Anthony Campbell wrote: > Thanks to all for replies, which pretty much confirm what I'd already > concluded. I may have a look at aide to see if it is easier to update. I use the following modification which some people will like and some people won't. YMMV. /etc/cron.daily/aide mods: -aide --check >$LOGFILE 2>$ERRORLOG +aide --update >$LOGFILE 2>$ERRORLOG +mv -f $DATABASE.new $DATABASE Basically every time it runs it updates the database. The changes are logged once only and then the database is updated. I review the changes and as long as they line up with what I expect then life is good. But if they do not line up then I need to investigate why. I keep backups of the database daily so that I can review previous signatures. Bob
Attachment:
pgpwn_yfhwBkn.pgp
Description: PGP signature