if [ -n "${ERRORLOG:-}" ] && [ -s "$ERRORLOG" ]; then + printf "script errors\n" | frame >> "$MAILFILE" + < "$ERRORLOG" cat >> "$MAILFILE" + printf "End of script errors\n\n" >> "$MAILFILE" + + printf "script errors\n" | frame >> "$LOGFILE" + < "$ERRORLOG" cat >> "$LOGFILE" + printf "End of script errors\n" >> "$LOGFILE" + fi + + # aide post run information + + if [ -n "${POSTRUNLOG:-}" ] && [ -s "$POSTRUNLOG" ]; then + printf "AIDE post run information\n" >> "$MAILFILE" + < "$POSTRUNLOG" cat >> "$MAILFILE" + printf "End of AIDE post run information\n\n" >> "$MAILFILE" + + printf "AIDE post run information\n" >> "$LOGFILE" + < "$POSTRUNLOG" cat >> "$LOGFILE" + printf "End of AIDE post run information\n" >> "$LOGFILE" + fi + + # include error log in daily report e-mail + + if [ -n "${AERRLOG:-}" ] && [ -s "$AERRLOG" ]; then + errorlines="$(wc -l "$AERRLOG" | awk '{ print $1 }')" + if [ "$LINES" -gt "0" ] && [ "${errorlines:=0}" -gt "$LINES" ]; then + printf "AIDE has returned many errors.\nthe error log output has been truncated in this mail\n" | \ + frame >> "$MAILFILE" + printf >> "$MAILFILE" "Error output is %d lines, truncated to %d.\n" "$errorlines" "$LINES" + < "$AERRLOG" head -n "$LINES" >> "$MAILFILE" + printf >> "$MAILFILE" "\nEnd of truncated AIDE error output. The full output can be found in %s.\n\n" "$LOGFILE" + else + printf >> "$MAILFILE" "Errors produced (%d lines):\n" "$errorlines" + < "$AERRLOG" cat >> "$MAILFILE" + printf >> "$MAILFILE" "\nEnd of AIDE error output.\n\n" + fi + printf >> "$LOGFILE" "AIDE error output (%d lines):\n" "$errorlines" + < "$AERRLOG" cat >> "$LOGFILE" + printf >> "$LOGFILE" "End of AIDE error output\n" + else + printf >> "$MAILFILE" "AIDE produced no errors.\n\n" + printf >> "$LOGFILE" "AIDE produced no errors.\n" + fi + + + # finish log file + if [ -n "${ARUNLOG:-}" ] && [ -s "$ARUNLOG" ]; then + printf >> "$LOGFILE" "AIDE output (%d lines):\n" "$(wc -l "$ARUNLOG" | awk '{ print $1 }')" + < "$ARUNLOG" cat >> "$LOGFILE" + printf >> "$LOGFILE" "End of AIDE output.\n\n" + else + printf >> "$LOGFILE" "AIDE detected no changes.\n\n" + fi + + if [ -n "${DBCHECKLOG:-}" ] && [ -s "$DBCHECKLOG" ]; then + < "$DBCHECKLOG" cat >> "$LOGFILE" + fi + + ENDTIME="$(date +%s)" + + printf >> "$LOGFILE" "End of AIDE daily cron job at %s, run time %d seconds\n" "$(date +"%Y-%m-%d %H:%M" -d@$ENDTIME)" "$(( $ENDTIME - $BEGINTIME ))" + + LOGFILE_CHECKSUM="$(sha256sum $LOGFILE)" + + # include de-noised log into mail + + if [ -n "${ARUNLOG:-}" ] && [ -s "$ARUNLOG" ]; then + + MAIL_MODE=0 + + # truncate details + if [ "$TRUNCATEDETAILS" = "yes" ] ; then + case "$ARETVAL" in + 4|5|6|7) + MAILTMP="$(mytempfile aidemail)" + < $ARUNLOG sed '/^Detailed information about changes:/,${d;}' | head -n -2 >> "$MAILTMP" + MAIL_MODE=1 + ;; + *) + MAILTMP="$ARUNLOG" + ;; + esac + + # Filter package upgrades/installations + + # Figure out where the dpkg log file is + DPKGLOG="$(< /etc/dpkg/dpkg.cfg grep "^log" | head -n 1 | cut -d ' ' -f 2)" + + if ( [ "$FILTERUPDATES" = "yes" ] || [ "$FILTERINSTALLATIONS" = "yes" ] ) && [ -s "$DPKGLOG" ]; then + + # Create a list of files modified by system updates + if ( [ "$FILTERUPDATES" = "yes" ] && [ "$FILTERINSTALLATIONS" = "yes" ] ) ; then FILTER="install|upgrade" + elif [ "$FILTERUPDATES" = "yes" ]; then FILTER="upgrade" + else FILTER="install" + fi + PKG_FILE_LIST="$(mytempfile pkg_file_list)" + REGEX="^([^ ]+ [^ ]+) ("$FILTER") ([^ ]+) [^ ]+ [^ ]+$" + pkgs= + while read line; do + if [[ $line =~ $REGEX ]] && [[ "$DATABASEDATE" < ${BASH_REMATCH[1]} ]]; then + if dpkg-query -L ${BASH_REMATCH[3]} > /dev/null 2>&1; then + pkgs+="${BASH_REMATCH[3]} (${BASH_REMATCH[2]})\n" + dpkg-query -L ${BASH_REMATCH[3]} | sed -e "/^$/d" -e "/\/\./d" >> "$PKG_FILE_LIST" + ls /var/lib/dpkg/info/${BASH_REMATCH[3]}.* >> "$PKG_FILE_LIST" + fi + fi + done < "$DPKGLOG" + + if [ -n "$pkgs" ]; then + FILTEREDMAIL=$(mytempfile filteredmail) + let MAIL_MODE=MAIL_MODE+2 + ADD=0; REM=0; CHG=0 + N_ADD=0; N_REM=0; N_CHG=0 + declare -a NF_ADD NF_REM NF_CHG + REGEX="^(changed|removed|added|[fdLDBFs?!][ :l<>=bpugamcinCAXSE.+-]{16}): (.*)" + BACKUPIFS="$IFS" + IFS="" + while read -r line; do + if [[ $line =~ $REGEX ]] ; then + [ -z "$(grep -xF "${BASH_REMATCH[2]}" "$PKG_FILE_LIST")" ] && DONTFILTER_FILE=true || DONTFILTER_FILE=false + case "${BASH_REMATCH[1]}" in + added|[fdLDBFs?]++++++++++++++++) + ((ADD++)) || true + if $DONTFILTER_FILE; then + ((N_ADD++)) || true + if $GROUPED; then + NF_ADD[${#NF_ADD[*]}]="$line" + else + NF_CHG[${#NF_CHG[*]}]="$line" + fi + fi + ;; + removed|[fdLDBFs?]----------------) + ((REM++)) || true + if $DONTFILTER_FILE; then + ((N_REM++)) || true + if $GROUPED; then + NF_REM[${#NF_REM[*]}]="$line" + else + NF_CHG[${#NF_CHG[*]}]="$line" + fi + fi + ;; + changed|[fdLDBFs?!]*) + ((CHG++)) || true + if $DONTFILTER_FILE; then + ((N_CHG++)) || true + NF_CHG[${#NF_CHG[*]}]="$line" + fi + ;; + *) + printf >> "$FILTEREDMAIL" "error: '%s' could not be matched, mail report is incomplete (full output can be found in %s)!! Please file a bug report against the aide-common package and include this error message.\n" "${BASH_REMATCH[1]}" "$LOGFILE" + ;; + esac + fi + done < "$MAILTMP" + IFS=$BACKUPIFS + let F_ADD=$ADD-$N_ADD || true + let F_REM=$REM-$N_REM || true + let F_CHG=$CHG-$N_CHG || true + < $MAILTMP sed -n '0,/^ Total number of entries:/{p;}' >> "$FILTEREDMAIL" + SEPERATOR_TEMPLATE="\n---------------------------------------------------\n%s entries (filtered: %s):\n---------------------------------------------------\n\n" + NUM_FILES_TEMPLATE=" %s entries:\t\t%s\t(filtered: %s)\n" + printf >> "$FILTEREDMAIL" " Added entries:\t\t\t%s\t(filtered: %s)\n" "$N_ADD" "$F_ADD" + printf >> "$FILTEREDMAIL" "$NUM_FILES_TEMPLATE" "Removed" "$N_REM" "$F_REM" + printf >> "$FILTEREDMAIL" "$NUM_FILES_TEMPLATE" "Changed" "$N_CHG" "$F_CHG" + printf >> "$FILTEREDMAIL" "\nThe following package changes were detected and were filtered from this mail:\n" + printf >> "$FILTEREDMAIL" "$pkgs" + if [ "$N_ADD" -eq "0" ] && [ "$N_REM" -eq "0" ] && [ "$N_CHG" -eq "0" ] ; then + printf >> "$FILTEREDMAIL" "\nAIDE detected no changes after filtering package changes.\n\n" + else + if [ "${#NF_ADD[@]}" -gt "0" ]; then + printf >> "$FILTEREDMAIL" "$SEPERATOR_TEMPLATE" "Added" "$F_ADD" + for ((i=0;i<${#NF_ADD[@]};i++)); do echo "${NF_ADD[$i]}" >> "$FILTEREDMAIL"; done + fi + if [ "${#NF_REM[@]}" -gt "0" ]; then + printf >> "$FILTEREDMAIL" "$SEPERATOR_TEMPLATE" "Removed" "$F_REM" + for ((i=0;i<${#NF_REM[@]};i++)); do echo "${NF_REM[$i]}" >> "$FILTEREDMAIL"; done + fi + if [ "${#NF_CHG[@]}" -gt "0" ]; then + if $GROUPED; then + printf >> "$FILTEREDMAIL" "$SEPERATOR_TEMPLATE" "Changed" "$F_CHG" + else + if [ "$N_ADD" -gt "0" ] && [ "$N_REM" -gt "0" ] && [ "$N_CHG" -gt "0" ]; then + HEAD="Added, removed and changed" + elif [ "$N_ADD" -gt "0" ] && [ "$N_REM" -gt "0" ]; then + HEAD="Added and removed" + elif [ "$N_ADD" -gt "0" ] && [ "$N_CHG" -gt "0" ]; then + HEAD="Added and changed" + elif [ "$N_REM" -gt "0" ] && [ "$N_CHG" -gt "0" ]; then + HEAD="Removed and changed" + elif [ "$N_ADD" -gt "0" ]; then + HEAD="Added" + elif [ "$N_REM" -gt "0" ]; then + HEAD="Removed" + elif [ "$N_CHG" -gt "0" ]; then + HEAD="Changed" + fi + printf >> "$FILTEREDMAIL" "$SEPERATOR_TEMPLATE" "$HEAD" "$((F_ADD+F_REM+F_CHG))" + fi + for ((i=0;i<${#NF_CHG[@]};i++)); do echo "${NF_CHG[$i]}" >> "$FILTEREDMAIL"; done + fi + fi + MAILTMP="$FILTEREDMAIL" + fi + fi + else + MAILTMP="$ARUNLOG" + fi + + if [ -n "${NOISE:-}" ]; then + NOISETMP="$(mytempfile aidenoise1)" + NOISETMP2="$(mytempfile aidenoise2)" + < "$MAILTMP" sed -n '1,/^Detailed information about changes:/p' | \ + grep '^\(changed\|removed\|added\|[fdLDBFs?!][ :l<>=bpugamcinCAXSE.