Bug#1118037: trixie-pu: package aide/0.19.1-2+deb13u2
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: aide@packages.debian.org
Control: affects -1 + src:aide
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
after a stable release it usually turns out that the rules that we
released aide with don't quite fit the rest of the distribution. It is
kind of impossible to keep up with the changes in the last weeks before
the release. Trixie is the first time where I'd like to release an
update to the aide package in a stable point release that fixes most of
those issues to make the package easier to use for local admins.
This time, there is also some additional code :-(
This update is targeted for the next stable point release and is of low
urgency. Feel free to release it in trixie-updates earlier at your
convenience.
[ Impact ]
If the update isn't approved, users will get more false positives during
their daily aide runs. They can achive the same results as this update
by pulling the rules from Unstable or from using a backport.
[ Tests ]
The package has simple autopkgtests that verify whether the rules are
syntactically correct, and they are pulled from unstable/testing and
therefore tested there and on my personal fleet of about 50 machines
(running backports though).
[ Risks ]
It's a config only change, and one additional small shell script.
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in stable
[X] the issue is verified as fixed in unstable
[ Changes ]
The aide rules that come with the package were improved to better fit
what we released as Debian 13. In addition,
We changed the daily check to run as non-root via systemd mechanisms.
That broke the lvm aide rule since the LVM tools need root to run. I
have therefore implemented a cache mechanism that runs the rules that
need root from a dedicated, root, timer and saves the output. The rule
gets invoked as non-root during the daily run again, notices that it
cannot run and outputs what was cached previously. The code has
deliberately made easy, simple and unflexible since there is currently
only one rule that needs this.
Greetings
Marc
diff -Nru aide-0.19.1/debian/aide.conf.d/10_aide_bits aide-0.19.1/debian/aide.conf.d/10_aide_bits
--- aide-0.19.1/debian/aide.conf.d/10_aide_bits 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/10_aide_bits 2025-10-14 09:02:49.000000000 +0200
@@ -40,4 +40,16 @@
# 21 bits: 2097152
@@define BITS_21_D (1?[[:digit:]]{1,6}|20([0-8][[:digit:]]{4}|9([0-6][[:digit:]]{3}|7(0[[:digit:]]{2}|1([0-4][[:digit:]]|5[01])))))
+# 30 bits: 1073741824
+@@define BITS_30_D ([[:digit:]]{1,10}|10([0-6][[:digit:]]{8}|7([01][[:digit:]]{7}|2([0-6][[:digit:]]{6}|7([0-3][[:digit:]]{5}|4([0-7][[:digit:]]{4}|8([01][[:digit:]]{3}|2([0-3][[:digit:]]{2}|4([01][[:digit:]]|2[0-4])))))))))
+
+# 31 bits: 2147483648
+@@define BITS_31_D (1?[[:digit:]]{1,10}|20([0-9][[:digit:]]{8}|1([0-3][[:digit:]]{7}|4([0-6][[:digit:]]{6}|7([0-3][[:digit:]]{5}|4([0-7][[:digit:]]{4}|8([0-2][[:digit:]]{3}|3([0-5][[:digit:]]{2}|6([0-3][[:digit:]]|4[0-8])))))))))
+
+# 32 bits: 4294967296
+@@define BITS_32_D ([0-3]?[[:digit:]]{1,9}|4([01][[:digit:]]{8}|2([0-8][[:digit:]]{7}|9([0-3][[:digit:]]{6}|4([0-8][[:digit:]]{5}|9([0-5][[:digit:]]{4}|6([0-6][[:digit:]]{3}|7([01][[:digit:]]{2}|2([0-8][[:digit:]]|9[0-6])))))))))
+
+# 33 bits: 8589934592
+@@define BITS_33_D ([0-7]?[[:digit:]]{1,9}|8([0-4][[:digit:]]{8}|5([0-7][[:digit:]]{7}|8([0-8][[:digit:]]{6}|9([0-8][[:digit:]]{5}|9([0-2][[:digit:]]{4}|3([0-3][[:digit:]]{3}|4([0-4][[:digit:]]{2}|5([0-8][[:digit:]]|9[0-2])))))))))
+
# if you want more please send a patch. the _X suffix is reserved for hex.
diff -Nru aide-0.19.1/debian/aide.conf.d/10_aide_dateformats aide-0.19.1/debian/aide.conf.d/10_aide_dateformats
--- aide-0.19.1/debian/aide.conf.d/10_aide_dateformats 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/10_aide_dateformats 2025-10-14 09:02:49.000000000 +0200
@@ -10,16 +10,16 @@
@@define DATE_YYYYMMDD @@{YYYY}@@{DATE_MMDD}
@@define DATE_DDMMYYYY @@{DATE_DDMM}@@{YYYY}
@@define DATE_MMDDYYYY @@{DATE_MMDD}@@{YYYY}
-@@define TIME_0_60 [0-5][0-9]
+@@define TIME_0_59 ([0-5][0-9])
@@define TIME_0_23 ([01][0-9]|2[0-3])
-@@define TIME_HHMM @@{TIME_0_23}@@{TIME_0_60}
-@@define TIME_HHMMSS @@{TIME_HHMM}@@{TIME_0_60}
-@@define TIME_HH_MM @@{TIME_0_23}:@@{TIME_0_60}
-@@define TIME_HH_MM_SS @@{TIME_HH_MM}:@@{TIME_0_60}
-@@define TIME_ISO @@{TIME_0_23}:@@{TIME_0_60}:@@{TIME_0_60}(Z|[+-]@@{TIME_0_23}:@@{TIME_0_60})
-@@define DATETIME_ISO8601 @@{YYYY}-@@{DATE_MM_DD}T@@{TIME_0_23}:@@{TIME_0_60}:@@{TIME_0_60}(Z|[+-]@@{TIME_0_23}:@@{TIME_0_60})
-@@define DATETIME_COMPACT @@{YYYY}@@{DATE_MMDD}T@@{TIME_0_23}@@{TIME_0_60}@@{TIME_0_60}
-@@define DATETIME_SPACE @@{YYYY}-@@{DATE_MM_DD}[[:space:]]@@{TIME_0_23}:@@{TIME_0_60}(:@@{TIME_0_60})?
+@@define TIME_HHMM @@{TIME_0_23}@@{TIME_0_59}
+@@define TIME_HHMMSS @@{TIME_HHMM}@@{TIME_0_59}
+@@define TIME_HH_MM @@{TIME_0_23}:@@{TIME_0_59}
+@@define TIME_HH_MM_SS @@{TIME_HH_MM}:@@{TIME_0_59}
+@@define TIME_ISO @@{TIME_0_23}:@@{TIME_0_59}:@@{TIME_0_59}(Z|[+-]@@{TIME_0_23}:@@{TIME_0_59})
+@@define DATETIME_ISO8601 @@{YYYY}-@@{DATE_MM_DD}T@@{TIME_0_23}:@@{TIME_0_59}:@@{TIME_0_59}(Z|[+-]@@{TIME_0_23}:@@{TIME_0_59})
+@@define DATETIME_COMPACT @@{YYYY}@@{DATE_MMDD}T@@{TIME_0_23}@@{TIME_0_59}@@{TIME_0_59}
+@@define DATETIME_SPACE @@{YYYY}-@@{DATE_MM_DD}[[:space:]]@@{TIME_0_23}:@@{TIME_0_59}(:@@{TIME_0_59})?
# UNIX_TS matches from a 100 megaseconds upwards, that is 1973-03-03T09:46:40
# and still rules out unrealisticaly small numbers.
diff -Nru aide-0.19.1/debian/aide.conf.d/10_aide_days aide-0.19.1/debian/aide.conf.d/10_aide_days
--- aide-0.19.1/debian/aide.conf.d/10_aide_days 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/10_aide_days 2025-10-14 09:02:49.000000000 +0200
@@ -9,7 +9,8 @@
DATES="now 1_day_ago 2_days_ago"
while read -r var format dt; do
- printf "@@define DATE_%s %s\\n" "${var}" "$(date +"${format}" --date="${dt}")"
+ dt="${dt# }" # optional, trim leading space
+ printf "@@define DATE_%s %s\n" "${var}" "$(date +"${format}" --date="${dt}")"
done <<EOLIST
YYYYMMDDTODAY %Y%m%d now
YYYYMMDDYESTR %Y%m%d 1 day ago
@@ -30,3 +31,9 @@
USCORED_YYMMDDYESTR %y_%m_%d 1 day ago
USCORED_YYMMDDDBFYS %y_%m_%d 2 days ago
EOLIST
+
+for days in 7 30 90; do
+ DAYS="($(for i in $(seq 0 $days); do date --iso-8601 --date "$i days ago"; done | paste --serial --delimiter='|'))"
+ printf "@@define DATETIME_ISO8601_LAST_%s_DAYS_COLONTIME %sT@@{TIME_0_23}:@@{TIME_0_59}:@@{TIME_0_59}(Z|[+-]@@{TIME_0_23}:@@{TIME_0_59})\n" "${days}" "${DAYS}"
+ printf "@@define DATETIME_ISO8601_LAST_%s_DAYS_DASHTIME %sT@@{TIME_0_23}-@@{TIME_0_59}-@@{TIME_0_59}(Z|[+-]@@{TIME_0_23}@@{TIME_0_59})\n" "${days}" "${DAYS}"
+done
diff -Nru aide-0.19.1/debian/aide.conf.d/10_aide_hardware aide-0.19.1/debian/aide.conf.d/10_aide_hardware
--- aide-0.19.1/debian/aide.conf.d/10_aide_hardware 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/10_aide_hardware 2025-10-14 09:02:49.000000000 +0200
@@ -1,3 +1,3 @@
-@@define USB_ADDRESS \d+(:\d+)*\.\d+
-@@define PCI_ADDRESS ([[:xdigit:]]{4}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\.[0-7])
+@@define USB_ADDRESS [[:digit:]]+([:.][[:digit:]]+)+
+@@define PCI_ADDRESS ([[:xdigit:]]{4}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\.[0-7])
diff -Nru aide-0.19.1/debian/aide.conf.d/10_aide_lvm_needsroot aide-0.19.1/debian/aide.conf.d/10_aide_lvm_needsroot
--- aide-0.19.1/debian/aide.conf.d/10_aide_lvm_needsroot 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/10_aide_lvm_needsroot 2025-10-14 09:02:49.000000000 +0200
@@ -15,6 +15,18 @@
printf "@@endif\n"
}
+# TODO: parse DIR from configuration file
+DIR="/var/lib/aide"
+CACHEFILE="$DIR/10_aide_rootrules_cache"
+
+if [ "$EUID" != "0" ]; then
+ # we are not called from the buildcache job and are expected
+ # to spew what we have cached
+ if [ -r "$CACHEFILE" ]; then
+ cat "$CACHEFILE"
+ fi
+fi
+
if command -v dmsetup >/dev/null; then
if [ "$(dmsetup info --columns --options uuid --noheadings 2>/dev/null| grep -cvi 'no devices found')" != 0 ]; then
undefine DM_UUIDS_W_P
diff -Nru aide-0.19.1/debian/aide.conf.d/11_aide_dateformats_cury aide-0.19.1/debian/aide.conf.d/11_aide_dateformats_cury
--- aide-0.19.1/debian/aide.conf.d/11_aide_dateformats_cury 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/11_aide_dateformats_cury 2025-10-14 09:02:49.000000000 +0200
@@ -1,18 +1,24 @@
-# CURY matches years 2023 up to 2030
-@@if not defined YYYY_CURY
-@@define YYYY_CURY 202[3-9]|2030
+# CURY matches years 2025 up to 2032
+@@if not defined DATE_YYYY_CURY
+@@define DATE_YYYY_CURY (202[5-9]|203[012])
@@endif
-@@define DATE_YYYY_MM_DD_CURY @@{YYYY_CURY}-@@{DATE_MM_DD}
-@@define DATE_YYYYMMDD_CURY @@{YYYY_CURY}@@{DATE_MMDD}
-@@define DATE_DDMMYYYY_CURY @@{DATE_DDMM}@@{YYYY_CURY}
-@@define DATE_MMDDYYYY_CURY @@{DATE_MMDD}@@{YYYY_CURY}
-@@define DATETIME_ISO8601_CURY @@{YYYY_CURY}-@@{DATE_MM_DD}T@@{TIME_0_23}:@@{TIME_0_60}:@@{TIME_0_60}(Z|[+-]@@{TIME_0_23}:@@{TIME_0_60})
-@@define DATETIME_COMPACT_CURY @@{YYYY_CURY}@@{DATE_MMDD}T@@{TIME_0_23}@@{TIME_0_60}@@{TIME_0_60}
-@@define DATETIME_SPACE_CURY @@{YYYY_CURY}-@@{DATE_MM_DD}[[:space:]]@@{TIME_0_23}:@@{TIME_0_60}(:@@{TIME_0_60})?
