[CentOS] C6 : AIDE experience

Tue Sep 16 20:41:38 UTC 2014
Bowie Bailey <Bowie_Bailey at BUC.com>

On 9/9/2014 3:48 PM, Always Learning wrote:
> Having problems with Tripwire on C6, I installed AIDE from the base
> repository.  x86_64  0.14-3.el6_2.2  base   123 k
>
>
> typing:
> 	aide
> result:
> 	"Couldn't open file /var/lib/aide/aide.db.gz for reading"
> 	(directory is empty and aide.db.gz does not exist.)
> typing:
> 	aide -i (for initialise the Aide database)
> result:
> 	"AIDE, version 0.14
> 	### AIDE database at /var/lib/aide/aide.db.new.gz initialized."
> 	(size 10 bytes)
> typing:
> 	aide
> result:
> 	"Couldn't open file /var/lib/aide/aide.db.gz for reading"
> typing:
> 	aide --init  (for the second time)
> result:
> 	"AIDE, version 0.14
> 	### AIDE database at /var/lib/aide/aide.db.new.gz initialized."
> 	(now 2,225,108 bytes)
> typing:
> 	aide
> result:
> 	"Couldn't open file /var/lib/aide/aide.db.gz for reading"
> action:
> 	renaming aide.db.new.gz as aide.db.gz
> typing:
> 	aide
> result:
> 	(noticeable delay)
> 	"AIDE, version 0.14
> 	### All files match AIDE database. Looks okay!"
> 	(only 1 file in /var/lib/aide = aide.db.gz)
> typing:
> 	aide -u
> result:
> 	(noticeable delay)
> 	"AIDE, version 0.14
> 	### All files match AIDE database. Looks okay!
> 	### New AIDE database written to /var/lib/aide/aide.db.new.gz"
>
>
> Comment:
> 	Looks like I have solved the riddle :-)
> 	I did do a 'yum erase aide' followed by a 'yum install aide'
> 	to ensure my first experience was not a technical malfunction.

I'm a bit behind on this list, but as I don't see any other replies, 
I'll comment here.

Aide does not update it's database file.  Whenever you run an init or 
update, it will create a new file.  You then have to manually rename 
that file in order to start using the new database.

-- 
Bowie