I've set up AIDE to run on a few of my boxes and I've put the aide.db
file on a write-protected floppy. It occurred to me that if the box
was rooted, the conf file could be edited, a new aide.db
generated. So, I thought it would be wise to put the aide.conf file on
the floppy as well. This requires modifying the cron job CONFFILE
variable to point to /floppy/aide/aide.conf.
When my cronjob is run, it reports that it could not access
Here are what I think the relative lines are in /etc/cron.daily/aide
DATABASE=`grep "^database=file:/" $CONFFILE | head -1 | cut -d: -f2`
[ -z "$DATABASE" ] && DATABASE="/var/lib/aide/aide.db"
So the conf file path is correct. The second line parses
database=file:/floppy/aide/aide.db to "/floppy/aide/aide.db" which is
correct. The third line gets a bit beyond my knowledge of bash
scripting, I assume it means that if the file the $DATABASE variable
points to doesn't exist, then set $DATABASE to /var/lib/aide/aide.db.
Here's the e-mail report I get:
Output of the daily AIDE run:
Couldn't open file /var/lib/aide/aide.db for reading
AIDE produced no errors.
Why is the third line above setting DATABASE to /var/lib/aide/aide.db?