+@@define DATE_YYYY_MM_DD_CURY @@{DATE_YYYY_CURY}-@@{DATE_MM_DD}
+@@define DATE_YYYYMMDD_CURY @@{DATE_YYYY_CURY}@@{DATE_MMDD}
+@@define DATE_DDMMYYYY_CURY @@{DATE_DDMM}@@{DATE_YYYY_CURY}
+@@define DATE_MMDDYYYY_CURY @@{DATE_MMDD}@@{DATE_YYYY_CURY}
+@@define DATETIME_ISO8601_CURY @@{DATE_YYYY_CURY}-@@{DATE_MM_DD}T@@{TIME_0_23}:@@{TIME_0_59}:@@{TIME_0_59}(Z|[+-]@@{TIME_0_23}:@@{TIME_0_59})
+@@define DATETIME_COMPACT_CURY @@{DATE_YYYY_CURY}@@{DATE_MMDD}T@@{TIME_0_23}@@{TIME_0_59}@@{TIME_0_59}
+@@define DATETIME_SPACE_CURY @@{DATE_YYYY_CURY}-@@{DATE_MM_DD}[[:space:]]@@{TIME_0_23}:@@{TIME_0_59}(:@@{TIME_0_59})?
-# UNIX_TS_CURY matches from 2022-12-25T20:26:40 to 2031-01-01T02:13:19
-# if you still use this after 2030, feel free to adapt those values
+# UNIX_TS_CURY matches from 2025-06-16T22:13:20 to 2027-05-18T03:59:59 (1750000000–2019999999)
+# if you still use this after 2031, feel free to adapt those values
@@if not defined UNIX_TS_CURY
-@@define UNIX_TS_CURY (1672(0\d{6}|[1-9]\d{6})|167[3-9]\d{7}|16[8-9]\d{7}|17\d{8}|18\d{8}|19(0\d{8}|1\d{8}|2([0-3]\d{7}|4([0-8]\d{6}|9([0-8]\d{5}|9(9{4}))))))
+@@define UNIX_TS_CURY (175\d{7}|17[6-9]\d{7}|18\d{8}|19\d{8}|200\d{7}|201\d{7})
+@@endif
+
+# UNIX_TS_2015_2033 matches from 2015-04-26T05:33:20 to 2033-05-18T03:59:59 (1430000000–2019999999)
+# if you still use this after 2033, feel free to adapt those values
+@@if not defined UNIX_TS_2015_2033
+@@define UNIX_TS_2015_2033 (143\d{7}|14[4-9]\d{6}|1[5-9]\d{8}|200\d{7}|201\d{7})
@@endif
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_apt-cacher-ng aide-0.19.1/debian/aide.conf.d/31_aide_apt-cacher-ng
--- aide-0.19.1/debian/aide.conf.d/31_aide_apt-cacher-ng 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_apt-cacher-ng 2025-10-14 09:02:49.000000000 +0200
@@ -23,11 +23,11 @@
@@if not defined ACNGARCHS
@@define ACNGARCHS (arm64|armhf|amd64|i386|all)
@@endif
-@@if not defined ACNGDATENR
-@@define ACNGDATENR @@{DATE_YYYY_MM_DD_CURY}-@@{TIME_HHMM}\\.[[:digit:]]{2}
+@@if not defined ACNGYYYY_MM_DD_HHMM_XX
+@@define ACNGYYYY_MM_DD_HHMM_XX @@{DATE_YYYY_MM_DD_CURY}-@@{TIME_HHMM}\\.[[:digit:]]{2}
@@endif
@@if not defined ACNGDTNR
-@@define ACNGDTNR (@@{ACNGDATENR}|T-@@{ACNGDATENR}-F-@@{ACNGDATENR})
+@@define ACNGDTNR (@@{ACNGYYYY_MM_DD_HHMM_XX}|T-@@{ACNGYYYY_MM_DD_HHMM_XX}-F-@@{ACNGYYYY_MM_DD_HHMM_XX})
@@endif
/@@{ACNGCACHE}$ d VarDir-n
@@ -54,6 +54,7 @@
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/(source|(Contents|binary)-@@{ACNGARCHS}\\.diff)$ d
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/i18n$ d
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/(Contents-@@{ACNGARCHS}\\.[gx]z)(\\.head|~)?$ f
+!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/(Contents-@@{ACNGARCHS}\\.[gx]z)(\\.head|~)?$ f
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/(debian-installer/)?binary-@@{ACNGARCHS}/(Packages(\\.(gz|bz2|xz))?)(\\.hea(d|%)|~)?$ f
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/dep11/(Components-@@{ACNGARCHS}\\.yml\\.xz|icons-(128x128|48x48|64x64)\\.tar\\.gz)(\\.head)?$ f
/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/i18n/Translation-(de|en)\\.diff$ d VarDir
@@ -62,10 +63,10 @@
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/i18n/Translation-(de|en)(\\.diff)?/Index(\\.head|~)?$ f
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/Contents-@@{ACNGARCHS}\\.diff/Index(~|\\.head)?$ f
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/binary-@@{ACNGARCHS}/Packages(\\.diff)?/Index(\\.head|~)?$ f
-!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/binary-@@{ACNGARCHS}/Packages(\\.diff)?/@@{ACNRDTNR}\\.gz(\\.head)?$ f
+!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/binary-@@{ACNGARCHS}/Packages(\\.diff)?/@@{ACNGDTNR}\\.gz(\\.head)?$ f
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/source/Sources\\.diff/Index(\\.head|~)?$ f
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/Contents-@@{ACNGARCHS}\\.diff(/by-hash)?$ d
-!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/Contents-@@{ACNGARCHS}\\.diff/by-hash/SHA256$ d
+ /@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/Contents-@@{ACNGARCHS}\\.diff/by-hash/SHA256$ d VarDir
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/Contents-@@{ACNGARCHS}\\.diff/@@{ACNGDTNR}\\.gz(\\.head)?$ f
!/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/Contents-@@{ACNGARCHS}\\.diff/by-hash/SHA256/@@{SHA256SUM}(\\.head)?$ f
/@@{ACNGCACHE}/@@{ACNGDISTS}/@@{ACNGMNC}/debian-installer$ d VarDir
@@ -108,7 +109,7 @@
@@undef ACNGDISTS
@@undef ACNGMNC
@@undef ACNGARCHS
-@@undef ACNGDATENR
+@@undef ACNGYYYY_MM_DD_HHMM_XX
@@undef ACNGDTNR
@@undef ACNGLOGDIR
@@undef ACNGLOGRE
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_bind9 aide-0.19.1/debian/aide.conf.d/31_aide_bind9
--- aide-0.19.1/debian/aide.conf.d/31_aide_bind9 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_bind9 2025-10-14 09:02:49.000000000 +0200
@@ -1,17 +1,40 @@
-@@if defined BINDCHROOT
- /@@{BINDCHROOT}/dev/log$ f RotLog
- /@@{BINDCHROOT}/dev$ d VarDir
-@@endif
- /@@{BINDCHROOT}@@{RUN}/named/(session\\.key|named\\.pid)$ f VarFile
- /@@{BINDCHROOT}@@{RUN}/named$ d RecreatedDir
- /@@{BINDCHROOT}var/cache/bind$ d VarDir
- /@@{BINDCHROOT}var/cache/bind/[-[:alnum:].]+$ f VarFile
-
-@@if defined BIND_SLAVE_DIRS
-@@if defined BIND_SLAVE_PATHS
- /@@{BINDCHROOT}var/cache/bind/slave/@@{BIND_SLAVE_DIRS}$ d VarDir
- /@@{BINDCHROOT}var/cache/bind/slave/@@{BIND_SLAVE_PATHS}$ f VarFile
+@@if defined BIND_CHROOT_DIR
+ /@@{BIND_CHROOT_DIR}/dev/log$ f RotLog
+ /@@{BIND_CHROOT_DIR}/dev$ d VarDir
+@@if not defined BIND_WORKING_DIR
+@@define BIND_WORKING_DIR @@{BIND_CHROOT_DIR}/var/cache/bind
+@@endif
+@@if not defined BIND_RUN_DIR
+@@define BIND_RUN_DIR @@{BIND_CHROOT_DIR}/@{RUN}/named
@@endif
@@endif
+@@if not defined BIND_WORKING_DIR
+@@define BIND_WORKING_DIR var/cache/bind
+@@endif
+@@if not defined BIND_RUN_DIR
+@@define BIND_RUN_DIR @@{RUN}/named
+@@endif
+ /@@{RUN}/named$ d RecreatedDir
+ /@@{BIND_RUN_DIR}$ d RecreatedDir
+ /@@{BIND_RUN_DIR}/(session\\.key|named\\.pid)$ f VarFile
+ /@@{BIND_WORKING_DIR}$ d VarDir
+# remove before forky
+# /@@{BIND_WORKING_DIR}/[-[:alnum:].]+$ f VarFile
+ /@@{BIND_WORKING_DIR}/managed-keys\\.bind$ f VarFile
+!/@@{BIND_WORKING_DIR}/managed-keys\\.bind\\.jnl$ f
/@@{RUN}/systemd/propagate/named\\.service$ d RecreatedDir
+
+# the bind packages in trixie do not suggest any structure for
+# zone directories.