+-]\{16\}\):' | \ + grep -v "^added: THERE WERE ALSO [0-9]\+ FILES ADDED UNDER THIS DIRECTORY" >> "$NOISETMP2" + + if [ -n "$NOISE" ]; then + < "$NOISETMP2" grep -v "^\(changed\|removed\|added\|[fdLDBFs?!][ :l<>=bpugamcinCAXSE.+-]\{16\}\): $NOISE" >> "$NOISETMP" || true + printf >> "$MAILFILE" "De-Noised output removes everything matching %s.\n" "$NOISE" + fi + + if [ -s "$NOISETMP" ]; then + loglines="$(< $NOISETMP wc -l | awk '{ print $1 }')" + if [ "$LINES" -gt "0" ] && [ "${loglines:=0}" -gt "$LINES" ]; then + printf "AIDE has returned long output which has been truncated in this mail\n" | \ + frame >> "$MAILFILE" + printf >> "$MAILFILE" \ + "De-Noised output is %d lines, truncated to %d.\n" "$loglines" "$LINES" + < "$NOISETMP" head -n "$LINES" >> "$MAILFILE" + printf >> "$MAILFILE" "\nEnd of truncated De-Noised AIDE output. The full output can be found in %s.\nsha256sum: %s\n\n" "$LOGFILE" "$LOGFILE_CHECKSUM" + else + printf >> "$MAILFILE" "De-Noised output of the daily AIDE run (%d lines):\n" "$loglines" + < "$NOISETMP" cat >> "$MAILFILE" + printf >> "$MAILFILE" "\nEnd of De-Noised AIDE output.\n\n" + fi + else + printf >> "$MAILFILE" "AIDE detected no changes after removing noise.\n\n" + fi + printf >> "$MAILFILE" "============================================================================\n" + fi + + # include non-de-noised log into mail + + if [ -n "${MAILTMP:-}" ] && [ -s "$MAILTMP" ]; then + loglines="$(wc -l "$MAILTMP" | awk '{ print $1 }')" + if [ "$LINES" -gt "0" ] && [ "${loglines:=0}" -gt "$LINES" ]; then + printf "AIDE has returned long output which has been truncated in this mail\n" | \ + frame >> "$MAILFILE" + printf >> "$MAILFILE" \ + "Output is %d lines, truncated to %d.\n" "$loglines" "$LINES" + < "$MAILTMP" head -n "$LINES" >> "$MAILFILE" + printf >> "$MAILFILE" "\nEnd of truncated AIDE output. The full output can be found in %s.\nsha256sum: %s\n\n" "$LOGFILE" "$LOGFILE_CHECKSUM" + else + printf >> "$MAILFILE" "Output of the daily AIDE run (%d lines):\n" "$loglines" + < "$MAILTMP" cat >> "$MAILFILE" + if [ "$MAIL_MODE" -gt "0" ] ; then + case "$MAIL_MODE" in + 1) AIDE_OUTPUT="truncated" ;; + 2) AIDE_OUTPUT="filtered" ;; + 3) AIDE_OUTPUT="truncated and filtered" ;; + esac + printf >> "$MAILFILE" "\nEnd of %s AIDE output.\n\nThe full output can be found in %s.\nsha256sum: %s\n\n" "$AIDE_OUTPUT" "$LOGFILE" "$LOGFILE_CHECKSUM" + else + printf >> "$MAILFILE" "\nEnd of AIDE output.\n\n" + fi + fi + else + printf >> "$MAILFILE" "AIDE detected no changes.\n\n" + fi + else + printf >> "$MAILFILE" "funny, AIDE did not leave a log.\n\n" + printf >> "$LOGFILE" "funny, AIDE did not leave a log.\n" + fi + + if [ -n "${DBCHECKLOG:-}" ] && [ -s "$DBCHECKLOG" ]; then + < "$DBCHECKLOG" cat >> "$MAILFILE" + printf >> "$MAILFILE" "\n" + fi + + printf >> "$MAILFILE" "End of AIDE daily cron job at %s, run time %d seconds\n" "$(date +"%Y-%m-%d %H:%M" -d@$ENDTIME)" "$(( $ENDTIME - $BEGINTIME ))" + + # send mail if changes or errors were detected or quiet reports not requested + if [ "$QUIETREPORTS" = "no" ] || [ "$ARETVAL" != "0" ] || [ $(< "$ERRORLOG" wc -l) -ne 0 ]; then + < "$MAILFILE" /usr/bin/mail -s "$MAILSUBJ" "$MAILTO" + fi + + # clean up temp files + rm -rf $TMPDIR + fi + + # clear lock + if [ -n "${LOCKED:-}" ] && command -v dotlockfile >/dev/null 2>&1; then + dotlockfile -u "$LOCKFILE" || true + fi + unset LOCKED + + return 0 +} + +BEGINTIME="$(date +%s)" + +if command -v dotlockfile >/dev/null 2>&1; then + if ! dotlockfile -p -l "$LOCKFILE"; then + onexit nolock + exit 1 + fi +else + PREERRLOG="no dotlockfile binary in path, not checking for already running aide cron job\n" +fi +LOCKED=yes + +# prepare temp dir +if [ -e "$TMPDIRIN" ]; then + if ! NEWNAME="$(mktemp -d $TMPBASE/cron.daily.old.XXXXXXXXXX)"; then + onexit cantmovetmp + exit 1 + fi + mv "$TMPDIRIN" "$NEWNAME" + unset NEWNAME + OLDTMPDIRFOUND="yes" +fi + +if ! mkdir -p $TMPDIRIN; then + onexit cantcreatetmp + exit 1 +fi + +# we can now directly use file names inside $TMPDIR: It is only +# writeable for us (umask 077), so we're safe against symlink attacks. +# We use invariant file names here since our work files need to be +# excluded from aide. +TMPDIR="$TMPDIRIN" + +# now, with $TMPDIR having been created, we can use onexit. + +# ERRORLOG: Error messages from script. Gets written to $LOGFILE first +ERRORLOG="$(mytempfile errorlog)" + +if [ -n "${PREERRORLOG:-}" ]; then + printf >> "$ERRORLOG" "$PREERRORLOG" +fi +unset PREERRORLOG + +# MAILFILE: Contents gets mailed. Built and handled from inside onexit() +MAILFILE="$(mytempfile mailfile)" + +# aide return value +ARETVAL=-1 + +if [ ! -f "$DATABASE" ]; then + printf >> "$ERRORLOG" "Fatal error: The AIDE database '%s' does not exist!\n" "$DATABASE" + printf >> "$ERRORLOG" "This may mean you haven't created it, or it may mean that someone has removed it.\n" + onexit fatal + exit 1 +fi + +# code + +# re-assign current time to be more accurate about aide's real start time +BEGINSTAMP="$(date +"%Y-%m-%d %H:%M:%S")" + +# ARUNLOG: standard output of aide run +ARUNLOG="$(mytempfile arunlog)" + +# AERRLOG: standard error of aide run +AERRLOG="$(mytempfile aerrlog)" + +printf "begin timestamp %s\n" "$BEGINSTAMP" >> "$ARUNLOG" + +aide.wrapper $AIDEARGS "--$COMMAND" >|"$ARUNLOG" 2>|"$AERRLOG" && ARETVAL="$?" +ARETVAL="$?" + +# POSTRUNLOG: summary of aide execution and cron job log +POSTRUNLOG="$(mytempfile postrunlog)" + +# DBCHECKLOG: Output of the database checksums +DBCHECKLOG="$(mytempfile dbchecklog)" + +# NOISETMP: completely de-noised log +# NOISETMP2: pre-filtered ARUNLOG, containing only changed, removed and added lines +NOISETMP="$(mytempfile noisetmp)" +NOISETMP2="$(mytempfile noisetmp2)" + +# find out checksums and other data for the database we were comparing against. + +DBCHECKDB="$(mytempfile dbcheckdb)" + +printf >> "$DBCHECKLOG" "The check was done against %s with the following characteristics:\n" "$DATABASE" + +DBCHECK_ATTRIBUTES="p+u+g+n+i+s+b+m+c+rmd160+haval+sha256+sha512+gost+crc32+tiger" +DBCHECK_SED_ATTRIBUTES="Size\|Bcount\|Mtime\|Ctime\|Inode\|RMD160\|TIGER\|SHA256\|SHA512\|CRC32\|HAVAL\|GOST" + +DBCHECKFILE="$DBCHECKDB" +DBCHECKOLD="$DATABASE" +DBCHECKNEW="$DBCHECKDB" +printf "database=file:%s\ndatabase_out=file:%s\n%s\$ $DBCHECK_ATTRIBUTES" \ + "${DBCHECKOLD}" "${DBCHECKNEW}" "${DBCHECKFILE}" | \ + aide --config=- --init > /dev/null +sed -i "s|^${DBCHECKFILE}[[:space:]]|${DATABASE} |" "$DBCHECKDB" +DBCHECKFILE="$DATABASE" +DBCHECKOLD="$DBCHECKDB" +DBCHECKNEW="$DBCHECKDB" + +printf "database=file:%s\ndatabase_out=file:%s\n%s\$ $DBCHECK_ATTRIBUTES" \ + "${DBCHECKOLD}" "${DBCHECKNEW}" "${DBCHECKFILE}" | \ + aide --config=- --check 2>/dev/null | \ + sed -n "/^ \($DBCHECK_SED_ATTRIBUTES\)/{s/\([^:]*\)[^,]*,[[:space:]]*\(.