Context Navigation

Back to Ticket #43419

Ticket #43419: aide.conf

File aide.conf, 8.3 KB (added by jul_bsd@…, 10 years ago)

Line
1	# AIDE conf
2	# $Id: aide.conf 110 2006-04-22 15:58:58Z my-mac-user $
3	# customized linux debian conf for osx, macports
4
5	@@define MAILTO=my-mac-user
6	@@define LINES=500
7	## Not working line w var...
8	@@define USER=my-mac-user
9
10	database=file:/opt/local/var/lib/aide/aide.db
11	database_out=file:/opt/local/var/lib/aide/aide.db.new
12
13	# Change this to "no" or remove it to not gzip output
14	# (only useful on systems with few CPU cycles to spare)
15	gzip_dbout=yes
16
17	warn_dead_symlinks=no
18
19	summarize_changes=yes
20	grouped=yes
21
22	#Checksums = sha256+sha512+rmd160+haval+gost+crc32+tiger
23	Checksums = sha512+rmd160+haval
24	X=L-p-ftype-i-l-n-u-g
25	OwnerMode = p+u+g+ftype
26	Size = s+b
27	InodeData = OwnerMode+n+i+Size+l+X
28	StaticFile = m+c+Checksums
29	RamdiskData = InodeData-i
30	Full = InodeData+StaticFile
31	Binlib = Full
32	VarTime = InodeData+Checksums
33	VarInode = VarTime-i
34	VarFile = OwnerMode+n+l+X
35	VarDir = OwnerMode+n+i+X
36	ManPages = VarDir
37	StaticDir = VarDir
38	VarDirInode = OwnerMode+n+X
39	VarDirTime = InodeData
40	Log = OwnerMode+n+S+X
41	FreqRotLog = Log-S
42	LowLog = Log-S
43	SerMemberLog = Full+I
44	LoSerMemberLog = SerMemberLog+ANF
45	HiSerMemberLog = SerMemberLog+ARF
46	LowDELog = SerMemberLog+ANF+ARF
47	SerMemberDELog = Full+ANF
48	LinkedLog = Log-n
49
50	# Kernel, system map, etc.
51	#=/boot$ Binlib
52	# Binaries
53	/bin Binlib
54	/sbin Binlib
55	/usr/bin Binlib
56	/usr/sbin Binlib
57	/usr/local/bin Binlib
58	/usr/local/sbin Binlib
59	#/usr/games Binlib
60	# Libraries
61	#/lib Binlib
62	/usr/lib Binlib
63	/usr/local/lib Binlib
64	# Log files
65	/var/log$ StaticDir
66	#/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
67	#/var/log/aide/error.log(.[0-9])?(.gz)? Databases
68	#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
69	/var/log Log
70	# Devices
71	/dev RamdiskData
72	!/dev/fd
73	# Other miscellaneous files
74	/var/run$ StaticDir
75	#!/var/run
76	!/private/var/run
77	# Test only the directory when dealing with /proc
78	#/proc$ StaticDir
79	#!/proc
80
81	# You can look through these examples to get further ideas
82
83	# MD5 sum files - especially useful with debsums -g
84	#/var/lib/dpkg/info/([^\.]+).md5sums
85
86	# Check crontabs
87	#/var/spool/anacron/cron.daily Databases
88	#/var/spool/anacron/cron.monthly Databases
89	#/var/spool/anacron/cron.weekly Databases
90	#/var/spool/cron Databases
91	#/var/spool/cron/crontabs Databases
92
93	# manpages can be trojaned, especially depending on *roff implementation
94	#/usr/man ManPages
95	/usr/share/man ManPages
96	/usr/local/man ManPages
97
98	# docs
99	#/usr/doc ManPages
100	#/usr/share/doc ManPages
101
102	# check users' home directories
103	#/home Binlib
104
105	# check sources for modifications
106	#/usr/src L
107	#/usr/local/src L
108
109	# Check headers for same
110	#/usr/include L
111	#/usr/local/include L
112
113	/private Binlib
114	/private/etc$ VarDir
115	#/private/var/audit$ VarDir ## NOK
116	!/private/var/audit
117	#/private/var/folders$ VarDir
118	!/private/var/folders$
119	#/private/var/db/systemstats$ VarDir
120	!/private/var/db/systemstats$
121	!/private/var/db/BootCaches$
122	/private/var/db$ VarDir
123	/private/var/db/dhcpclient/leases$ VarDir
124	/private/var/db/crls$ VarDir
125	/private/var/spool$ VarDir
126	!/private/var/spool/cups
127	/private/var/vm$ VarDir
128	### 20140522 commenting /var/log and see...
129	#/private/var/log Log
130	#/private/var/log/*\.log Log
131	#/private/var/log/*\.log\.0\.gz LoSerMemberLog
132	#/private/var/log/*\.log\.[1-9]\.gz LoSerMemberLog
133	/private/var/tmp$ OwnerMode+i
134	!/private/var/tmp
135	#/private/tmp$ OwnerMode+i
136	#/private/tmp$ VarDir ## NOK
137	!/private/tmp
138	/private/var/tmp$ VarDir
139	/private/var/root/Library/Logs Log
140	/private/opt/tmp$ VarDir
141
142	### MacOS X specific stuff
143	/Applications Binlib
144	/System Binlib
145	/System/Library/Extensions Binlib
146	## normally root ca, but empty on my 10.9.2
147	/System/Library/OpenSSL/certs StaticDir
148	/Library Binlib
149	/Library/Logs Log
150	/Developer Binlib
151	/cores Binlib
152	=/Volumes StaticDir
153	/Users StaticDir
154	/Trash StaticDir
155	#/Library/Caches VarDir ## NOK
156	#/System/Library/Caches VarDir ## NOK
157	!/Library/Caches
158	!/System/Library/Caches
159
160	## Exclusion: too much auto-update
161	!/Applications/Extra/Communication/Google\ Chrome\ Canary.app/Contents
162
163	## Apple Malware definitions
164	/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.plist$ VarFile