+
+ZoneDir = VarDir
+ZoneFile = VarFile
+
+@@if defined BIND_ZONE_DIRS
+ /@@{BIND_CHROOT_DIR}@@{BIND_ZONE_DIR_PREFIX}@@{BIND_ZONE_DIRS}$ d ZoneDir
+@@endif
+@@if defined BIND_ZONE_FILES
+# the regexp for BIND_ZONE_FILES must contain the respective directory!
+ /@@{BIND_CHROOT_DIR}@@{BIND_ZONE_DIR_PREFIX}@@{BIND_ZONE_FILES}$ f ZoneFile
+@@endif
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_console-setup aide-0.19.1/debian/aide.conf.d/31_aide_console-setup
--- aide-0.19.1/debian/aide.conf.d/31_aide_console-setup 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_console-setup 2025-10-14 09:02:49.000000000 +0200
@@ -1,2 +1,3 @@
/@@{RUN}/console-setup$ d RecreatedDir
/@@{RUN}/console-setup/(boot_completed|font-loaded)$ f VarFile
+/etc/console-setup/cached_setup_(font|keyboard|terminal)\\.sh$ f VarFile
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_cryptsetup aide-0.19.1/debian/aide.conf.d/31_aide_cryptsetup
--- aide-0.19.1/debian/aide.conf.d/31_aide_cryptsetup 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_cryptsetup 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1 @@
+ /@@{RUN}/cryptsetup$ d RecreatedDir
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_cups aide-0.19.1/debian/aide.conf.d/31_aide_cups
--- aide-0.19.1/debian/aide.conf.d/31_aide_cups 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_cups 2025-10-14 09:02:49.000000000 +0200
@@ -5,6 +5,7 @@
/var/spool/cups(/tmp)?$ d VarDir
!/var/spool/cups/c[[:digit:]]{5}$ f
+!/var/spool/cups/d[[:digit:]]{5}-001$ f
!/var/spool/cups/tmp/cups-dbus-notifier-lockfile$ f
!/var/spool/cups/tmp/foomatic-[[:alnum:]]{6}$ f
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_dehydrated aide-0.19.1/debian/aide.conf.d/31_aide_dehydrated
--- aide-0.19.1/debian/aide.conf.d/31_aide_dehydrated 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_dehydrated 2025-10-14 09:02:49.000000000 +0200
@@ -3,15 +3,16 @@
@@if defined DEHYDDOMAINS
@@define DEHYDRE (cert|chain|combined|fullchain|privkey)
-/var/lib/dehydrated$ d VarDir
-/var/lib/dehydrated/accounts/@@{BASE64}+$ d VarDir
-/var/lib/dehydrated/accounts/@@{BASE64}+/account_id\\.json$ f VarFile
-/var/lib/dehydrated/chains$ d VarDir
-/var/lib/dehydrated/certs/@@{DEHYDDOMAINS}$ d VarDir
-!/var/lib/dehydrated/certs/@@{DEHYDDOMAINS}/@@{DEHYDRE}-@@{UNIX_TS_CURY}\\.pem$ f
+ /var/lib/dehydrated$ d VarDir
+ /var/lib/dehydrated/accounts/@@{BASE64}+$ d VarDir
+ /var/lib/dehydrated/accounts/@@{BASE64}+/account_id\\.json$ f VarFile
+ /var/lib/dehydrated/chains$ d VarDir
+ /var/lib/dehydrated/certs/@@{DEHYDDOMAINS}$ d VarDir
+!/var/lib/dehydrated/certs/@@{DEHYDDOMAINS}/@@{DEHYDRE}-@@{UNIX_TS_2015_2033}\\.pem$ f
!/var/lib/dehydrated/certs/@@{DEHYDDOMAINS}/@@{DEHYDRE}\\.pem$ l
!/var/lib/dehydrated/certs/@@{DEHYDDOMAINS}/combined\\.pem$ f
-!/var/lib/dehydrated/certs/@@{DEHYDDOMAINS}/(cert)-@@{UNIX_TS_CURY}\\.csr$ f
+ /var/lib/dehydrated/certs/@@{DEHYDDOMAINS}/(cert)-@@{UNIX_TS_2015_2033}\\.(csr)$ f Full-c+ANF
+ /var/lib/dehydrated/certs/@@{DEHYDDOMAINS}/(cert|chain|fullchain|privkey)-@@{UNIX_TS_2015_2033}\\.(pem)$ f Full-c+ANF
!/var/lib/dehydrated/certs/@@{DEHYDDOMAINS}/(cert)\\.csr$ l
-/var/lib/dehydrated(/acme-challenges)?$ d VarDir
+ /var/lib/dehydrated(/acme-challenges)?$ d VarDir
@@endif
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_dev aide-0.19.1/debian/aide.conf.d/31_aide_dev
--- aide-0.19.1/debian/aide.conf.d/31_aide_dev 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_dev 2025-10-14 09:02:49.000000000 +0200
@@ -10,7 +10,7 @@
!/dev/bsg/[[:digit:]]:0:0:0$ c
/dev/bus/usb/00[1234]$ d RecreatedDir
!/dev/bus/usb/00[1234]/0[01][[:digit:]]$ c
-!/dev/disk/by-diskseq/[[:digit:]]{1,2}$ l
+!/dev/disk/by-diskseq/[[:digit:]]{1,2}(-part[[:digit:]])?$ l
/dev/disk/by-id$ d RecreatedDir
!/dev/disk/by-id/((ata|dm-name)[-[:alnum:]_]+)(-part[1234])?$ l
!/dev/disk/by-id/((wwn)-0x[[:xdigit:]]{16})(-part[1234])?$ l
@@ -22,7 +22,7 @@
!/dev/disk/by-path/pci-@@{PCI_ADDRESS}-ata-[[:digit:]](\.0)?(-part[1234])?$ l
!/dev/disk/by-path/pci-@@{PCI_ADDRESS}-usb-@@{USB_ADDRESS}-(port0|scsi-(0:){3}[0123])$ l
!/dev/dm-[[:digit:]]{3}$ b
-!/dev/input/by-path/platform-i8042-serio-1-(event-)?mouse$ l
+!/dev/input/by-path/platform-i8042-serio-[01]-(event-)?mouse$ l
!/dev/loop[[:digit:]]$ b
!/dev/mapper/[-[:alnum:]_]+$ l
!/dev/ram[[:digit:]]$ b
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_dokuwiki aide-0.19.1/debian/aide.conf.d/31_aide_dokuwiki
--- aide-0.19.1/debian/aide.conf.d/31_aide_dokuwiki 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_dokuwiki 2025-10-14 09:02:49.000000000 +0200
@@ -10,8 +10,8 @@
!/@@{DOKUWIKI_PATHRE}/locks/@@{MD5SUM}$ d
!/@@{DOKUWIKI_PATHRE}/locks/@@{MD5SUM}\\.lock$ f
/@@{DOKUWIKI_PATHRE}/log/error$ d VarDir
+ /@@{DOKUWIKI_PATHRE}/log/error/@@{DATE_YYYY_MM_DD}\\.log$ f VarFile+ANF+ARF
/@@{DOKUWIKI_PATHRE}/log/pruned$ f VarFile
- /@@{DOKUWIKI_PATHRE}/log/error/@@{DATE_YYYYMMDD}\\.log$ f Full+ANF+ARF
/@@{DOKUWIKI_PATHRE}/meta/(_(dokuwiki|media)\\.changes(\\.trimmed)?)$ f VarFile
!/@@{DOKUWIKI_PATHRE}/meta/[[:alnum:]]+\\.(changes(\\.trimmed)?|indexed|meta)$ f
/@@{DOKUWIKI_PATHRE}/meta/wiki/syntax\\.indexed$ f VarFile
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_fwupd aide-0.19.1/debian/aide.conf.d/31_aide_fwupd
--- aide-0.19.1/debian/aide.conf.d/31_aide_fwupd 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_fwupd 2025-10-14 09:02:49.000000000 +0200
@@ -1,7 +1,7 @@
/var/cache/fwupd$ d VarDir
/var/cache/fwupd/(devices\\.json|metadata\\.xmlb)$ f VarFile
/var/lib/fwupd(/(gnupg|metadata(/lvfs)?))?$ d VarDir
- /var/lib/fwupd/metadata/lvfs/metadata\\.xml\\.xz(\\.jcat)?$ f VarFile
+ /var/lib/fwupd/metadata/lvfs/firmware\\.xml\\.zst(\\.jcat)?$ f VarFile
/var/lib/fwupd/pending\\.db$ f VarFile
/var/lib/systemd/timers/stamp-fwupd-refresh\\.timer$ f VarFile
!/@@{RUN}/systemd/propagate/fwupd\\.service$ d
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_gnupg aide-0.19.1/debian/aide.conf.d/31_aide_gnupg
--- aide-0.19.1/debian/aide.conf.d/31_aide_gnupg 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_gnupg 2025-10-14 09:02:49.000000000 +0200
@@ -1,7 +1,8 @@
@@if not defined GNUPGUIDS
@@define GNUPGUIDS @@{LOCALUIDS}
+@@endif
!/@@{RUNUSER}/@@{GNUPGUIDS}/gnupg$ d
!/@@{RUNUSER}/@@{GNUPGUIDS}/gnupg(/S.(dirmngr|gpg-agent(\\.(browser|extra|ssh))?|keyboxd|scdaemon))?$ s
!/@@{RUNUSER}/@@{GNUPGUIDS}/gnupg/d\\.[0-9a-z]{24}$ d
-@@endif
+!/@@{RUNUSER}/@@{GNUPGUIDS}/systemd/units/invocation:gpg-agent(-ssh)?\\.socket$ l
@@undef GNUPGUIDS
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_grub-pc aide-0.19.1/debian/aide.conf.d/31_aide_grub-pc
--- aide-0.19.1/debian/aide.conf.d/31_aide_grub-pc 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_grub-pc 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1,3 @@
+@@if defined AMD64_FIRMWARE_BIOS
+ /boot/grub/grubenv$ f VarFile
+@@endif
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_icinga2 aide-0.19.1/debian/aide.conf.d/31_aide_icinga2
--- aide-0.19.1/debian/aide.conf.d/31_aide_icinga2 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_icinga2 2025-10-14 09:02:49.000000000 +0200
@@ -34,7 +34,7 @@
!/tmp/FileCache_icingaweb(/htmlpurifier\\.cache)?$ d
!/tmp/FileCache_icingaweb/icinga-[[:xdigit:]]{8}-[[:xdigit:]]{8}-[[:xdigit:]]{8}\\.min\\.(css|js)$ f