*\)/\1: \2/;p;}" \ + >> "$DBCHECKLOG" + +if [ "$COMMAND" = "update" ]; then + if [ ! -f "$DATABASE_OUT" ]; then + printf >> "$ERRORLOG" "Fatal error: The new AIDE database '%s' does not exist!\n" "$DATABASE_OUT" + printf >> "$ERRORLOG" "This may mean that the configuration file could not be parsed or it may mean that someone has removed it.\n" + onexit fatal + exit 1 + fi + printf >> "$DBCHECKLOG" "\nThe AIDE run created a new database %s with the following characteristics:\n" "$DATABASE_OUT" + + sed -i "s|^${DATABASE}[[:space:]]|${DATABASE_OUT} |" "$DBCHECKDB" + DBCHECKFILE="$DATABASE_OUT" + DBCHECKOLD="$DBCHECKDB" + DBCHECKNEW="$DBCHECKDB" + printf "database=file:%s\ndatabase_out=file:%s\n%s\$ $DBCHECK_ATTRIBUTES" \ + "${DBCHECKOLD}" "${DBCHECKNEW}" "${DBCHECKFILE}" | \ + aide --config=- --check 2>/dev/null | \ + sed -n "/^ \($DBCHECK_SED_ATTRIBUTES\)/{s/\([^:]*\)[^,]*,[[:space:]]*\(.*\)/\1: \2/;p;}" \ + >> "$DBCHECKLOG" +fi +rm -f "$DBCHECKDB" + +# find out whether we neeed to copy the new database over the old one + +COPYDB="0" +if [ "$COPYNEWDB" = "ifnochange" ] && [ "$ARETVAL" = "0" ]; then + COPYDB="1" + printf >> "$POSTRUNLOG" "no significant changes detected.\n" +fi + +if [ "$COPYNEWDB" = "yes" ]; then + COPYDB=1 +fi + +if [ "$COPYDB" = "1" ] && [ "$COMMAND" = "update" ]; then + cp -f "$DATABASE_OUT" "$DATABASE" + printf >> "$POSTRUNLOG" "output database %s was copied to %s as requested by cron job configuration\n" "$DATABASE_OUT" "$DATABASE" +fi + +onexit success + +# end of file --- aide-0.15.1.orig/debian/wrapper/aide.wrapper +++ aide-0.15.1/debian/wrapper/aide.wrapper @@ -0,0 +1,36 @@ +#!/bin/sh +# +# Perform update-aide.conf call before calling aide, since the autogenerated +# configuration is now the default config file + +PATH="/usr/sbin:/sbin:/usr/bin:/bin" +LOCKFILE="/var/run/aide.lock" + +if ! [ -x "/usr/bin/aide" ]; then + echo >&2 "no /usr/bin/aide found, check your dependencies" + exit 1 +fi + +if command -v dotlockfile >/dev/null 2>&1; then + if ! dotlockfile -p -l $LOCKFILE; then + echo >&2 "cannot obtain lock $LOCKFILE, stale lock?" + exit 1 + fi +else + echo >&2 "no dotlockfile binary in path, not checking for already running aide" +fi + +if echo "$@" | grep -q -- '--config'; then + echo >&2 "not updating aide configuration since manual config option was given" +else + update-aide.conf + CONFIG="--config /var/lib/aide/aide.conf.autogenerated" +fi +/usr/bin/aide $CONFIG "$@" +RET=$? + +if command -v dotlockfile >/dev/null 2>&1; then + dotlockfile -u $LOCKFILE +fi + +exit $RET --- aide-0.15.1.orig/debian/patches/00list +++ aide-0.15.1/debian/patches/00list @@ -0,0 +1,2 @@ +05-configure_32-bit_lfs_fix +10-manpages --- aide-0.15.1.orig/debian/patches/10-manpages.dpatch +++ aide-0.15.1/debian/patches/10-manpages.dpatch @@ -0,0 +1,58 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10-manpages.dpatch +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Description: Adjust manpages to fit debian specific configuration +## DP: Forwarded: no +## DP: Author: Marc Haber +## DP: Last-Update: 2010-02-15 +@DPATCH@ +diff -urNad trunk~/doc/aide.1.in trunk/doc/aide.1.in +--- trunk~/doc/aide.1.in 2006-11-30 20:38:16.000000000 +0100 ++++ trunk/doc/aide.1.in 2008-03-05 19:49:14.000000000 +0100 +@@ -73,19 +73,22 @@ + SIGTERM. Use SIGKILL to terminate. + .PP + .SH FILES +-.B @sysconfdir@/aide.conf ++.B /etc/aide/aide.conf + Default aide configuration file. +-.B @sysconfdir@/aide.db ++.B /etc/aide/aide.conf.d ++Config snippets which are automatically concatenated to the ++configuration file by update-aide.conf. This is a Debian extension. ++.B aide.db + Default aide database. +-.B @sysconfdir@/aide.db.new ++.B aide.db.new + Default aide output database. + .SH SEE ALSO + .BR aide.conf (5) + .BR http://www.cs.tut.fi/~rammer/aide/manual.html + .SH BUGS +-There are probably bugs in this release. Please report them +-at http://sourceforge.net/projects/aide . Bug fixes are more than welcome. +-Unified diffs are preferred. ++There are probably bugs in this release. Please report them at ++http://sourceforge.net/projects/aide and to the Debian BTS. Bug fixes ++are more than welcome. Unified diffs are preferred. + .SH DISCLAIMER + All trademarks are the property of their respective owners. + No animals were harmed while making this webpage or this piece of +diff -urNad trunk~/doc/aide.conf.5.in trunk/doc/aide.conf.5.in +--- trunk~/doc/aide.conf.5.in 2006-11-24 22:52:31.000000000 +0100 ++++ trunk/doc/aide.conf.5.in 2008-03-05 19:49:23.000000000 +0100 +@@ -30,11 +30,11 @@ + .IP "database" + The url from which database is read. There can only be one of these + lines. If there are multiple database lines then the first is used. +-The default value is "@prefix@/etc/aide.db". ++There is no valid default value in the Debian packages! + .IP "database_out" + The url to which the new database is written to. There can only be one + of these lines. If there are multiple database_out lines then the +-first is used. The default value is "@prefix@/etc/aide.db.new". ++first is used. There is no valid default value in the Debian packages! + .IP "database_new" + The url from which the other database for \-\-compare is read. + There is no default for this one. --- aide-0.15.1.orig/debian/patches/05-configure_32-bit_lfs_fix.dpatch +++ aide-0.15.1/debian/patches/05-configure_32-bit_lfs_fix.dpatch @@ -0,0 +1,24 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 05-configure_32-bit_lfs_fix.dpatch +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Description: Fix large file support on 32-bit systems +## DP: Forwarded: not-needed +## DP: Author: Hannes von Haugwitz +## DP: Applied-Upstream: 0.16a1, http://aide.git.sourceforge.net/git/gitweb.cgi?p=aide/aide;a=commit;h=92c7878 +## DP: Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615111 +## DP: Last-Update: 2011-03-11 + +@DPATCH@ +diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' aide~/configure aide/configure +--- aide~/configure 2011-03-11 06:23:39.000000000 +0000 ++++ aide/configure 2011-03-11 06:29:11.000000000 +0000 +@@ -6435,7 +6435,7 @@ + if test "x$ac_cv_func_lstat64" = x""yes; then : + ac_fn_c_check_func "$LINENO" "stat64" "ac_cv_func_stat64" + if test "x$ac_cv_func_stat64" = x""yes; then : +- AIDE_DEFS="$AIDE_DEFS -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS" ++ AIDE_DEFS="$AIDE_DEFS -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64" + AIDE_LSTAT_FUNC="lstat64" + compoptionstring="${compoptionstring}WITH_LSTAT64\\n" + AIDE_STAT_FUNC="stat64" --- aide-0.15.1.orig/debian/lintian/overrides/aide +++ aide-0.15.1/debian/lintian/overrides/aide @@ -0,0 +1,3 @@ +aide: statically-linked-binary usr/bin/aide +aide: embedded-library usr/bin/aide: zlib +aide: embedded-library usr/bin/aide: libm --- aide-0.15.1.orig/debian/lintian/overrides/aide-xen +++ aide-0.15.1/debian/lintian/overrides/aide-xen @@ -0,0 +1,3 @@ +aide-xen: statically-linked-binary usr/bin/aide +aide-xen: embedded-library usr/bin/aide: zlib +aide-xen: embedded-library usr/bin/aide: libm --- aide-0.15.1.orig/debian/lintian/overrides/aide-common +++ aide-0.15.1/debian/lintian/overrides/aide-common @@ -0,0 +1 @@ +aide-common: start-stop-daemon-in-maintainer-script --- aide-0.15.1.orig/debian/aide.settings.d/10_aide_sourceslist +++ aide-0.15.1/debian/aide.settings.d/10_aide_sourceslist @@ -0,0 +1,12 @@ +#!