OPERATIONAL DEFECT DATABASE
...
...
Description of problem: In RHEL 7 (aide v.015) using a rule structure like: DATAONLY = p+n+u+g+selinux+acl+xattrs+sha256+ANF DIRCHECK = p+i+u+g+selinux+acl+xattrs+ANF /tmp/aide/target/ DATAONLY =/tmp/aide/target/dironly DIRCHECK Would not traverse the directory structure when the "=" was used. That rule would only include the directory but not it's contents. This is the customer's desired behavior. In RHEL 8 (aide v0.16) the same rule will not include the directory and it's contents. The equal sign (=) no longer appears to remove subdirectories from the matched fileset. Version-Release number of selected component (if applicable): aide-0.16-14.el8.x86_64 How reproducible: Easily Steps to Reproduce: mkdir -p /tmp/aide && cd /tmp/aide && rm -rf * mkdir -p target/dironly/ \ target/dironly/ignoredir1/ \ target/dironly/ignoredir2/ \ target/dironlyincludeall/ touch target/dironly/ignore1.txt \ target/dironly/ignoredir1/ignore2.txt \ target/dironly/ignoredir2/ignore3.txt \ target/dironlyincludeall/file1.txt cat <<AIDECONF>old.conf database=file:/tmp/aide/blah.db database_out=file:/tmp/aide/old.db report_url=file:/tmp/aide/old.log DATAONLY = p+n+u+g+selinux+acl+xattrs+sha256+ANF DIRCHECK = p+i+u+g+selinux+acl+xattrs+ANF /tmp/aide/target/ DATAONLY =/tmp/aide/target/dironly DIRCHECK ## Do not traverse these directories when prefixed with =, same behavior if ended with dollar or not AIDECONF aide --init --config=/tmp/aide/old.conf; grep -cH ignore old.db; cat -n old.db Actual results: For rhel 8: 1 @@begin_db 2 # This file was generated by Aide, version 0.16 3 # Time of generation was 2021-11-19 19:20:11 4 @@db_spec name lname attr perm inode uid gid lcount sha256 acl xattrs selinux 5 /tmp/aide/target/dironly 0 13155435037 40755 739331 0 0 0 0 <snip> 6 /tmp/aide/target/dironly/ignore1.txt 0 14229178397 100644 734649 0 0 1 <snip> 7 /tmp/aide/target/dironly/ignoredir1 0 13155436573 40755 739332 0 0 2 0 <snip> 8 /tmp/aide/target/dironly/ignoredir1/ignore2.txt 0 14229178397 100644 734650 0 0 1 <snip> 9 /tmp/aide/target/dironly/ignoredir2 0 13155436573 40755 739333 0 0 2 0 <snip> 10 /tmp/aide/target/dironly/ignoredir2/ignore3.txt 0 14229178397 100644 734651 0 0 1 <snip> 11 /tmp/aide/target/dironlyincludeall 0 13155435037 40755 739334 0 0 0 0 <snip> 12 /tmp/aide/target/dironlyincludeall/file1.txt 0 14229178397 100644 734652 0 0 1 <snip> Expected results: 1 @@begin_db 2 # This file was generated by Aide, version 0.15.1 3 # Time of generation was 2021-11-19 19:20:02 4 @@db_spec name lname attr perm inode uid gid lcount sha256 acl xattrs selinux 5 /tmp/aide/target/dironlyincludeall 0 13155436573 40755 1314966 0 0 2 0 snip= 6 /tmp/aide/target/dironly 0 13155435037 40755 1314963 0 0 0 0 snip= 7 /tmp/aide/target/dironlyincludeall/file1.txt 0 14229178397 100644 1313965 0 0 1 snip= Additional info: This test was exclusive to RHEL 8 with these versions: [root 03084412 ~]# rpm -q aide aide-0.16-14.el8.x86_64 [root 03084412 ~]# aide -v Aide 0.16
Won't Do
Click on a version to see all relevant bugs
Red Hat Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