-/@@{RUN}/icinga2(/cmd)?$ d RecreatedDir
-/@@{RUN}/icinga2/icing2\\.pid?$ f VarFile
+ /@@{RUN}/icinga2(/cmd)?$ d RecreatedDir
+ /@@{RUN}/icinga2/icinga2\\.pid?$ f VarFile
!/@@{RUN}/icinga2/cmd/icinga2\\.cmd$ p
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_ksmtuned aide-0.19.1/debian/aide.conf.d/31_aide_ksmtuned
--- aide-0.19.1/debian/aide.conf.d/31_aide_ksmtuned 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_ksmtuned 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1 @@
+!/@@{RUN}/ksmtune\\.pid$ f
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_lighttpd aide-0.19.1/debian/aide.conf.d/31_aide_lighttpd
--- aide-0.19.1/debian/aide.conf.d/31_aide_lighttpd 2023-02-12 09:16:19.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_lighttpd 2025-10-14 09:02:49.000000000 +0200
@@ -1,13 +1,14 @@
@@define LIGHTTP_LOGDIR var/log/lighttpd
@@define LIGHTTP_LOGFILERE (access|error|tls-access)\\.log
-/@@{LIGHTTP_LOGDIR}$ d VarDir
-/@@{LIGHTTP_LOGDIR}/@@{LIGHTTP_LOGFILERE}$ f ActLog
-/@@{LIGHTTP_LOGDIR}/@@{LIGHTTP_LOGFILERE}\\.1$ f RotLog
-/@@{LIGHTTP_LOGDIR}/@@{LIGHTTP_LOGFILERE}\\.2\\.@@{LOGEXT}$ f CompSerLog
-/@@{LIGHTTP_LOGDIR}/@@{LIGHTTP_LOGFILERE}\\.([3-9]|10|11)\\.@@{LOGEXT}$ f MidlSerLog
-/@@{LIGHTTP_LOGDIR°/@@{LIGHTTP_LOGFILERE}\\.12\\.@@{LOGEXT}$ f LastSerLog
+ /@@{LIGHTTP_LOGDIR}$ d VarDir
+ /@@{LIGHTTP_LOGDIR}/@@{LIGHTTP_LOGFILERE}$ f ActLog
+ /@@{LIGHTTP_LOGDIR}/@@{LIGHTTP_LOGFILERE}\\.1$ f RotLog
+ /@@{LIGHTTP_LOGDIR}/@@{LIGHTTP_LOGFILERE}\\.2\\.@@{LOGEXT}$ f CompSerLog
+ /@@{LIGHTTP_LOGDIR}/@@{LIGHTTP_LOGFILERE}\\.([3-9]|10|11)\\.@@{LOGEXT}$ f MidlSerLog
+ /@@{LIGHTTP_LOGDIR°/@@{LIGHTTP_LOGFILERE}\\.12\\.@@{LOGEXT}$ f LastSerLog
-/@@{RUN}/lighttpd\\.pid$ f VarFile
-/@@{RUN}/lighttpd$ d RecreatedDir
+ /@@{RUN}/lighttpd\\.pid$ f VarFile
+ /@@{RUN}/lighttpd$ d RecreatedDir
+ /var/lib/systemd/timers/stamp-lighttpd-maint\\.timer$ f VarFile
@@undef LIGHTTP_LOGDIR
@@undef LIGHTTP_LOGFILERE
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_man aide-0.19.1/debian/aide.conf.d/31_aide_man
--- aide-0.19.1/debian/aide.conf.d/31_aide_man 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_man 2025-10-14 09:02:49.000000000 +0200
@@ -1,7 +1,7 @@
/var/lib/systemd/timers/stamp-man-db\\.timer$ f VarFile
!/@@{RUN}/systemd/propagate/man-db\\.service$ d
-@@define LANGS (ca|cs|da|de(\\.UTF-8)?|en|es(\\.UTF-8)?|fi|fr(\\.(ISO8859-1|UTF-8))?|gl|hr|hu|id|it(\\.(ISO8859-1|UTF-8))?|ja(\\.UTF-8)?|jp|ko|nl|pl(\\.(UTF-8|ISO8859-2))?|pt(_BR)?|ro|ru|sv|sk|sl|sr|tr|uk|vi|zh(_(CH|CN|TW))?)
+@@define LANGS (ca|cs|da|de(\\.UTF-8)?|en|eo|es(\\.UTF-8)?|fi|fr(\\.(ISO8859-1|UTF-8))?|gl|hr|hu|id|it(\\.(ISO8859-1|UTF-8))?|ja(\\.UTF-8)?|jp|ko|nb|nl|pl(\\.(UTF-8|ISO8859-2))?|pt(_BR)?|ro|ru|sv|sk|sl|sr(_Cyrl)?|ta|tr|uk|vi|zh(_(CH|CN|Han[st]|TW))?)
/usr/share/man(/@@{LANGS})?(/man[1378])?$ d VarDir
/var/cache/man(/@@{LANGS})?$ d VarDir
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_mariadb aide-0.19.1/debian/aide.conf.d/31_aide_mariadb
--- aide-0.19.1/debian/aide.conf.d/31_aide_mariadb 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_mariadb 2025-10-14 09:02:49.000000000 +0200
@@ -4,6 +4,7 @@
/@@{MARIADB_DATADIR}/mysql/(global|tables)_priv\\.MAD$ f VarFile
/@@{MARIADB_DATADIR}/ib(data1|_logfile[01]|tmp1)$ f VarFile
/@@{MARIADB_DATADIR}/tc\\.log$ f VarFile
+ /@@{MARIADB_DATADIR}/undo00[123]$ f VarFile
/@@{MARIADB_DATADIR}/aria_log(\\.00000001|_control)$ f VarFile
/@@{MARIADB_DATADIR}$ d VarDir
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_postgresql aide-0.19.1/debian/aide.conf.d/31_aide_postgresql
--- aide-0.19.1/debian/aide.conf.d/31_aide_postgresql 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_postgresql 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1,54 @@
+!/dev/shm/PostgreSQL\\.[[:digit:]]+$ f
+
+@@if not defined PG_VERS
+@@define PG_VERS (17)
+@@endif
+@@if not defined PG_PORTS
+@@define PG_PORTS (5432)
+@@endif
+@@if not defined PG_CLUSTERS
+@@define PG_CLUSTERS (main)
+@@endif
+@@define PG_MCL @@{PG_VERS}/@@{PG_CLUSTERS}
+@@define RUNPG @@{RUN}/postgresql
+@@define VLPG var/lib/postgresql
+@@if not defined PG_DBOIDS
+@@define PG_DBOIDS (1|5)
+@@endif
+
+
+ /@@{RUNPG}$ d RecreatedDir
+!/@@{RUNPG}/\\.s\\.PGSQL\\.@@{PG_PORTS}$ s
+!/@@{RUNPG}/\\.s\\.PGSQL\\.@@{PG_PORTS}\\.lock$ f
+ /@@{RUNPG}/@@{PG_VERS}-@@{PG_CLUSTERS}\\.pg_stat_tmp$ d RecreatedDir
+ /@@{RUNPG}/@@{PG_VERS}-@@{PG_CLUSTERS}\\.pid$ f PidFile
+!/@@{RUNPG}/@@{PG_VERS}-@@{PG_CLUSTERS}\\.pg_stat_tmp/(db_[[:digit:]]+|global)\\.stat$ f
+
+ /@@{VLPG}/@@{PG_MCL}(pg_stat|/base(/(@@{PG_DBOIDS}|[[:digit:]]{5,6}))?)?$ d VarDir
+!/@@{VLPG}/@@{PG_MCL}/base/[[:digit:]]{5,6}/[[:digit:]]{4,6}(_(fsm|vm))?$ f
+ /@@{VLPG}/@@{PG_MCL}/(global|pg_(logical|subtrans|wal|xact))$ d VarDir
+ /@@{VLPG}/@@{PG_MCL}/global/pg_control$ f VarFile
+!/@@{VLPG}/@@{PG_MCL}/(base/[[:digit:]]+|global)/pg_internal\\.init$ f
+ /@@{VLPG}/@@{PG_MCL}/postmaster\\.opts$ f VarFile
+ /@@{VLPG}/@@{PG_MCL}/postmaster\\.pid$ f PidFile
+ /@@{VLPG}/@@{PG_MCL}/pg_logical/replorigin_checkpoint$ f VarFile
+ /@@{VLPG}/@@{PG_MCL}/pg_xact/00[0-4][[:xdigit:]]$ f VarFile+ANF
+ /@@{VLPG}/@@{PG_MCL}/pg_multixact/offsets/0000$ f VarFile
+!/@@{VLPG}/@@{PG_MCL}/pg_subtrans/[[:xdigit:]]{4}$ f
+!/@@{VLPG}/@@{PG_MCL}/pg_wal/[[:xdigit:]]{24}$ f
+
+@@define POSTGRES_LOGDIR var/log/postgresql
+@@define POSTGRES_LOGFILES postgresql-@@{PG_VERS}-@@{PG_CLUSTERS}\\.log
+/@@{POSTGRES_LOGDIR}$ d LogDir
+/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}$ f VarFile
+/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}\\.1$ f RotLog+ANF
+/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}\\.2\\.@@{LOGEXT}$ f CompSerLog
+/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}\\.[3456789]\\.@@{LOGEXT}$ f MidlSerLog
+/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}\\.10\\.@@{LOGEXT}$ f LastSerLog
+
+@@undef PG_VERS
+@@undef PG_PORTS
+@@undef PG_CLUSTERS
+@@undef PG_MCL
+@@undef RUNPG
+@@undef VLPG
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_postgresql-15 aide-0.19.1/debian/aide.conf.d/31_aide_postgresql-15
--- aide-0.19.1/debian/aide.conf.d/31_aide_postgresql-15 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_postgresql-15 1970-01-01 01:00:00.000000000 +0100
@@ -1,41 +0,0 @@
-!/dev/shm/PostgreSQL\\.[[:digit:]]+$ f
-
-# this is going to move to 31_aide_postgresql after trixie
-@@define PG_VERS (15)
-@@define PG_MCL @@{PG_VERS}/main
-@@define RUNPG @@{RUN}/postgresql
-@@define VLPG var/lib/postgresql
-
- /@@{RUNPG}$ d RecreatedDir
-!/@@{RUNPG}/\\.s\\.PGSQL\\.5432$ s
-!/@@{RUNPG}/\\.s\\.PGSQL\\.5432\\.lock$ f
- /@@{RUNPG}/@@{PG_VERS}-main\\.pg_stat_tmp$ d RecreatedDir
- /@@{RUNPG}/@@{PG_VERS}-main\\.pid$ f PidFile
-!/@@{RUNPG}/@@{PG_VERS}-main\\.pg_stat_tmp/(db_[[:digit:]]+|global)\\.stat$ f
-
- /@@{VLPG}/@@{PG_MCL}(/base(/(1|[[:digit:]]{5,6}))?)?$ d VarDir
-!/@@{VLPG}/@@{PG_MCL}/base/[[:digit:]]{5,6}/[[:digit:]]{4,6}(_(fsm|vm))?$ f
- /@@{VLPG}/@@{PG_MCL}/(global|pg_(logical|subtrans|wal|xact))$ d VarDir
- /@@{VLPG}/@@{PG_MCL}/global/pg_control$ f VarFile
-!/@@{VLPG}/@@{PG_MCL}/(base/[[:digit:]]+|global)/pg_internal\\.init$ f
- /@@{VLPG}/@@{PG_MCL}/postmaster\\.opts$ f VarFile
- /@@{VLPG}/@@{PG_MCL}/postmaster\\.pid$ f PidFile