/bin/sh + +SOURCESLIST="" +if [ -e "/etc/apt/sources.list" ]; then + SOURCESLIST="/etc/apt/sources.list" +fi + +for file in /etc/apt/sources.list.d/*; do + if [ -e "$file" ]; then + SOURCESLIST="$SOURCESLIST $file" + fi +done --- aide-0.15.1.orig/debian/aide.settings.d/31_aide_apt_settings +++ aide-0.15.1/debian/aide.settings.d/31_aide_apt_settings @@ -0,0 +1,2 @@ +IGNORE_ARCHIVES="" +IGNORE_FRQCHG="" --- aide-0.15.1.orig/debian/aide.settings.d/31_aide_trac_settings +++ aide-0.15.1/debian/aide.settings.d/31_aide_trac_settings @@ -0,0 +1 @@ +REPOSITORIES="" --- aide-0.15.1.orig/debian/aide.settings.d/31_aide_svn-server_settings +++ aide-0.15.1/debian/aide.settings.d/31_aide_svn-server_settings @@ -0,0 +1 @@ +REPOSITORIES="" --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_apcupsd +++ aide-0.15.1/debian/aide.conf.d/31_aide_apcupsd @@ -0,0 +1,3 @@ +/var/log/apcupsd\.events$ Log +/@@{RUN}/apcupsd\.pid$ VarFile +/@@{RUNLOCK}/LCK\.\.$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_ntp-server +++ aide-0.15.1/debian/aide.conf.d/31_aide_ntp-server @@ -0,0 +1,6 @@ +/var/lib/ntp/ntp\.drift$ VarFile +/var/lib/ntp$ VarDir +!/var/log/ntpstats/peerstats(\.[0-9]{8})? LinkedLog +!/var/log/ntpstats/loopstats(\.[0-9]{8})? LinkedLog +/var/log/ntpstats$ VarDir +/@@{RUN}/ntpd\.pid$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_munin +++ aide-0.15.1/debian/aide.conf.d/31_aide_munin @@ -0,0 +1,25 @@ +/var/www/munin/index\.html$ VarFile +@@ifdef DNSDOMAINNAME +@@ifdef FQDN +/var/www/munin/@@{DNSDOMAINNAME}/(index\.html|@@{FQDN}(-.*)?\.(png|html))$ VarFile +/var/lib/munin/@@{DNSDOMAINNAME}/@@{FQDN}-.*\.rrd$ VarFile +/@@{RUN}/munin/munin-@@{DNSDOMAINNAME}-@@{FQDN}\.lock$ VarFile +@@endif +/var/www/munin/@@{DNSDOMAINNAME}/comparison-(month|day|year|week)\.html$ VarFile +@@endif +!/@@{RUN}/munin/munin-(update|datafile|graph|limits|html)\.lock$ +/var/lib/munin/(limits|datafiles|munin-(update|graph)\.stats)$ VarFile +!/var/lib/munin/munin-(update|graph)\.stats\.tmp$ +/var/lib/munin/plugin-state/(exim_mailstats(-(([0-9]|([1-9]|1[0-9]|2[0-4])[0-9]|25[0-5])\.){3}([0-9]|([1-9]|1[0-9]|2[0-4])[0-9]|25[0-5]))?|(smart-[sh]d[a-z]|munin-cupsys-pages)\.state)$ VarFile +/var/lib/munin/plugin-state/(postfix_mailvolume|_proc_net_tcp[6]?)$ VarFile +/var/lib/munin/datafile$ VarFile +/var/lib/munin$ VarDir +@@define LOGFILES (node|graph|update|html|limits) +/var/log/munin/munin-@@{LOGFILES}\.log$ Log +/var/log/munin/munin-@@{LOGFILES}\.log\.1\.gz$ LoSerMemberLog +/var/log/munin/munin-@@{LOGFILES}\.log\.[2-6]\.gz$ SerMemberLog +/var/log/munin/munin-@@{LOGFILES}\.log\.7\.gz$ HiSerMemberLog +/var/log/munin$ VarDir +!/@@{RUN}/munin/munin-server-socket\.[0-9]+$ +/@@{RUN}/munin/munin-node\.pid$ VarFile +/@@{RUN}/munin$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_php4 +++ aide-0.15.1/debian/aide.conf.d/31_aide_php4 @@ -0,0 +1 @@ +# this file can be removed --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_initscripts +++ aide-0.15.1/debian/aide.conf.d/31_aide_initscripts @@ -0,0 +1,9 @@ +/var/lib/urandom/random-seed$ VarFile +/var/lib/(urandom|initscripts)$ VarDir +/var/log/dmesg$ Log +/var/log/dmesg\.0$ LowLog +/var/log/dmesg\.1\.gz$ LoSerMemberLog +/var/log/dmesg\.[23]\.gz$ SerMemberLog +/var/log/dmesg\.4\.gz$ HiSerMemberLog +/var/log/fsck/check(root|fs)$ VarFile +/@@{RUN}/motd$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/70_aide_var +++ aide-0.15.1/debian/aide.conf.d/70_aide_var @@ -0,0 +1 @@ +/var/(backups|log|tmp)$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_slrn +++ aide-0.15.1/debian/aide.conf.d/31_aide_slrn @@ -0,0 +1 @@ +/var/lib/slrn/newsgroups\.dsc$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_postgresql +++ aide-0.15.1/debian/aide.conf.d/31_aide_postgresql @@ -0,0 +1,14 @@ +/var/log/postgresql/postgresql-[0-9]\.[0-9]-main\.log$ Log +/var/log/postgresql/postgresql-[0-9]\.[0-9]-main\.log\.1$ LowLog +/var/log/postgresql/postgresql-[0-9]\.[0-9]-main\.log\.2\.gz$ LoSerMemberLog +/var/log/postgresql/postgresql-[0-9]\.[0-9]-main\.log\.[3-9]\.gz$ SerMemberLog +/var/log/postgresql/postgresql-[0-9]\.[0-9]-main\.log\.10\.gz$ HiSerMemberLog +/var/log/postgresql$ VarDir + +/@@{RUN}/postgresql/[0-9]\.[0-9]-main\.pid$ VarFile +/@@{RUN}/postgresql$ VarDirInode + +@@define PORT 5432 +/@@{RUN}/postgresql/\.s\.PGSQL\.@@{PORT}(\.lock)?$ VarFile +/var/lib/postgresql/[0-9]\.[0-9]/main/global/pgstat\.stat$ VarFile +/var/lib/postgresql/[0-9]\.[0-9]/main/global$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_rngd +++ aide-0.15.1/debian/aide.conf.d/31_aide_rngd @@ -0,0 +1 @@ +/@@{RUN}/rngd\.pid$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_mlocate +++ aide-0.15.1/debian/aide.conf.d/31_aide_mlocate @@ -0,0 +1,2 @@ +/var/lib/mlocate/mlocate\.db$ VarFile +/var/lib/mlocate$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_network +++ aide-0.15.1/debian/aide.conf.d/31_aide_network @@ -0,0 +1 @@ +/@@{RUN}/network$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_x11-common +++ aide-0.15.1/debian/aide.conf.d/31_aide_x11-common @@ -0,0 +1 @@ +/tmp/\.(X11|ICE)-unix$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_mysql-server +++ aide-0.15.1/debian/aide.conf.d/31_aide_mysql-server @@ -0,0 +1,8 @@ +/var/lib/mysql$ VarDir +/var/lib/mysql/(ibdata1|ib_logfile0)$ VarFile +/var/log/mysql$ VarDir +/var/log/mysql/mysql-bin\.index$ VarFile +!/var/log/mysql/mysql-bin\.[0-9]{3}$ +!/var/log/mysql/mysql-bin\.[0-9]{6}$ +/@@{RUN}/mysqld/mysqld\.(sock|pid)$ VarFile +/@@{RUN}/mysqld$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_syslog +++ aide-0.15.1/debian/aide.conf.d/31_aide_syslog @@ -0,0 +1 @@ +# removed, Debian migrated to rsyslogd \ No newline at end of file --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_dovecot +++ aide-0.15.1/debian/aide.conf.d/31_aide_dovecot @@ -0,0 +1,5 @@ +/var/lib/dovecot/ssl-parameters\.dat$ VarFile +/var/lib/dovecot$ VarDir +/@@{RUN}/dovecot/(auth-worker\.[0-9]{4}|master\.pid)$ VarFile +/@@{RUN}/dovecot/login/(default|ssl-parameters\.dat)$ VarFile +/@@{RUN}/dovecot(/login)?$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_munin-nodes +++ aide-0.15.1/debian/aide.conf.d/31_aide_munin-nodes @@ -0,0 +1,23 @@ +#!/bin/sh +# +# generate aide exclude patterns for all nodes listed in $MUNINCONF + +MUNINCONF=/etc/munin/munin.conf + +[ -e $MUNINCONF ] || exit 0 + +HOSTS=$(grep '^\[[[:alnum:]:.]\+\]' $MUNINCONF | tr -d '[]') + +escape_dots() +{ + echo $1 | sed 's/\./\\\./g' +} + +for HOST in $HOSTS; do + DOMAIN=$(escape_dots ${HOST#*.}) + DHOST=$(escape_dots $HOST) + + echo "/var/www/munin/$DOMAIN/(index\.html|$DHOST(-.*)?\.(png|html))$ VarFile" + echo "/var/lib/munin/$DOMAIN/$DHOST-.