Periodic script for FreeBSD port of aide
Cy Schubert
Cy.Schubert at komquats.com
Sat Jan 17 22:54:10 PST 2009
In message <80bd11420901171136q67733119y80288381182458fe at mail.gmail.com>,
"Krzy
sztof Burghardt" writes:
>
> Hello aide port maintainer,
>
> I wrote a periodic script for aide port (attached). It run aide
> --check. ${daily_status_security_aide_enable} defaults to NO, so it
> need to be enabled in /etc/periodic.conf with:
>
> daily_status_security_aide_enable="YES"
>
> I thought you might be interested in including it.
I have a few thoughts on this issue.
The intention is to run it daily. What if the user wants to run it weekly
or monthly or a combination thereof?
One option might be that you maintain it on a web site or FTP site
somewhere and the port fetches the script and installs it. I'm not
convinced that this is a good idea but I'm throwing it out there anyway.
Could we genericice the script for use with aide, tripwire, and integrit?
The periodic scripts run at 03:01, 04:15. and 05;30. I've usually run
tripwire and aide as close to coming into work in the morning as possible
so that the window of opportunity of something being altered and my finding
out about it is as small as possible. Is the periodic infrastructure the
best place to run the script from or should it be run using a separate cron
job?
--
Cheers,
Cy Schubert <Cy.Schubert at komquats.com>
FreeBSD UNIX: <cy at FreeBSD.org> Web: http://www.FreeBSD.org
e**(i*pi)+1=0
More information about the freebsd-ports
mailing list