- /@@{VLPG}/@@{PG_MCL}/pg_logical/replorigin_checkpoint$ f VarFile
- /@@{VLPG}/@@{PG_MCL}/pg_xact/00[0-4][[:xdigit:]]$ f VarFile+ANF
- /@@{VLPG}/@@{PG_MCL}/pg_multixact/offsets/0000$ f VarFile
-!/@@{VLPG}/@@{PG_MCL}/pg_subtrans/[[:xdigit:]]{4}$ f
-!/@@{VLPG}/@@{PG_MCL}/pg_wal/[[:xdigit:]]{24}$ f
-
-@@define POSTGRES_LOGDIR var/log/postgresql
-@@define POSTGRES_LOGFILES postgresql-@@{PG_VERS}-main\\.log
-/@@{POSTGRES_LOGDIR}$ d LogDir
-/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}$ f VarFile
-/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}\\.1$ f RotLog+ANF
-/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}\\.2\\.@@{LOGEXT}$ f CompSerLog
-/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}\\.[3456789]\\.@@{LOGEXT}$ f MidlSerLog
-/@@{POSTGRES_LOGDIR}/@@{POSTGRES_LOGFILES}\\.10\\.@@{LOGEXT}$ f LastSerLog
-
-@@undef PG_VERS
-@@undef PG_MCL
-@@undef RUNPG
-@@undef VLPG
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_radvd aide-0.19.1/debian/aide.conf.d/31_aide_radvd
--- aide-0.19.1/debian/aide.conf.d/31_aide_radvd 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_radvd 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1 @@
+!/@@{RUN}/radvd\\.pid$ f
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_run_systemd_dynamic-uid aide-0.19.1/debian/aide.conf.d/31_aide_run_systemd_dynamic-uid
--- aide-0.19.1/debian/aide.conf.d/31_aide_run_systemd_dynamic-uid 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_run_systemd_dynamic-uid 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1 @@
+ /@@{RUNSYSD}/dynamic-uid$ d RecreatedDir
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_run_systemd_netif aide-0.19.1/debian/aide.conf.d/31_aide_run_systemd_netif
--- aide-0.19.1/debian/aide.conf.d/31_aide_run_systemd_netif 2022-01-20 21:14:03.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_run_systemd_netif 2025-10-14 09:02:49.000000000 +0200
@@ -1,3 +1,4 @@
-/@@{RUN}/systemd/netif(/(links|lldp|leases))?$ d VarDir
-/@@{RUN}/systemd/netif/state$ f VarFile
-/@@{RUN}/systemd/netif/(links|lldp|leases)/[0-9]{1,2}$ f VarFile
+ /@@{RUN}/systemd/netif(/(links|lldp|leases))?$ d VarDir
+ /@@{RUN}/systemd/netif/state$ f VarFile
+ /@@{RUN}/systemd/netif/(dhcp-server-lease|links|lldp|leases)/[0-9]{1,2}$ f VarFile
+ /@@{RUN}/systemd/netif/dhcp-server-lease$ d RecreatedDir
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_samba aide-0.19.1/debian/aide.conf.d/31_aide_samba
--- aide-0.19.1/debian/aide.conf.d/31_aide_samba 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_samba 2025-10-14 09:02:49.000000000 +0200
@@ -1,5 +1,9 @@
/@@{RUN}/samba$ d RecreatedDir
- /@@{RUN}/samba/(brlock|gencache|smbd_clientupd|leases|locking|mutex|names|printer_list|serverid|smbXsrv_((client|open|session|tcon|version)_global))\\.tdb$ f VarFile
+ /@@{RUN}/samba/(brlock|gencache|smbd_(cleanupd|clientupd)|leases|locking|mutex|names|printer_list|serverid|smbXsrv_((client|open|session|tcon|version)_global))\\.tdb$ f VarFile
+# the next two lines are a possible improvement that can be used to
+# replace the previous line
+#!/@@{RUN}/samba/(smbd_(cleanupd)|mutex)\\.tdb$ f
+# /@@{RUN}/samba/(brlock|gencache|smbd_(clientupd)|leases|locking|names|printer_list|serverid|smbXsrv_((client|open|session|tcon|version)_global))\\.tdb$ f VarFile
/@@{RUN}/samba/(nmbd|smbd|samba-dcerpcd)\\.pid$ f VarFile
/@@{RUN}/samba/(msg\\.(lock|sock)|nmbd)$ d RecreatedDir
!/@@{RUN}/samba/msg\\.lock/[[:digit:]]+$ f
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_schroot aide-0.19.1/debian/aide.conf.d/31_aide_schroot
--- aide-0.19.1/debian/aide.conf.d/31_aide_schroot 2023-02-12 09:16:19.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_schroot 2025-10-14 09:02:49.000000000 +0200
@@ -1 +1 @@
-/@@{RUN}/lock/schroot$ d VarDir
+/@@{RUN}/lock/schroot$ d RecreatedDir
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_spamassassin aide-0.19.1/debian/aide.conf.d/31_aide_spamassassin
--- aide-0.19.1/debian/aide.conf.d/31_aide_spamassassin 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_spamassassin 2025-10-14 09:02:49.000000000 +0200
@@ -30,7 +30,7 @@
/@@{SAUPDATES}/10_(default_prefs|hasbase)\\.cf$ f VarFile
/@@{SAUPDATES}/20_(advance_fee|aux_tlds|body_tests|compensate|dnsbl_tests|drugs|dynrdns|fake_helo_tests|freemail(|_domains|_mailcom_domains)|head_tests|html_tests|imageinfo|mailspike|meta_tests|net_tests|pdfinfo|phrases|porn|ratware|uri_tests|vbounce)\\.cf$ f VarFile
/@@{SAUPDATES}/23_(bayes)\\.cf$ f VarFile
- /@@{SAUPDATES}/25_(accessdb|antivirus|asn|dcc|dkim|dmarc|dnswl|hashcash|pyzor|razor2|replace|spf|textcat|uribl|url_shortener)\\.cf$ f VarFile
+ /@@{SAUPDATES}/25_(accessdb|antivirus|asn|dcc|dkim|dmarc|dnswl|hashcash|pyzor|razor2|replace|spf|textcat|uribl|url_(redirectors|shortener))\\.cf$ f VarFile
/@@{SAUPDATES}/30_(text_(de|fr|it|nl|pl|pt_br))\\.cf$ f VarFile
/@@{SAUPDATES}/50_(scores)\\.cf$ f VarFile
/@@{SAUPDATES}/60_(adsp_override_dkim|awl|bayes_stopwords|shortcircuit|txrep|whitelist(|_auth|_dkim|_spf|_subject)|welcomelist(_(auth|dkim|spf|subject))?)\\.cf$ f VarFile
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_ssh-server aide-0.19.1/debian/aide.conf.d/31_aide_ssh-server
--- aide-0.19.1/debian/aide.conf.d/31_aide_ssh-server 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_ssh-server 2025-10-14 09:02:49.000000000 +0200
@@ -3,3 +3,7 @@
!/@@{RUN}/sshd$ d
!/@@{RUN}/ssh-unix-local/socket$ s
/@@{RUN}/systemd/generator/sshd-(unix-local|vsock)\\.socket$ f VarFile
+!/@@{RUN}/systemd/units/invocation:sshd-vsock\\.socket$ l
+ /@@{RUN}/issue\\.d$ d RecreatedDir
+ /@@{RUN}/issue\\.d/50-ssh-vsock\\.issue$ f VarFile
+
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_sudo aide-0.19.1/debian/aide.conf.d/31_aide_sudo
--- aide-0.19.1/debian/aide.conf.d/31_aide_sudo 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_sudo 2025-10-14 09:02:49.000000000 +0200
@@ -3,7 +3,8 @@
@@endif
@@define SUDO_STATE_DIR @@{RUN}/sudo
- /@@{SUDO_STATE_DIR}(/ts)?$ d RecreatedDir
+ /@@{SUDO_STATE_DIR}$ d RecreatedDir-n
+!/@@{SUDO_STATE_DIR}(/ts)?$ d
!/@@{SUDO_STATE_DIR}/ts/@@{SUDO_ALLOWED_UIDS}$ f
@@undef SUDO_STATE_DIR
@@undef SUDO_ALLOWED_UIDS
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_systemd aide-0.19.1/debian/aide.conf.d/31_aide_systemd
--- aide-0.19.1/debian/aide.conf.d/31_aide_systemd 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_systemd 2025-10-14 09:02:49.000000000 +0200
@@ -36,7 +36,7 @@
!/@@{RUNSYSD}/transient/user-[0-9]+\\.slice$ f
/@@{RUNSYSD}/unit-(private-tmp|root)$ d RecreatedDir
/@@{RUNSYSD}/units$ d RecreatedDir
-!/@@{RUNSYSD}/units/invocation:(session-c?[0-9]+\\.scope|[-\\\\@:[:alnum:]]+\\.service|([-_[:alnum:]]+|\\\\x2d)+\\.(mount|swap))$ l
+!/@@{RUNSYSD}/units/invocation:(session-c?[0-9]+\\.scope|[-\\\\@:[:alnum:]]+\\.service|([-_.[:alnum:]]+|\\\\x2d)+\\.(mount|swap))$ l
!/@@{RUNSYSD}/units/invocation:dbus\\.socket$ l
/@@{RUNSYSD}/userdb$ d RecreatedDir
!/@@{RUNSYSD}/userdb/io\\.systemd\\.DynamicUser$ s
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_systemd_sessions aide-0.19.1/debian/aide.conf.d/31_aide_systemd_sessions
--- aide-0.19.1/debian/aide.conf.d/31_aide_systemd_sessions 2022-01-20 21:14:03.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_systemd_sessions 2025-10-14 09:02:49.000000000 +0200