*\.rrd$ VarFile" + echo "/@@{RUN}/munin/munin-(update|datafile|$DOMAIN-$DHOST|limits)\.lock$ VarFile" +done --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_utmp +++ aide-0.15.1/debian/aide.conf.d/31_aide_utmp @@ -0,0 +1 @@ +/@@{RUN}/utmp$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_console-log +++ aide-0.15.1/debian/aide.conf.d/31_aide_console-log @@ -0,0 +1,2 @@ +/@@{RUN}/console-log(/Debian-console-log)?$ VarFile +/@@{RUN}/console-log/Debian-console-log/(8-_-_var_-_log_-_exim4_-_mainlog|9-_-_var_-_log_-_syslog_-_syslog)$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_apt_stable +++ aide-0.15.1/debian/aide.conf.d/31_aide_apt_stable @@ -0,0 +1,2 @@ +# this has been replaced by the scripted rule file 31_aide_apt +# this file can be removed --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_acpid +++ aide-0.15.1/debian/aide.conf.d/31_aide_acpid @@ -0,0 +1,6 @@ +/var/log/acpid$ Log +/var/log/acpid\.1$ LowLog +/var/log/acpid\.2\.gz$ LoSerMemberLog +/var/log/acpid\.3\.gz$ SerMemberLog +/var/log/acpid\.4\.gz$ HiSerMemberLog +/@@{RUN}/acpid\.(socket|pid)$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_ifplugd +++ aide-0.15.1/debian/aide.conf.d/31_aide_ifplugd @@ -0,0 +1,2 @@ +@@define INTERFACES eth0 +/@@{RUN}/ifplugd\.@@{INTERFACES}\.pid$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_tiger +++ aide-0.15.1/debian/aide.conf.d/31_aide_tiger @@ -0,0 +1,15 @@ +@@define TIGER_LOGS (check_(accounts|group|netrc|passwdformat|passwd|perms|rhosts|system|aliases|exports|inetd|printcap|anonftp|path|crontabs|tcpd|services|ftpusers|umask|exrc|embedded|devices)|find_files) +/var/log/tiger/@@{TIGER_LOGS}\.out\.1$ LoSerMemberLog +/var/log/tiger/@@{TIGER_LOGS}\.out\.[2-9]$ SerMemberLog +/var/log/tiger/@@{TIGER_LOGS}\.out\.10$ HiSerMemberLog + +@@define TIGER_8LOGS (logfiles|rootkit|root|rootdir|runprocs|known) +/var/log/tiger/check_@@{TIGER_8LOGS}\.out\.[123]$ LoSerMemberLog +/var/log/tiger/check_@@{TIGER_8LOGS}\.out\.[4-7]$ SerMemberLog +/var/log/tiger/check_@@{TIGER_8LOGS}\.out\.(8|9|10)$ HiSerMemberLog + +/var/log/tiger/check_listeningprocs\.out\.([1-9]|10)$ FreqRotLog + +/var/log/tiger$ VarDir + +/var/lib/tiger/work$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_smokeping +++ aide-0.15.1/debian/aide.conf.d/31_aide_smokeping @@ -0,0 +1,18 @@ +#!/bin/bash + +if [ -d "/var/lib/smokeping" ]; then + find /var/lib/smokeping -type f -name '*.rrd' | \ + sed 's/^\(.*\)/\1$ VarFile/' +fi +if [ -d "/var/www/smokeping" ]; then + find /var/www/smokeping -type f -name '*.png' | \ + sed 's/^\(.*\)/\1$ VarFile/' + find /var/www/smokeping -type f -name '*.maxhight' | \ + sed 's/^\(.*\)/\1$ VarFile/' +fi + +cat < run +@@ifndef RUN +@@define RUN run +@@endif +# var/lock -> run/lock +@@ifndef RUNLOCK +@@define RUNLOCK run/lock +@@endif +# lib/init/rw -> run +@@ifndef LIBINITRW +@@define LIBINITRW run +@@endif + + +# Please note: mind the trailing slash after transition +# dev/\. -> run/ +@@ifndef DEVDOT +@@define DEVDOT run/ +@@endif --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_exim4 +++ aide-0.15.1/debian/aide.conf.d/31_aide_exim4 @@ -0,0 +1,11 @@ +/var/spool/exim4/gnutls-params$ VarFile +/var/spool/exim4/db/(wait-remote_smtp(_smarthost)?|retry|callout)$ VarFile +!/var/spool/exim4/input/[a-zA-Z0-9]{6}-[a-zA-Z0-9]{6}-[a-zA-Z0-9]{2}-[DHJ]$ +!/var/spool/exim4/msglog/[a-zA-Z0-9]{6}-[a-zA-Z0-9]{6}-[a-zA-Z0-9]{2}$ +!/var/spool/exim4/gnutls-params$ +!/var/spool/exim4/.rnd$ +/var/spool/exim4(/(input|msglog|scan))?$ VarDir +/var/lib/exim4/config.autogenerated$ VarFile +/@@{RUN}/exim4/exim.pid$ VarFile +/var/lib/exim4$ VarDir +/@@{RUN}/exim4$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_openvpn +++ aide-0.15.1/debian/aide.conf.d/31_aide_openvpn @@ -0,0 +1 @@ +/@@{RUN}/openvpn\.client\.status$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_mdadm +++ aide-0.15.1/debian/aide.conf.d/31_aide_mdadm @@ -0,0 +1,3 @@ +/@@{RUN}/mdadm/monitor\.pid$ VarFile +/run/mdadm/md[0-9]+-uevent$ VarInode +/@@{RUN}/mdadm$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_sudo +++ aide-0.15.1/debian/aide.conf.d/31_aide_sudo @@ -0,0 +1 @@ +/@@{RUN}/sudo/[a-z0-9]+$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_logcheck +++ aide-0.15.1/debian/aide.conf.d/31_aide_logcheck @@ -0,0 +1,3 @@ +/var/lib/logcheck/offset\.var\.log\.(syslog|auth\.log)$ VarFile +/var/lib/logcheck$ VarDir +/@@{RUNLOCK}/logcheck$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_nagios2 +++ aide-0.15.1/debian/aide.conf.d/31_aide_nagios2 @@ -0,0 +1,10 @@ +/var/cache/nagios2/(objects\.cache|status\.dat)$ VarFile +/var/lib/nagios2/(comments|retention)\.dat$ VarFile +/var/lib/nagios2/rw/nagios\.cmd$ VarFile +/var/lib/nagios2/rw$ VarDir +/var/log/nagios2/nagios\.log$ LowLog +/var/log/nagios2/archives/nagios-[01][0-9]-[0123][0-9]-@@{YEAR4D}-00\.log$ SerMemberDELog +/@@{RUN}/nagios2/nagios2\.pid$ VarFile +/var/(cache|lib|log)/nagios2$ VarDir +/@@{RUN}/nagios2$ VarDirInode +/var/log/nagios2/archives$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_inetd +++ aide-0.15.1/debian/aide.conf.d/31_aide_inetd @@ -0,0 +1 @@ +/@@{RUN}/inetd\.pid$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_apache2 +++ aide-0.15.1/debian/aide.conf.d/31_aide_apache2 @@ -0,0 +1,15 @@ +@@ifdef APACHE2_SUEXEC +@@define APACHE2_LOGS (access|error|suexec) +@@else +@@define APACHE2_LOGS (access|error) +@@endif +/var/log/apache2/@@{APACHE2_LOGS}\.log$ Log +/var/log/apache2/@@{APACHE2_LOGS}\.log\.1$ LowLog +/var/log/apache2/@@{APACHE2_LOGS}\.log\.2\.gz$ LoSerMemberLog +/var/log/apache2/@@{APACHE2_LOGS}\.log\.([3-9]|[1-4][0-9]|5[0-1])\.gz$ SerMemberLog +/var/log/apache2/@@{APACHE2_LOGS}\.log\.52\.gz$ HiSerMemberLog + +/@@{RUN}/apache2\.pid$ VarFile +/@@{RUN}/apache2/ssl_scache$ VarFile +/var/log/apache2$ VarDir +/@@{RUN}/apache2$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_clamav-data +++ aide-0.15.1/debian/aide.conf.d/31_aide_clamav-data @@ -0,0 +1,9 @@ +/etc/cron\.daily$ VarDir +!/usr/share/doc/clamav-data/(README\.Debian|copyright|changelog\.gz)$ +/usr/share/doc/clamav-data$ VarDir +!/var/lib/dpkg/info/clamav-data\.(config|list|post(inst|rm)|templates|conffiles|md5sums)$ +/var/lib/clamav/(daily|main)\.c[vl]d$ VarFile +/var/lib/clamav$ VarDir +/var/lib/clamav-data/warn-on-old-databases$ VarFile +/var/lib/clamav-data$ VarDir +/var/cache/apt/archives/clamav-data_[0-9]{8}\.[0-9]{6}\.[0-9]{4}_all\.deb$ VarFile+ANF+ARF --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_svn-server +++ aide-0.15.1/debian/aide.conf.d/31_aide_svn-server @@ -0,0 +1,15 @@ +#!/bin/bash + +REPOSITORIES="" + +if [ -r "$UPAC_settingsd/31_aide_svn-server_settings" ]; then + # pull in configuration + . "$UPAC_settingsd/31_aide_svn-server_settings" +fi + +for svnpath in $REPOSITORIES; do + [ -d $svnpath ] || exit 1 + echo ${svnpath//\./\\\.}"db/(txn-)?current$ VarFile" + echo ${svnpath//\./\\\.}"db/rev(prop)?s/0/[0-9]+$ Full+ANF" + echo ${svnpath//\./\\\.}"(db(/(txn-protorevs|transactions|rev(prop)?s/0))?|dav/activities\.d)$ VarDir" +done --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_apt +++ aide-0.15.1/debian/aide.conf.d/31_aide_apt @@ -0,0 +1,71 @@ +#!