165	/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist$ VarFile
166
167	## Startup items
168	/System/Library/LaunchDaemons VarDir
169	/System/Library/LaunchAgents VarDir
170	/Library/LaunchDaemons VarDir
171	/Library/LaunchAgents VarDir
172	/Library/Preferences/com.apple.loginwindow.plist VarFile
173	/System/Library/XPCServices VarDir
174
175	## Web Server
176	#/Library/WebServer/Documents
177
178	## specific files
179	/Library/Application\ Support/com.apple.TCC/TCC.db$ VarFile
180	/Library/Preferences/SystemConfiguration$ VarDir
181	/Library/Keychains$ VarDir
182
183	## User directories
184	#=/Users/*/Library/Caches$ VarDir
185	#!/Users/@@{USER}/Library/Caches$
186	#/Users/@@{USER}/Library/Caches$ VarDir ## NOK
187	#!/Users/@@{USER}/Library/Caches ## NOK
188	#!/Users/*/Library/Caches ## NOK
189	!/Users/my-mac-user/Library/Caches
190	!/Users/*/.Trash$
191	!/Users/my-mac-user/.Trash
192	!/Users/*/.macports$
193	#!/Users/*/Library/Application Support/MobileSync/Backup$ ## NOK
194	#!/Users/@@{USER}/Library/Application\ Support/MobileSync/Backup$ ## NOK
195	!/Users/my-mac-user/Library/Application\ Support/MobileSync/Backup
196	!/Users/my-mac-user/Library/Containers/com.twitter.TweetDeck/Data/Library/Caches
197	#=/Users/*/.cache$ VarDir NOK
198	=/Users/@@${USER}/.cache$ VarDir
199	/Users/*/Library/Cookies VarDir
200	/Users/*/Library/Preferences VarDir
201	/Users/*/Library/Logs Log
202	/Users//Library/Logs/.log Log
203	/Users//Library/Logs/.log.1 LowLog
204	#!/Users/@@{USER}/Music/iTunes/Album\ Artwork/Cache$
205	!/Users/@@{USER}/Music$
206	!/Users/@@{USER}/Pictures$
207	#/Users/@@{USER}/.macports/opt/local/var/macports/build$ VarDir ## NOK
208	#!/Users/@@{USER}/.macports/opt/local/var/macports/build ## NOK
209	!/Users/my-mac-user/.macports/opt/local/var/macports/build
210	#!/Users/@@{USER}/Library/Application Support/Google/Chrome Canary/Default/Local\ Storage
211	#!/Users/@@{USER}/Library/Application Support/Google/Chrome Canary/Default/Session\ Storage
212	#!/Users/@@{USER}/Library/Application Support/Google/Chrome Canary/Default/Pepper\ Data
213	#!/Users/@@{USER}/Library/Application Support/Kindle/Cache
214	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/Local\ Storage
215	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/Local\ Extension
216	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/Session\ Storage
217	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/Pepper\ Data
218	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/Extensions
219	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/Extension\ State
220	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/File\ System
221	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/IndexedDB
222	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/Web\ Applications
223	!/Users/my-mac-user/Library/Application\ Support/Google/Chrome\ Canary/Default/Applications\ Cache
224	!/Users/my-mac-user/Library/Application\ Support/Kindle/Cache
225	!/Users/my-mac-user/Library/Containers/com.apple.Preview/Data/Library/Application\ Support/Preview/SearchIndexes
226	!/Users/my-mac-user/Library/Containers/com.apple.Preview/Data/Library/Saved\ Application\ State
227	!/Users/my-mac-user/Library/Containers/com.apple.appstore/Data/Library/Caches
228	!/Users/my-mac-user/Library/Containers/com.apple.appstore/Data/Library/Saved\ Application\ State
229	!/Users/my-mac-user/Library/Saved\ Application\ State
230	!/Users/my-mac-user/Library/Calendars
231	!/Users/my-mac-user/.dropbox/l
232	!/Users/my-mac-user/.cache/fontconfig
233	!/Users/my-mac-user/.fontconfig
234	!/Users/my-mac-user/Library/Containers/com.blackpixel.netnewswire/Data/Library/Caches
235	!/Users/my-mac-user/Library/Containers/com.blackpixel.netnewswire/Data/Library/Application\ Support/NetNewsWire\ 4/OPML\ Backups
236	!/Users/my-mac-user/Library/Application\ Support/LibreOffice/4/user/temp
237	!/Users/my-mac-user/Library/Application\ Support/LibreOffice/4/user/uno_packages/cache
238	/Users/my-mac-user/Library/Preferences/com.apple.loginitems.plist VarFile
239	/Users/my-mac-user/Library/Mail/V2/MailData/Accounts.plist VarFile
240	/Users/my-mac-user/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2 VarFile
241	/Users/Shared VarDir
242
243	### Macports
244	/opt/local/bin Binlib
245	/opt/local/sbin Binlib
246	/opt/local/etc$ VarDir
247	/opt/local/lib Binlib
248	/opt/local/Library Binlib
249	/opt/local/share/man ManPages
250	/opt/local/var/log Log
251	#/opt/local/var/macports/build VarDir ## NOK
252	!/opt/local/var/macports/build
253	## Web server
254	#/opt/local/www
255

Download in other formats:

Original Format