@@ -1,4 +1,12 @@
-/@@{RUN}/systemd/(sessions|transient|users)$ d VarDir
-!/@@{RUN}/systemd/sessions/[0-9]+(\\.ref)?$ p
-!/@@{RUN}/systemd/transient/session-[0-9]+\\.scope$ f
-!/@@{RUN}/systemd/users/[0-9]+$ f
+# not sure yet whether we need all users here that have services running
+# or whether only shell users
+@@if not defined SYSTEMD_UIDS
+@@define SYSTEMD_UIDS (@@{BITS_32_D})
+@@endif
+ /@@{RUN}/systemd/(machine|sessions|transient|users)$ d VarDir
+!/@@{RUN}/systemd/sessions/@@{SYSTEMD_UIDS}(\\.ref)?$ p
+!/@@{RUN}/systemd/transient/session-@@{SYSTEMD_UIDS}\\.scope$ f
+!/@@{RUN}/systemd/users/@@{SYSTEMD_UIDS}$ f
+!/@@{RUN}/systemd/io\\.systemd\\.(AskPassword|FactoryReset|Login|Manager)$ s
+!/@@{RUN}/systemd/machine/io\\.systemd\\.Machine(Image)?$ s
+!/@@{RUN}/user/@@{SYSTEMD_UIDS}/systemd/io\\.systemd\\.(AskPassword|Manager)$ s
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_systemd_tmpfiles aide-0.19.1/debian/aide.conf.d/31_aide_systemd_tmpfiles
--- aide-0.19.1/debian/aide.conf.d/31_aide_systemd_tmpfiles 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_systemd_tmpfiles 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1,6 @@
+# not sure yet whether we need all users here that have services running
+# or whether only shell users
+@@if not defined SYSTEMD_TMPFILES_UIDS
+@@define SYSTEMD_TMPFILES_UIDS (@@{BITS_32_D})
+@@endif
+!/@@{RUN}/user/@@{SYSTEMD_TMPFILES_UIDS}/systemd/units/invocation:systemd-tmpfiles-setup\\.service$ l
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_torrus aide-0.19.1/debian/aide.conf.d/31_aide_torrus
--- aide-0.19.1/debian/aide.conf.d/31_aide_torrus 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_torrus 2025-10-14 09:02:49.000000000 +0200
@@ -29,7 +29,10 @@
printf "!/var/lib/torrus/session_data/store/[0-9a-f]{32}$ f\\n"
printf "!/var/lib/torrus/session_data/lock/Apache-Session-[0-9a-f]{32}\\.lock$ f\\n"
printf " /var/lib/torrus/session_data/(store|lock)$ d VarDir\\n"
-printf "!/var/log/torrus/dbenv_errlog_%d$ f\\n" "$(pidof collector)"
+CPID="$(pidof collector)"
+if [ "${CPID}" ]; then
+ printf "!/var/log/torrus/dbenv_errlog_%d$ f\\n" "$(pidof collector)"
+fi
printf " /var/log/torrus$ d VarDir\\n"
printf " /@@{RUN}/torrus$ d RecreatedDir\\n"
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_udev aide-0.19.1/debian/aide.conf.d/31_aide_udev
--- aide-0.19.1/debian/aide.conf.d/31_aide_udev 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/aide.conf.d/31_aide_udev 2025-10-14 09:02:49.000000000 +0200
@@ -6,12 +6,13 @@
@@define RUNUDEVVIDEO (\\+drm:)?card[01]-(e?DP|HDMI-A|LVDS|VGA|Virtual|Writeback)-[1234]
!/@@{RUN}/udev$ d
!/@@{RUN}/udev/control$ s
+!/@@{RUN}/udev/io.systemd\\.Udev$ s
!/@@{RUN}/udev/(data|links(\\.lock)?|tags|watch)$ d
!/@@{RUN}/udev/data/@@{RUNUDEVCONT}$ f
!/@@{RUN}/udev/data/\\+input:input[[:digit:]]{1,2}$ f
!/@@{RUN}/udev/data/\\+module:(af_alg|algif_skcipher|configfs|dm_crypt)$ f
!/@@{RUN}/udev/data/\\+acpi:LNX(CPU|[[:upper:]]{5}):[01][[:xdigit:]]$ f
-!/@@{RUN}/udev/data/\\+acpi:(device|INT[[:xdigit:]]{4}|QEMUVGID:00|(ACPI|FUJ|FXY|INT|LEN|PNP|MSFT|SMO|QEMU)[[:xdigit:]]{4}:[0123][[:xdigit:]])$ f
+!/@@{RUN}/udev/data/\\+acpi:(device|INT[[:xdigit:]]{4}|QEMUVGID:00|(ACPI|FUJ|FXY|INT|IPI|LEN|PNP|MSFT|SMO|QEMU)[[:xdigit:]]{4}:[0123][[:xdigit:]])$ f
!/@@{RUN}/udev/data/\\+ata_device:dev[[:digit:]]\\.[01]$ f
!/@@{RUN}/udev/data/\\+ata_link:link[[:digit:]]$ f
!/@@{RUN}/udev/data/\\+ata_port:ata[[:digit:]]$ f
@@ -43,7 +44,7 @@
!/@@{RUN}/udev/data/\\+pci:@@{PCI_ADDRESS}$ f
!/@@{RUN}/udev/data/\\+pci_bus:0000:0[012345d]$ f
!/@@{RUN}/udev/data/\\+pci_express:@@{PCI_ADDRESS}:pcie0[01][01]$ f
-!/@@{RUN}/udev/data/\\+platform:((ACPI|QEMU)000[123C]|INT[[:xdigit:]]{4}|FUJ02E3|LEN0068|MSFT0101|PNP0[018C][01C][03494ABCDE]|QEMUVGID):0[01234]$ f
+!/@@{RUN}/udev/data/\\+platform:((ACPI|QEMU)000[123C]|INT[[:xdigit:]]{4}|IPI0001|FUJ02E3|LEN0068|MSFT0101|PNP0[018C][01C][03494ABCDE]|QEMUVGID):0[01234]$ f
!/@@{RUN}/udev/data/\\+platform:(acpi-cpufreq|axp20x-(adc|gpio|pek|regulator|usb-power-supply)|alarmtimer\\.0\\.auto|bcm2835-(power|wdt)|coretemp\\.0|cpufreq-dt|display-engine|dock\\.[01])$ f
!/@@{RUN}/udev/data/\\+platform:(efivars\\.0|emmc2bus|Fixed\ MDIO\ bus\\.0|gmac-3v3|gpio(-keys(-polled)?|_amd_fch)|gpu|hdmi-(audio-codec\\.[01]\\.auto|connector)|i2c-mux0|i8042|iio_hwmon\\.0|intel_rapl_msr\\.0|iTCO_wdt\\.[01]\\.auto)$ f
!/@@{RUN}/udev/data/\\+platform:(leds(-gpio)?|microcode|parport_pc\\.888|pcspkr|phy|platform-(bus@c000000|framebuffer\\.0)|pmu|psci(-cpuidle)?|raspberrypi-(cpufreq|hwmon)|reg-dummy|regulator-(cam1|sd-io-1v8|sd-vcc)|regulatory\\.0|irtc-efi\\.0)$ f
@@ -51,7 +52,7 @@
!/@@{RUN}/udev/data/\\+platform:((0|10000)\\.sram|1c00000\\.system-control|1c02000\\.dma-controller|1c05000\\.spi|1c0c000\\.lcd-controller|1c0d000\\.lcd-controller|1c0e000\\.video-codec|1c0f000\\.mmc|1c13000\\.usb)$ f
!/@@{RUN}/udev/data/\\+platform:(1c13400\\.phy|1c14000\\.usb|1c14400\\.usb|1c15000\\.crypto-engine|1c16000\\.hdmi|1c18000\\.sata|1c1c000\\.usb|1c1c400\\.usb|1c20000\\.clock|1c20800\\.pinctrl|1c20c00\\.timer|1c20c90\\.watchdog|1c20d00\\.rtc)$ f
!/@@{RUN}/udev/data/\\+platform:(1c21800\\.ir|1c22c00\\.codec|1c23800\\.eeprom|1c25000\\.rtp|1c28000\\.serial|1c28c00\\.serial|1c29c00\\.serial|1c2ac00\\.i2c|1c2b400\\.i2c|1c40000\\.gpu|1c50000\\.ethernet|1c60000\\.hstimer|1d00000\\.sram)$ f
-!/@@{RUN}/udev/data/\\+platform:(1e00000\\.display-frontend|1e20000\\.display-frontend|1e40000\\.display-backend|1e60000\\.display-backend|3ee64840\\.nvram|3f000000\\.pcie|7fe79000\\.framebuffer|9020000\\.fw-cfg)$ f
+!/@@{RUN}/udev/data/\\+platform:(1e00000\\.display-frontend|1e20000\\.display-frontend|1e40000\\.display-backend|1e60000\\.display-backend|[[:xdigit:]]{8}\\.nvram|3f000000\\.pcie|7fe79000\\.framebuffer|9020000\\.fw-cfg)$ f
!/@@{RUN}/udev/data/\\+platform:(a000000|a000200|a000400|a000600|a000800|a000a00|a000c00|a000e00|a001000|a001200|a001400|a001600|a001800|a001a00|a001c00|a001e00|a002000|a002200|a002400|a002600|a002800|a002a00|a002c00|a002e00|a003000|a003200|a003400|a003600|a003800|a003a00|a003c00|a003e00)\\.virtio_mmio$ f
!/@@{RUN}/udev/data/\\+platform:(fd500000\\.pcie|fd580000\\.ethernet|fd5d2000\\.avs-monitor(:thermal)?|fe003000\\.timer|fe004000\\.txp|fe007000\\.dma-controller|(fe00b840|fe00b880)\\.mailbox|fe100000\\.watchdog|fe101000\\.cprman|fe104000\\.rng|fe200000\\.gpio)$ f
!/@@{RUN}/udev/data/\\+platform:((fe205000|fe804000|fef04500|fef09500)\\.i2c|(fe206000|fe207000|fe20a000|fe216000)\\.pixelvalve|fe20c800\\.pwm|fe215000\\.aux|fe215040\\.serial|(fe300000|fe340000)\\.mmc|fe400000\\.hvs)$ f
@@ -79,41 +80,43 @@
!/@@{RUN}/udev/data/\\+workqueue:(raid5wq|writeback)$ f
!/@@{RUN}/udev/link\\.dvd$ l
!/@@{RUN}/udev/links/\\\\x2f[-[:alnum:]_]+(\\\\x2f[-[:alnum:]_\\.]+)?$ d
-!/@@{RUN}/udev/links/\\\\x2f[-[:alnum:]_]+(\\\\x2f[-[:alnum:]_\\.]+)?/@@{RUNUDEVCONT}$ f
+#!/@@{RUN}/udev/links/\\\\x2f[-[:alnum:]_]+(\\\\x2f[-[:alnum:]_\\.]+)?/@@{RUNUDEVCONT}$ f
!/@@{RUN}/udev/links/cdrom$ d
!/@@{RUN}/udev/links/cdrom/b[[:digit:]]+:[[:digit:]]$ l
+!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-designator\\\\x2f[[:alnum:]]+$ d
+!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-designator\\\\x2f[[:alnum:]]+/b254:[13]$ l
