Issue

Description of problem: In RHEL 7 (aide v.015) using a rule structure like: DATAONLY = p+n+u+g+selinux+acl+xattrs+sha256+ANF DIRCHECK = p+i+u+g+selinux+acl+xattrs+ANF /tmp/aide/target/ DATAONLY =/tmp/aide/target/dironly DIRCHECK Would not traverse the directory structure when the "=" was used. That rule would only include the directory but not it's contents. This is the customer's desired behavior. In RHEL 8 (aide v0.16) the same rule will not include the directory and it's contents. The equal sign (=) no longer appears to remove subdirectories from the matched fileset. Version-Release number of selected component (if applicable): aide-0.16-14.el8.x86_64 How reproducible: Easily Steps to Reproduce: mkdir -p /tmp/aide && cd /tmp/aide && rm -rf * mkdir -p target/dironly/ \ target/dironly/ignoredir1/ \ target/dironly/ignoredir2/ \ target/dironlyincludeall/ touch target/dironly/ignore1.txt \ target/dironly/ignoredir1/ignore2.txt \ target/dironly/ignoredir2/ignore3.txt \ target/dironlyincludeall/file1.txt cat <<AIDECONF>old.conf database=file:/tmp/aide/blah.db database_out=file:/tmp/aide/old.db report_url=file:/tmp/aide/old.log DATAONLY = p+n+u+g+selinux+acl+xattrs+sha256+ANF DIRCHECK = p+i+u+g+selinux+acl+xattrs+ANF /tmp/aide/target/ DATAONLY =/tmp/aide/target/dironly DIRCHECK ## Do not traverse these directories when prefixed with =, same behavior if ended with dollar or not AIDECONF aide --init --config=/tmp/aide/old.conf; grep -cH ignore old.db; cat -n old.db Actual results: For rhel 8: 1 @@begin_db 2 # This file was generated by Aide, version 0.16 3 # Time of generation was 2021-11-19 19:20:11 4 @@db_spec name lname attr perm inode uid gid lcount sha256 acl xattrs selinux 5 /tmp/aide/target/dironly 0 13155435037 40755 739331 0 0 0 0 <snip> 6 /tmp/aide/target/dironly/ignore1.txt 0 14229178397 100644 734649 0 0 1 <snip> 7 /tmp/aide/target/dironly/ignoredir1 0 13155436573 40755 739332 0 0 2 0 <snip> 8 /tmp/aide/target/dironly/ignoredir1/ignore2.txt 0 14229178397 100644 734650 0 0 1 <snip> 9 /tmp/aide/target/dironly/ignoredir2 0 13155436573 40755 739333 0 0 2 0 <snip> 10 /tmp/aide/target/dironly/ignoredir2/ignore3.txt 0 14229178397 100644 734651 0 0 1 <snip> 11 /tmp/aide/target/dironlyincludeall 0 13155435037 40755 739334 0 0 0 0 <snip> 12 /tmp/aide/target/dironlyincludeall/file1.txt 0 14229178397 100644 734652 0 0 1 <snip> Expected results: 1 @@begin_db 2 # This file was generated by Aide, version 0.15.1 3 # Time of generation was 2021-11-19 19:20:02 4 @@db_spec name lname attr perm inode uid gid lcount sha256 acl xattrs selinux 5 /tmp/aide/target/dironlyincludeall 0 13155436573 40755 1314966 0 0 2 0 snip= 6 /tmp/aide/target/dironly 0 13155435037 40755 1314963 0 0 0 0 snip= 7 /tmp/aide/target/dironlyincludeall/file1.txt 0 14229178397 100644 1313965 0 0 1 snip= Additional info: This test was exclusive to RHEL 8 with these versions: [root 03084412 ~]# rpm -q aide aide-0.16-14.el8.x86_64 [root 03084412 ~]# aide -v Aide 0.16

Release Notes

No. of Comments

Resolution

Won't Do