/bin/bash + +. "$UPAC_settingsd/10_aide_sourceslist" +VARDIR="/var/lib/apt" +LISTSDIR="$VARDIR/lists" +CACHEDIR="/var/cache/apt" +ARCHIVESDIR="$CACHEDIR/archives" +LOGDIR="/var/log/apt" +IGNORE_ARCHIVES="" +IGNORE_FRQCHG="" +APT_VERS="" + +if [ -x "$UPAC_confd/31_local_apt_settings" ]; then + . "$UPAC_confd/31_local_apt_settings" + echo "WARNING: usage of $UPAC_confd/31_local_apt_settings is deprecated, please use $UPAC_settingsd/31_aide_apt_settings" >&2 +elif [ -r "$UPAC_settingsd/31_aide_apt_settings" ]; then + # pull in configuration + . "$UPAC_settingsd/31_aide_apt_settings" +fi + +cat $SOURCESLIST | sed 's/ #.*$//' | while read deb uri dist comp; do + PROTOCOL="$(echo $uri | sed 's|\([^:]\+\).*|\1|')" + if [ "$PROTOCOL" = "http" ] || [ "$PROTOCOL" = "ftp" ]; then + HOST="$(echo $uri | sed 's|.*//\([^/[:space:]]\+\).*|\1|')" + HOSTPATH="$(echo $uri | sed 's|.*//[^/[:space:]]\+/\?||;s|/$||;s|/|_|g;s|^\(.\+\)$|_\1|')" + dist="${dist//\//_}" + if [ -n "$DEBUG" ]; then + echo "uri $uri" + echo "HOST $HOST" + echo "HOSTPATH $HOSTPATH" + fi + if [ "$deb" = "deb" ]; then + for c in $comp; do + echo "$LISTSDIR/${HOST}${HOSTPATH}_dists_${dist}_${c}_binary-@@{ARCH}_Packages(\.IndexDiff)?$ VarFile" + echo "$LISTSDIR/${HOST}${HOSTPATH}_dists_${dist}_Release(\.gpg)?$ VarFile" + done + echo "!${LISTSDIR}/partial/${HOST}${HOSTPATH}_dists_${dist}_Release\.gpg\.reverify$" + elif [ "$deb" = "deb-src" ]; then + for c in $comp; do + echo "$LISTSDIR/${HOST}${HOSTPATH}_dists_${dist}_${c}_source_(Sources|Release)$ VarFile" + echo "$LISTSDIR/${HOST}${HOSTPATH}_dists_${dist}_${c}_source_Sources(\.IndexDiff)?$ VarFile" + echo "$LISTSDIR/${HOST}${HOSTPATH}_dists_${dist}_Release(\.gpg)?$ VarFile" + done + fi + else + : # other protocols are not supported. If you feel like they should + : # please give a good reason and probably a patch. + fi + echo -e "\n\n" +done + +echo "${LISTSDIR}(/partial)?$ VarDir" +echo "${LISTSDIR}/lock$ VarFile" +echo "${VARDIR}/extended_states$ VarFile" +echo "${VARDIR}$ VarDir" +echo "${LOGDIR}/term\.log$ Log" + +echo "/var/backups/apt\.extended_states\.0$ LowLog" +echo "/var/backups/apt\.extended_states\.1\.gz$ LoSerMemberLog" +echo "/var/backups/apt\.extended_states\.[2345]\.gz$ SerMemberLog" +echo "/var/backups/apt\.extended_states\.6\.gz$ HiSerMemberLog" + +if [ "$IGNORE_ARCHIVES" = "yes" ]; then + echo "!$ARCHIVESDIR/[-a-zA-Z0-9%\.~_+]+_(@@{ARCH}|all)\.deb$" +fi + +if [ "$IGNORE_FRQCHG" = "yes" ]; then + echo "$ARCHIVESDIR(/partial|/lock)?$ VarDir" + echo "$CACHEDIR/(src)?pkgcache\.bin$ VarFile" + echo "$CACHEDIR$ VarDir" +fi --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_fcron +++ aide-0.15.1/debian/aide.conf.d/31_aide_fcron @@ -0,0 +1,3 @@ +/@@{RUN}/fcron\.(pid|fifo)$ VarFile +/var/spool/fcron/systab$ VarFile +/var/spool/fcron$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_amanda-client +++ aide-0.15.1/debian/aide.conf.d/31_aide_amanda-client @@ -0,0 +1,9 @@ +@@define AMANDALOG var/log/amanda + +/var/lib/dumpdates$ VarFile +!/@@{AMANDALOG}/amandad/amandad\.@@{YEAR4D}[0-9]{10}\.debug$ +/@@{AMANDALOG}/(amandad|client)$ VarDir +@@ifdef AMANDABACKUPSET +/@@{AMANDALOG}/client/@@{AMANDABACKUPSET}$ VarDir +@@endif +!/@@{AMANDALOG}/client/[^/]+/(sendsize|killpgrp|sendbackup|selfcheck)\.@@{YEAR4D}[0-9]{10}\.debug$ --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_modules +++ aide-0.15.1/debian/aide.conf.d/31_aide_modules @@ -0,0 +1 @@ +/lib/modules/[-0-9\.]*/modules\.dep$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_lvm2 +++ aide-0.15.1/debian/aide.conf.d/31_aide_lvm2 @@ -0,0 +1,3 @@ +/etc/lvm/cache/\.cache$ VarInode +/etc/lvm/cache$ VarDir +/@@{RUNLOCK}/lvm$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_lighttpd +++ aide-0.15.1/debian/aide.conf.d/31_aide_lighttpd @@ -0,0 +1,10 @@ +@@define LIGHTTP_LOGS (access|error) +/var/log/lighttpd/@@{LIGHTTP_LOGS}\.log$ Log +/var/log/lighttpd/@@{LIGHTTP_LOGS}\.log\.1\.gz$ LoSerMemberLog +/var/log/lighttpd/@@{LIGHTTP_LOGS}\.log\.([2-9]|10|11)\.gz$ SerMemberLog +/var/log/lighttpd/@@{LIGHTTP_LOGS}\.log\.12\.gz$ HiSerMemberLog + +/@@{RUN}/lighttpd\.pid$ VarFile +/@@{RUN}/lighttpd$ VarDirInode + +/tmp/php\.socket-[0-9]$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_inn2 +++ aide-0.15.1/debian/aide.conf.d/31_aide_inn2 @@ -0,0 +1,25 @@ +@@define NEWSLOGS (errlog|expire\.log|news(\.crit|\.err|\.notice)?|rc\.news|sendsys\.log|unwanted\.log|inn_status\.html|innfeed\.status|expire\.(lastlowmark|list)) +@@define OLDLOGS (active|errlog|expire\.log|news(\.crit|\.err|\.notice)?|sendsys\.log|unwanted\.log) + +!/var/lib/news/history(\.(dir|hash|index))?$ +/var/lib/news/(active(\.old)?|newsgroups|\.news\.daily)$ VarFile + +!/var/spool/news/articles(/[-a-z0-9+]+)+$ VarDir +/var/spool/news/overview/group\.index$ VarFile +!/var/spool/news/overview(/[a-z0-9])+/[-\.a-z0-9+]+\.(IDX|DAT)$ +/var/spool/news/overview(/[a-z0-9])+$ VarDir +!/var/spool/news/articles/control/(newgroup|checkgroups|rmgroup)/[0-9]*$ +/var/spool/news/innfeed/@@{INN2_INNFEED_OUTFEEDS}\.(lock|output|input)$ VarFile +!/var/spool/news/innfeed/innfeed-dropped\.A[0-9]{6}$ +/var/spool/news/innfeed$ VarDir +/var/spool/news/incoming(/tmp)?$ VarDir + +/@@{RUN}/news/(control|(innd|innfeed|innwatch)\.pid|innwatch\.time|LOCK\.innwatch|nntpin)$ VarFile +/@@{RUN}/news$ VarDirInode + +/var/log/news/path/inpaths\.[0-9]{10}$ VarFile+ANF +/var/log/news/@@{NEWSLOGS}$ VarFile +/var/log/news/OLD/(expire\.log\.0|unwanted\.log)$ VarFile +/var/log/news/OLD/@@{OLDLOGS}\.1\.gz$ LoSerMemberLog +/var/log/news/OLD/@@{OLDLOGS}\.[0-9]+\.gz$ SerMemberLog +/var/log/news(/(path|OLD))?$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_pcscd +++ aide-0.15.1/debian/aide.conf.d/31_aide_pcscd @@ -0,0 +1,2 @@ +/@@{RUN}/pcscd/pcscd\.(pub|comm|pid)$ VarFile +/@@{RUN}/pcscd(/pcscd\.events)?$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_fail2ban +++ aide-0.15.1/debian/aide.conf.d/31_aide_fail2ban @@ -0,0 +1,7 @@ +/var/log/fail2ban\.log$ Log +/var/log/fail2ban\.log\.1$ LowLog +/var/log/fail2ban\.log\.2\.gz$ LoSerMemberLog +/var/log/fail2ban\.log\.3\.gz$ SerMemberLog +/var/log/fail2ban\.log\.4\.gz$ HiSerMemberLog +/@@{RUN}/fail2ban/fail2ban\.(sock|pid)$ VarFile +/@@{RUN}/fail2ban$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_apt_frqchg +++ aide-0.15.1/debian/aide.conf.d/31_aide_apt_frqchg @@ -0,0 +1,2 @@ +# this has been replaced by the scripted rule file 31_aide_apt +# this file can be removed --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_gpg +++ aide-0.15.1/debian/aide.conf.d/31_aide_gpg @@ -0,0 +1 @@ +/root/.gnupg/random_seed$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_checksecurity +++ aide-0.15.1/debian/aide.conf.d/31_aide_checksecurity @@ -0,0 +1,6 @@ +/var/log/setuid/setuid.changes$ Log +/var/log/setuid/setuid.changes\.1$ LoSerMemberLog +/var/log/setuid/setuid.changes\.[2-9]$ SerMemberLog +/var/log/setuid/setuid.changes\.10$ HiSerMemberLog +/var/log/setuid/setuid.(today|yesterday)$ VarFile +/var/log/setuid$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_nslcd +++ aide-0.15.1/debian/aide.conf.d/31_aide_nslcd @@ -0,0 +1,2 @@ +/@@{RUN}/nslcd/(socket|nslcd\.pid)$ VarFile +/@@{RUN}/nslcd$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_apt_unstable +++ aide-0.15.1/debian/aide.conf.d/31_aide_apt_unstable @@ -0,0 +1,2 @@ +# this has been replaced by the scripted rule file 31_aide_apt +# this file can be removed --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_apt-listchanges +++ aide-0.15.1/debian/aide.conf.d/31_aide_apt-listchanges @@ -0,0 +1 @@ +/var/lib/apt/listchanges\.db$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_dhcp3-server +++ aide-0.15.1/debian/aide.conf.d/31_aide_dhcp3-server @@ -0,0 +1,2 @@ +/var/lib/dhcp3/dhcpd.leases~?$ VarFile +/var/lib/dhcp3$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_lastlog +++ aide-0.15.1/debian/aide.conf.d/31_aide_lastlog @@ -0,0 +1 @@ +/var/log/lastlog$ Log --- aide-0.15.1.orig/debian/aide.conf.d/70_aide_dev +++ aide-0.15.1/debian/aide.conf.d/70_aide_dev @@ -0,0 +1,4 @@ +!/dev/pts/[0-9]{1,2}$ +/dev/pts$ VarDir + +/dev RamdiskData --- aide-0.15.1.orig/debian/aide.conf.d/70_aide_etc +++ aide-0.15.1/debian/aide.conf.d/70_aide_etc @@ -0,0 +1 @@ +/etc$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_xfree86-common +++ aide-0.15.1/debian/aide.conf.d/31_aide_xfree86-common @@ -0,0 +1 @@ +# removed, replaced by 31_aide_x11-common --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_nagios3 +++ aide-0.15.1/debian/aide.conf.d/31_aide_nagios3 @@ -0,0 +1,15 @@ +!/var/lib/nagios3/spool/checkresults/[a-zA-Z0-9]{7}(\.ok)?$ +/var/lib/nagios3/spool/checkresults$ VarDir +/var/lib/nagios3/retention\.dat$ VarFile +/var/lib/nagios3$ VarDir + +/var/log/nagios3/archives/nagios-[0-9]{2}-[0-9]{2}-[0-9]{4}-[0-9]{2}\.log$ LoSerMemberLog +/var/log/nagios3/archives$ VarDir +/var/log/nagios3/nagios\.log$ LowLog +/var/log/nagios3$ VarDir + +/var/cache/nagios3/(status\.dat|objects\.cache)$ VarFile +/var/cache/nagios3$ VarDir + +/@@{RUN}/nagios3/nagios3\.pid$ VarFile +/@@{RUN}/nagios3$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_aptitude +++ aide-0.15.1/debian/aide.conf.d/31_aide_aptitude @@ -0,0 +1,13 @@ +/var/log/aptitude$ Log +/var/log/aptitude\.1\.gz$ LoSerMemberLog +/var/log/aptitude\.[2-5]\.gz$ SerMemberLog +/var/log/aptitude\.6\.gz$ HiSerMemberLog +/var/backups/aptitude\.pkgstates\.0$ LowLog +/var/backups/aptitude\.pkgstates\.1\.gz$ LoSerMemberLog +/var/backups/aptitude\.pkgstates\.[2345]\.gz$ SerMemberLog +/var/backups/aptitude\.pkgstates\.6\.gz$ HiSerMemberLog +/var/lib/aptitude/pkgstates(\.old)?$ VarFile +/var/lib/aptitude$ VarDir +!/@@{RUNLOCK}/aptitude$ +/root/\.(aptitude|debtags)$ VarDir +/root/\.aptitude/config$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_mtab +++ aide-0.15.1/debian/aide.conf.d/31_aide_mtab @@ -0,0 +1 @@ +/etc/mtab$ n+p+u --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_cron-apt +++ aide-0.15.1/debian/aide.conf.d/31_aide_cron-apt @@ -0,0 +1,10 @@ +/var/lib/cron-apt/_-_etc_-_cron-apt_-_config/mailchanges/(0-update-update_-o_quiet=2|3-download-dist-upgrade_-d_-y_-o_APT::Get::Show-Upgraded=true|3-download-autoclean_-y)$ VarFile +!/var/lib/cron-apt/lockfile$ +/var/lib/cron-apt$ VarDir +!/tmp/cron-apt\.[a-zA-Z0-9]{6}$ +!/tmp/cron-apt\.[a-zA-Z0-9]{6}/initlog$ +/var/log/cron-apt/log$ Log +/var/log/cron-apt/log\.1\.gz$ LoSerMemberLog +/var/log/cron-apt/log\.[23]\.gz$ SerMemberLog +/var/log/cron-apt/log\.4\.gz$ HiSerMemberLog +/var/log/cron-apt$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/10_aide_year +++ aide-0.15.1/debian/aide.conf.d/10_aide_year @@ -0,0 +1,3 @@ +#!/bin/sh + +echo "@@define YEAR4D $(date +%Y)" --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_trac +++ aide-0.15.1/debian/aide.conf.d/31_aide_trac @@ -0,0 +1,14 @@ +#!/bin/bash + +REPOSITORIES="" + +if [ -r "$UPAC_settingsd/31_aide_trac_settings" ]; then + # pull in configuration + . "$UPAC_settingsd/31_aide_trac_settings" +fi + +for tracpath in $REPOSITORIES; do + [ -d $tracpath ] || exit 1 + echo ${tracpath//\./\\\.}"db/trac\.db$ VarFile" + echo ${tracpath//\./\\\.}"db$ VarDir" +done --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_root-dotfiles +++ aide-0.15.1/debian/aide.conf.d/31_aide_root-dotfiles @@ -0,0 +1,4 @@ +#/root/\.bash_history$ VarFile +#/root/\.lesshst$ VarFile +#/root/\.viminfo$ VarFile +#/root$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_at +++ aide-0.15.1/debian/aide.conf.d/31_aide_at @@ -0,0 +1,2 @@ +/var/spool/cron/at(spool|jobs)$ VarDir +/@@{RUN}/atd\.pid$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_findutils +++ aide-0.15.1/debian/aide.conf.d/31_aide_findutils @@ -0,0 +1,2 @@ +/var/cache/locate/locatedb$ VarFile +/var/cache/locate$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_samba +++ aide-0.15.1/debian/aide.conf.d/31_aide_samba @@ -0,0 +1,23 @@ +/etc/samba/passdb\.tdb$ VarFile + +/var/log/samba/log\.(smbd|nmbd)$ Log +/var/log/samba/log\.(smbd|nmbd)\.1\.gz$ LoSerMemberLog +/var/log/samba/log\.(smbd|nmbd)\.[2-6]\.gz$ SerMemberLog +/var/log/samba/log\.(smbd|nmbd)\.7\.gz$ HiSerMemberLog + +/var/log/samba/log\.[[:alnum:]._]+$ FreqRotLog +/var/log/samba/log\.[[:alnum:]._]+\.old$ LowLog + +/var/log/samba/cores/[sn]mbd$ VarDir + +/@@{RUN}/samba/[sn]mbd\.pid$ VarFile +/@@{RUN}/samba/(messages|wins|sessionid|connections|brlock|locking|notify|unexpected)\.tdb$ VarFile +/@@{RUN}/samba/gencache\.tdb$ VarInode +!/@@{RUN}/samba/namelist\.debug$ + +/var/cache/samba/browse\.dat$ VarFile + +/var/lib/samba/(wins\.dat|(group_mapping\.l|(registry|ntprinters|schannel_store)\.t)db)$ VarFile + +/var/(log|cache|lib)/samba$ VarDir +/@@{RUN}/samba$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_ippl +++ aide-0.15.1/debian/aide.conf.d/31_aide_ippl @@ -0,0 +1,2 @@ +/@@{RUN}/ippl/ippl.(pid|conf)$ VarFile +/@@{RUN}/ippl$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_laptop-mode-tools +++ aide-0.15.1/debian/aide.conf.d/31_aide_laptop-mode-tools @@ -0,0 +1,2 @@ +/@@{RUN}/laptop-mode-tools/(state|enabled|start-stop-undo-actions)$ VarFile +/@@{RUN}/laptop-mode-tools$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_lib-init-rw +++ aide-0.15.1/debian/aide.conf.d/31_aide_lib-init-rw @@ -0,0 +1 @@ +# removed, Debian migrated to /run --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_privoxy +++ aide-0.15.1/debian/aide.conf.d/31_aide_privoxy @@ -0,0 +1 @@ +/var/log/privoxy/logfile$ Log --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_rkhunter +++ aide-0.15.1/debian/aide.conf.d/31_aide_rkhunter @@ -0,0 +1,6 @@ +/var/lib/rkhunter/db/(mirrors|rkhunter_prop_list)\.dat$ VarTime +/var/lib/rkhunter/db/rkhunter\.dat(\.old)?$ InodeData +/var/lib/rkhunter/tmp/(group|passwd)$ VarFile +/var/lib/rkhunter/(db|tmp)$ VarDir +/var/log/rkhunter\.log$ Log +/var/log/rkhunter\.log\.old$ LowLog --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_proftpd +++ aide-0.15.1/debian/aide.conf.d/31_aide_proftpd @@ -0,0 +1,5 @@ +/var/log/proftpd/proftpd(_(access|auth|xfer))?\.log$ Log +/@@{RUN}/proftpd/proftpd\.(delay|pid|scoreboard)$ VarFile +/var/log/proftpd$ VarDir +/@@{RUN}/proftpd$ VarDirInode + --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_anacron +++ aide-0.15.1/debian/aide.conf.d/31_aide_anacron @@ -0,0 +1 @@ +/var/spool/anacron/cron\.(monthly|weekly|daily)$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_x11-xkb-utils +++ aide-0.15.1/debian/aide.conf.d/31_aide_x11-xkb-utils @@ -0,0 +1 @@ +/var/lib/xkb$ VarDirTime --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_ifupdown +++ aide-0.15.1/debian/aide.conf.d/31_aide_ifupdown @@ -0,0 +1,20 @@ +#!/bin/bash + +# This file by default acts for Debian etch, where the ifstate file +# is in /etc/network/run/ifstate. Set DISTRIBUTION="sarge" for sarge systems +# with ifstate file at /etc/network/ifstate. +DISTRIBUTION="" +IFSTATE="/etc/network/run/ifstate" + +if [ "$DISTRIBUTION" = "sarge" ]; then + IFSTATE="/etc/network/ifstate" +fi + +if [ -h "$IFSTATE" ]; then + IFSTATE="$(readlink --canonicalize /etc/network/run/ifstate)" +fi + +if [ -f "$IFSTATE" ]; then + echo "${IFSTATE}$ VarFile" + echo "$(dirname $IFSTATE)$ VarDir" +fi --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_exim4_logs +++ aide-0.15.1/debian/aide.conf.d/31_aide_exim4_logs @@ -0,0 +1,10 @@ +# if your host frequently produces paniclog entries (this happens if +# spam or virus scanners are in use), set +# @@define EXIM4_LOGS (main|reject|panic) +@@define EXIM4_LOGS (main|reject) +/var/log/exim4/@@{EXIM4_LOGS}log$ Log +/var/log/exim4/@@{EXIM4_LOGS}log\.1$ LowLog +/var/log/exim4/@@{EXIM4_LOGS}log\.2\.gz$ LoSerMemberLog +/var/log/exim4/@@{EXIM4_LOGS}log\.[3-9]\.gz$ SerMemberLog +/var/log/exim4/@@{EXIM4_LOGS}log\.10\.gz$ HiSerMemberLog +/var/log/exim4$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/30_aide_bind9 +++ aide-0.15.1/debian/aide.conf.d/30_aide_bind9 @@ -0,0 +1,19 @@ +#! /bin/bash +# this script automatically sets the BINDCHROOT variable to the +# directory that bind chroots to via configuration in +# /etc/default/bind9. This is only going to work if your /etc/default/bind9 +# is not too modified. +# +# If you want to use this magic, just uncomment it. +# You can also manually set the chroot directory in a non-executable +# file: @@define BINDCHROOT /var/cache/bind + +# # Automagically extract chroot directory +# . /etc/default/bind9 +# set $OPTIONS +# for i in $@;do +# if [ "$1" == "-t" ] +# then echo "@@define BINDCHROOT $2"; break +# else shift +# fi +# done --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_aide +++ aide-0.15.1/debian/aide.conf.d/31_aide_aide @@ -0,0 +1,13 @@ +/var/lib/aide/aide\.db(\.new)?$ VarFile +!/var/lib/aide/aide\.conf\.autogenerated$ +/var/lib/aide$ VarDir +/var/log/aide/aide\.log(\.0)?$ LowLog +/var/log/aide/aide\.log\.1\.gz$ LoSerMemberLog +/var/log/aide/aide\.log\.[2-5]\.gz$ SerMemberLog +/var/log/aide/aide\.log\.6\.gz$ HiSerMemberLog +/var/log/aide$ VarDir +!/@@{RUN}/aide$ +!/@@{RUN}/aide\.lock$ +!/@@{RUN}/aide/cron\.daily\.lock$ +!/@@{RUN}/aide/cron\.daily$ +!/@@{RUN}/aide/cron\.daily/((error|a(run|err))log|mailfile)$ --- aide-0.15.1.orig/debian/aide.conf.d/10_aide_hostname +++ aide-0.15.1/debian/aide.conf.d/10_aide_hostname @@ -0,0 +1,19 @@ +#!/bin/sh + +escapere() +{ + sed 's/\./\\./g' +} + +if [ -n "$(hostname --fqdn)" ]; then + echo "@@define FQDN $(hostname --fqdn | escapere)" +fi +if [ -n "$(hostname)" ]; then + echo "@@define HOSTNAME $(hostname | escapere)" +fi +if [ -n "$(dnsdomainname)" ]; then + echo "@@define DNSDOMAINNAME $(dnsdomainname | escapere)" +fi +if [ -n "$(dpkg --print-architecture)" ]; then + echo "@@define ARCH $(dpkg --print-architecture)" +fi --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_ssh-server +++ aide-0.15.1/debian/aide.conf.d/31_aide_ssh-server @@ -0,0 +1 @@ +/@@{RUN}/sshd.pid$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_nfs +++ aide-0.15.1/debian/aide.conf.d/31_aide_nfs @@ -0,0 +1,8 @@ +/@@{RUN}/(rpc\.statd|sm-notify)\.pid$ VarFile +/var/lib/nfs/state$ VarFile +/var/lib/nfs/etab$ VarInode +/var/lib/nfs/rpc_pipefs/nfs/clnt[0-9]/(info|krb5|idmap)$ VarTime +/var/lib/nfs/rpc_pipefs/nfs/clnt[0-9]$ VarDir +/var/lib/nfs/rpc_pipefs/(statd|portmap|nfs|mount|lockd)$ VarDir +/var/lib/nfs/rpc_pipefs$ VarDirInode +/var/lib/nfs(/v4recovery)?$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_pm-utils +++ aide-0.15.1/debian/aide.conf.d/31_aide_pm-utils @@ -0,0 +1 @@ +/@@{RUN}/pm-utils/(pm-(suspend|powersave)(/storage)?|locks)$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/99_aide_root +++ aide-0.15.1/debian/aide.conf.d/99_aide_root @@ -0,0 +1 @@ +/ Full --- aide-0.15.1.orig/debian/aide.conf.d/70_aide_proc_sys +++ aide-0.15.1/debian/aide.conf.d/70_aide_proc_sys @@ -0,0 +1,2 @@ +!/proc +!/sys --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_amavisd-new +++ aide-0.15.1/debian/aide.conf.d/31_aide_amavisd-new @@ -0,0 +1,9 @@ +/@@{RUN}/amavis/amavisd.lock$ VarFile +/var/lib/amavis/tmp$ VarDir +!/var/lib/amavis/tmp/amavis-[0-9]{8}T[0-9]{6}-[0-9]{5}$ +!/var/lib/amavis/tmp/amavis-[0-9]{8}T[0-9]{6}-[0-9]{5}/(email\.txt|parts)$ +/var/lib/amavis/db/__db.[0-9]{3} VarFile +/var/lib/amavis/db/(cache(-expiry)?|snmp|nanny)\.db$ VarFile +/var/lib/amavis/.spamassassin$ VarDir +/var/lib/amavis/.spamassassin/bayes_(toks|seen)$ VarFile +/var/lib/amavis/.spamassassin/auto-whitelist$ VarFile --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_squid +++ aide-0.15.1/debian/aide.conf.d/31_aide_squid @@ -0,0 +1,4 @@ +!/var/spool/squid/[0-9A-F]{2}/[0-9A-F]{2}/[0-9A-F]{8} +/var/spool/squid/(netdb_state|swap.state(.last-clean)?) VarFile +/var/spool/squid/[0-9A-F]{2}(/[0-9A-F]{2})?$ VarDir +/var/log/squid/(access|store)\.log$ Log --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_ssh-agent +++ aide-0.15.1/debian/aide.conf.d/31_aide_ssh-agent @@ -0,0 +1,2 @@ +!/tmp/ssh-[a-zA-Z0-9]{10}$ +!/tmp/ssh-[a-zA-Z0-9]{10}/agent.[0-9]{1,5}$ --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_hald +++ aide-0.15.1/debian/aide.conf.d/31_aide_hald @@ -0,0 +1,2 @@ +/@@{RUN}/hald/hald\.pid$ VarFile +/@@{RUN}/hald$ VarDirInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_portmap +++ aide-0.15.1/debian/aide.conf.d/31_aide_portmap @@ -0,0 +1,2 @@ +/@@{RUN}/portmap(\.pid|_mapping)$ VarFile +/@@{LIBINITRW}/sendsigs\.omit\.d/portmap$ VarInode --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_spamassassin +++ aide-0.15.1/debian/aide.conf.d/31_aide_spamassassin @@ -0,0 +1,6 @@ +/var/spool/spamassassin/bayes/(bayes_(journal|toks|seen)|auto-whitelist)$ VarFile +/var/spool/spamassassin/bayes$ VarDir +/@@{RUN}/spamd\.pid$ VarFile + +# enable this if you run automatic rule updates +# !/var/lib/spamassassin/3\.002001/updates_spamassassin_org/[0-9][0-9]_[a-z]\.cf$ --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_smartmontools +++ aide-0.15.1/debian/aide.conf.d/31_aide_smartmontools @@ -0,0 +1,4 @@ +/@@{RUN}/smartd\.pid$ VarFile +/var/lib/smartmontools/smartd\.[-_[:alnum:]]+\.ata\.state~?$ VarFile +/var/lib/smartmontools/attrlog\.[-_[:alnum:]]+\.ata\.csv$ VarFile +/var/lib/smartmontools$ VarDir --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_aptitude_frqchg +++ aide-0.15.1/debian/aide.conf.d/31_aide_aptitude_frqchg @@ -0,0 +1 @@ +# removed, rules are contained in 31_aide_aptitude --- aide-0.15.1.orig/debian/aide.conf.d/31_aide_torrus +++ aide-0.15.1/debian/aide.conf.d/31_aide_torrus @@ -0,0 +1,31 @@ +#!/bin/bash + +if ! [ -d /var/lib/torrus ]; then + exit 0 +fi + +find /var/lib/torrus/collector_rrd -name '*.rrd' | \ + sed 's/^\(.*\)/\1$ VarFile/' + +TORRUS_TREES="" + +for tree in $TORRUS_TREES; do + cat <