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-diskseq\\\\x2f[[:digit:]]{1,2}(-part[[:digit:]])?$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-diskseq\\\\x2f[[:digit:]]{1,2}(-part[[:digit:]])?/b(8|11|179|25[34]):([0123]|16)$ l
+!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-diskseq\\\\x2f[[:digit:]]{1,2}(-part[[:digit:]])?/b(8|11|179|25[34]):([0123]|1[6789])$ l
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fscsi-[-_[:alnum:]]+_drive-scsi((0-){3})?0(-part[123])?$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fscsi-[-_[:alnum:]]+_drive-scsi((0-){3})?0(-part[123])?/b8:[012]$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fscsi-[-_[:alnum:]]+_drive-scsi((0-){3})?0(-part[123])?/b8:[012]$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fusb-[-_[:alnum:]]+-0:0(-part[123])?$ d
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fusb-[-_[:alnum:]]+-0:0(-part[123])?/b8:[0123]$ l
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fscsi-[-_[:alnum:]]+_drive-scsi((0-){3})?0(-part[123])?/b8:[012]$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fscsi-[-_[:alnum:]]+_drive-scsi((0-){3})?0(-part[123])?/b8:[012]$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fata-[-_[:alnum:]]+(-part[123])?$ d
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fata-[-_[:alnum:]]+(-part[123])?/b(8|11|254):([0123]|1[6789])$ l
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fata-[-_[:alnum:]]+(-part[123])?/b(8|11|254):([0123]|1[6789])$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fata-[-_[:alnum:]]+(-part[123])?/b(8|11|254):([0123]|1[6789])$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fdm-name-[-_[:alnum:]]+$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fdm-name-[-_[:alnum:]]+/b25[34]:[[:digit:]]{1,2}$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fdm-name-[-_[:alnum:]]+/b25[34]:[[:digit:]]{1,2}$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fdm-name-[-_[:alnum:]]+/b25[34]:[[:digit:]]{1,2}$ l
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fmd-name-[-_[:alnum:]]+$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fmd-name-[-_[:alnum:]]+/b9:0$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fmd-name-[-_[:alnum:]]+/b9:0$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fmd-uuid-([[:xdigit:]]{8}:){3}[[:xdigit:]]{8}$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fmd-uuid-([[:xdigit:]]{8}:){3}[[:xdigit:]]{8}/b9:(0|127)$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fmd-uuid-([[:xdigit:]]{8}:){3}[[:xdigit:]]{8}/b9:(0|127)$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fmmc-[[:upper:][:digit:]]+_0x[[:xdigit:]]{8}$ d
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fmmc-[[:upper:][:digit:]]+_0x[[:xdigit:]]{8}/b179:0$ l
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fusb-[-[:alnum:]\\._]+_[[:digit:]]+-0:[0123]$ d
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fusb-[-[:alnum:]\\._]+_[[:digit:]]+-0:[0123]/b8:(0|16|32|48|64|80|96)$ l
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fwwn-0x[[:xdigit:]]{16}(-part[123])?$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fwwn-0x[[:xdigit:]]{16}(-part[123])?/b8:([0123]|1[6789])$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fwwn-0x[[:xdigit:]]{16}(-part[123])?/b8:([0123]|1[6789])$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-id\\\\x2fwwn-0x[[:xdigit:]]{16}(-part[123])?/b8:([0123]|1[6789])$ l
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-(part)?label\\\\x2f[-.\\\\_[:alnum:]]+$ d
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-(part)?label\\\\x2f[-.\\\\_[:alnum:]]+/b(8|11|25[34]):[[:digit:]]{1,2}$ l
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-(part)?label\\\\x2f[-.\\\\_[:alnum:]]+/b(8|11|25[34]):[[:digit:]]{1,2}$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-(part)?label\\\\x2f[-.\\\\_[:alnum:]]+/b(8|11|25[34]):[[:digit:]]{1,2}$ f
!/@@{RUN}/udev/links/\\\\x2fdisk\\\\x2fby-dname\\\\x2f[[:alnum:]]+-[[:alnum:]]+$ d
-!/@@{RUN}/udev/links/\\\\x2fdisk\\\\x2fby-dname\\\\x2f[[:alnum:]]+-[[:alnum:]]+/b(8|11|25[34]):[[:digit:]]{1,2}$ f
+#!/@@{RUN}/udev/links/\\\\x2fdisk\\\\x2fby-dname\\\\x2f[[:alnum:]]+-[[:alnum:]]+/b(8|11|25[34]):[[:digit:]]{1,2}$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-(part)?uuid\\\\x2f(@@{STRICTUUID}|[[:xdigit:]]{4}-[[:xdigit:]]{4}|[[:digit:]]{4}(-[[:digit:]]{2}){6}|[[:xdigit:]]{8}-[[:digit:]]{2})$ d
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-(part)?uuid\\\\x2f(@@{STRICTUUID}|[[:xdigit:]]{4}-[[:xdigit:]]{4}|[[:digit:]]{4}(-[[:digit:]]{2}){6}|[[:xdigit:]]{8}-[[:digit:]]{2})/b(8|11|25[34]):[[:digit:]]{1,2}$ l
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-(part)?uuid\\\\x2f(@@{STRICTUUID}|[[:xdigit:]]{4}-[[:xdigit:]]{4}|[[:digit:]]{4}(-[[:digit:]]{2}){6}|[[:xdigit:]]{8}-[[:digit:]]{2})/b(8|11|25[34]):[[:digit:]]{1,2}$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-(part)?uuid\\\\x2f(@@{STRICTUUID}|[[:xdigit:]]{4}-[[:xdigit:]]{4}|[[:digit:]]{4}(-[[:digit:]]{2}){6}|[[:xdigit:]]{8}-[[:digit:]]{2})/b(8|11|25[34]):[[:digit:]]{1,2}$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-path\\\\x2fplatform-1c0f000\\.mmc$ d
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-path\\\\x2fplatform-1c0f000\\.mmc/b179:0$ l
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-path\\\\x2fplatform-1c18000\\.sata-ata-1(\\.0)?(-part[12])?$ d
@@ -134,30 +137,37 @@
!/@@{RUN}/udev/links/@@{LOCAL_VARIANTS}(-part[12345])?/b(8|11|254):[0125]$ l
@@undef LOCAL_VARIANTS
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-path\\\\x2f(virtio-)?pci-@@{PCI_ADDRESS}(-ata-[12](\\.[01])?)?(-part[12345])?$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-path\\\\x2f(virtio-)?pci-@@{PCI_ADDRESS}(-ata-[12](\\.[01])?|-scsi-0:0:0:0)?(-part[12345])?/b(8|11|254):[[:digit:]]{1,2}$ f
+# pre-trixie? !/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-path\\\\x2f(virtio-)?pci-@@{PCI_ADDRESS}(-ata-[12](\\.[01])?|-scsi-0:0:0:0)?(-part[12345])?/b(8|11|254):[[:digit:]]{1,2}$ f
!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-path\\\\x2f(virtio-)?pci-@@{PCI_ADDRESS}(-ata-[12](\\.[01])?)?(-part[12345])?/b(8|11|254):[[:digit:]]{1,2}$ l
+!/@@{RUN}/udev/links/(\\\\x2f)?disk\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}(-part)\\\\x2fby-(part)?uuid\\\\x2f@@{STRICTUUID}/b(8|11|254):[[:digit:]]{1,2}$ l
!/@@{RUN}/udev/links/(\\\\x2f)?dri\\\\x2fby-path\\\\x2f(pci-@@{PCI_ADDRESS}|platform-(fec00000\\.)?gpu)-(card|render)$ d
!/@@{RUN}/udev/links/(\\\\x2f)?dri\\\\x2fby-path\\\\x2f(pci-@@{PCI_ADDRESS}|platform-(fec00000\\.)?gpu)-(card|render)/c226:(0|1|128)$ l
-!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-id\\\\x2fusb-QEMU_QEMU_USB_Tablet_(42|28754-@@{PCI_ADDRESS}:00\\.0-1)(-event)?(-kbd|-mouse)?$ d
+!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-id\\\\x2fusb-QEMU_QEMU_USB_Tablet_(42(-hidraw)?|28754-@@{PCI_ADDRESS}:00\\.0-1)(-(hidraw|event))?(-kbd|-mouse)?$ d
+#!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-id\\\\x2fusb-QEMU_QEMU_USB_Tablet_(42)(-event)?(-mouse)?/c13:(33|67)$ f
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-id\\\\x2fusb-QEMU_QEMU_USB_Tablet_(42|28754-@@{PCI_ADDRESS}:00\\.0-1)(-event)?(-kbd|-mouse)?/c13:(13|32|33|34|65|67)$ l
+!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-id\\\\x2fusb-QEMU_QEMU_USB_Tablet_(42-hidraw|28754-@@{PCI_ADDRESS}:00\\.0-1-hidraw)/c24[56]:0$ l
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-fef0[05]700\\.hdmi-event$ d
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-fef0[05]700\\.hdmi-event/c13:6[45]$ l
-!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}(-event)?(-kbd|-mouse)?$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}(-event)?(-kbd|-mouse)?/c13:(13|32|33|34|65|67)$ f
-!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}(-event)?(-kbd|-mouse)?/c13:(13|32|33|65|67)$ l
+!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}(-(event|hidraw))?(-kbd|-mouse)?$ d
+!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}(-event)?(-kbd|-mouse)?/c13:(13|32|33|34|65|67)$ l
+#!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}(-event)?(-kbd|-mouse)?/c13:(13|32|33|34|65|67)$ f
+!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}-hidraw/c24[56]:0$ l
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-gpio-keys-event$ d
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-gpio-keys-event/c13:64$ l
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-i8042-serio-[012](-event)?(-kbd|-mouse)?$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-i8042-serio-[012](-event)?(-kbd|-mouse)?/c13:(3[23]|6[456])$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-i8042-serio-[012](-event)?(-kbd|-mouse)?/c13:(3[23]|6[456])$ f
+!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-i8042-serio-0-event-kbd$ l
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-i8042-serio-[012](-event)?(-kbd|-mouse)?/c13:(3[23]|6[456])$ l
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-pcspkr-event-spkr$ d
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-pcspkr-event-spkr/c13:(68|69|70)$ l
!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-thinkpad_acpi-event$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-thinkpad_acpi-event/c13:71$ f
-!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-id\\\\x2fusb-[-_.[:alnum:]]+-if00-port0+$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-id\\\\x2fusb-[-_.[:alnum:]]+-if00-port0+/c188:0$ f
+#!/@@{RUN}/udev/links/(\\\\x2f)?input\\\\x2fby-path\\\\x2fplatform-thinkpad_acpi-event/c13:71$ f
+!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-id\\\\x2fusb-[-_.[:alnum:]]+-if0[01]-port0+$ d
+!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-id\\\\x2fusb-[-_.[:alnum:]]+-if0[01]-port0+/c188:[[:digit:]]$ l
!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}-port0$ d
-!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}/c188:0$ f
+!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-path\\\\x2fpci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}/c188:0$ l
+!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-path\\\\x2fplatform-fd500000\\.pcie-pci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}-port0$ d
+!/@@{RUN}/udev/links/(\\\\x2f)?serial\\\\x2fby-path\\\\x2fplatform-fd500000\\.pcie-pci-@@{PCI_ADDRESS}-usb(v2)?-@@{USB_ADDRESS}-port0/c188:[[:digit:]]$ f
!/@@{RUN}/udev/links/(\\\\x2f)?snd\\\\x2fby-path\\\\x2f(platform-(fe00b840\\.mailbox|fef0[05]700\\.hdmi)|pci-@@{PCI_ADDRESS})$ d
!/@@{RUN}/udev/links/(\\\\x2f)?snd\\\\x2fby-path\\\\x2f(platform-(fe00b840\\.mailbox|fef0[05]700\\.hdmi)|pci-@@{PCI_ADDRESS})/c116:[3579]$ l
!/@@{RUN}/udev/links/mapper\\\\x2f[-[:alnum:]]+$ d
@@ -183,4 +193,5 @@
!/@@{RUN}/udev/tags/systemd/\\+udc:fe980000\\.usb$ f
!/@@{RUN}/udev/watch/[[:digit:]]+$ l
@@undef RUNUDEVCONT
+@@undef RUNUDEVLEDS
@@undef RUNUDEVVIDEO
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_valkey aide-0.19.1/debian/aide.conf.d/31_aide_valkey
--- aide-0.19.1/debian/aide.conf.d/31_aide_valkey 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_valkey 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1,23 @@
+/var/lib/valkey$ d VarDir
+/var/lib/valkey/dump\\.rdb$ f VarFile
+
+@@if not defined VALKEY_DATADIRRE
+@@define VALKEY_DATADIRRE valkey
+@@endif
+@@if not defined VALKEY_LOGDIR
+@@define VALKEY_LOGDIR var/log/valkey
+@@endif
+@@if not defined VALKEY_LOGFILERE
+@@define VALKEY_LOGFILERE valkey-server\\.log
+@@endif
+/@@{VALKEY_LOGDIR}$ d VarDir
+/@@{VALKEY_LOGDIR}/@@{VALKEY_LOGFILERE}$ f ActLog
+/@@{VALKEY_LOGDIR}/@@{VALKEY_LOGFILERE}\\.1$ f RotLog
+/@@{VALKEY_LOGDIR}/@@{VALKEY_LOGFILERE}\\.2\\.@@{LOGEXT}$ f CompSerLog
+/@@{VALKEY_LOGDIR}/@@{VALKEY_LOGFILERE}\\.(1[01]|[3456789])\\.@@{LOGEXT}$ f MidlSerLog
+/@@{VALKEY_LOGDIR}/@@{VALKEY_LOGFILERE}\\.12\\.@@{LOGEXT}$ f LastSerLog
+/var/lib/@@{VALKEY_DATADIRRE}$ d VarDir
+/var/lib/@@{VALKEY_DATADIRRE}/dump\\.rdb$ f VarFile
+@@undef VALKEY_LOGDIR
+@@undef VALKEY_LOGFILERE
+@@undef VALKEY_DATADIRRE
diff -Nru aide-0.19.1/debian/aide.conf.d/31_aide_xfsprogs aide-0.19.1/debian/aide.conf.d/31_aide_xfsprogs
--- aide-0.19.1/debian/aide.conf.d/31_aide_xfsprogs 1970-01-01 01:00:00.000000000 +0100
+++ aide-0.19.1/debian/aide.conf.d/31_aide_xfsprogs 2025-10-14 09:02:49.000000000 +0200
@@ -0,0 +1,3 @@
+ /var/lib/systemd/timers/stamp-xfs_scrub_all\\.timer$ f VarFile
+ /var/lib/xfsprogs/xfs_scrub_all_media\\.stamp$ f VarFile
+
diff -Nru aide-0.19.1/debian/bin/buildcache aide-0.19.1/debian/bin/buildcache
--- aide-0.19.1/debian/bin/buildcache 2025-08-11 09:25:07.000000000 +0200
+++ aide-0.19.1/debian/bin/buildcache 2025-10-14 09:02:49.000000000 +0200
@@ -29,7 +29,9 @@
#!/bin/sh
+# TODO: parse DIR from configuration file
DIR="/var/lib/aide"
+AIDEUSER="_aide"
mkdir -p "$DIR"
TEMPFILE=$(mktemp "$DIR/tmp.XXXXXX")
CACHEFILE="$DIR/10_aide_rootrules_cache"
@@ -44,6 +46,7 @@
mv "${TEMPFILE}" "${CACHEFILE}"
fi
rm -f "${TEMPFILE}"
+chown "${AIDEUSER}" "${CACHEFILE}"
# vim: tabstop=4 shiftwidth=4 expandtab
# end of file
diff -Nru aide-0.19.1/debian/changelog aide-0.19.1/debian/changelog
--- aide-0.19.1/debian/changelog 2025-08-11 10:07:47.000000000 +0200
+++ aide-0.19.1/debian/changelog 2025-10-14 09:02:49.000000000 +0200
@@ -1,3 +1,50 @@
+aide (0.19.1-2+deb13u2) trixie; urgency=medium
+
+ * fix issue with 31_aide_lvm which doesn't work properly in the
+ non-root daily job: Implement bin/buildcache, run that from a root
+ timer and have the rule print the cache.
+ * new rules:
+ * 31_aide_cryptsetup
+ * 31_aide_grub-pc
+ * 31_aide_ksmtuned
+ * 31_aide_radvd
+ * 31_aide_run_systemd_dynamic-uid
+ * 31_aide_systemd_tmpfiles
+ * 31_aide_valkey
+ * 31_aide_xfsprogs
+ * update and improve rules:
+ * 10_aide_bits
+ * 10_aide_dateformats
+ * 10_aide_days
+ * 11_aide_dateformats_cury
+ * 10_aide_hardware
+ * 31_aide_apt-cacher-ng
+ * 31_aide_bind9
+ * 31_aide_console-setup
+ * 31_aide_cups
+ * 31_aide_dehydrated
+ * 31_aide_dev
+ * 31_aide_dokuwiki
+ * 31_aide_fwupd
+ * 31_aide_gnupg
+ * 31_aide_icinga2
+ * 31_aide_lighttpd
+ * 31_aide_man
+ * 31_aide_mariadb
+ * 31_aide_run_systemd_netif
+ * 31_aide_samba
+ * 31_aide_schroot
+ * 31_aide_spamassassin
+ * 31_aide_ssh-server
+ * 31_aide_sudo
+ * 31_aide_systemd
+ * 31_aide_systemd_sessions
+ * 31_aide_torrus
+ * 31_aide_udev
+ * re-work postgreql rules
+
+ -- Marc Haber <mh+debian-packages@zugschlus.de> Tue, 14 Oct 2025 09:02:49 +0200
+
aide (0.19.1-2+deb13u1) trixie-security; urgency=high
* Apply upstream patch to escape control characters in report and log output
Reply to: