Package Details: aide 0.18.6-1

Git Clone URL: https://aur.archlinux.org/aide.git (read-only, click to copy)
Package Base: aide
Description: A file integrity checker and intrusion detection program
Upstream URL: https://aide.github.io/
Licenses: GPL
Submitter: arojas
Maintainer: AlphaJack
Last Packager: AlphaJack
Votes: 3
Popularity: 0.115654
First Submitted: 2020-05-01 18:17 (UTC)
Last Updated: 2023-12-28 12:45 (UTC)

Pinned Comments

kitterhuff commented on 2023-04-24 06:56 (UTC) (edited on 2023-04-25 11:03 (UTC) by kitterhuff)

Hello! it is mandatory to manually import the gpg key of the aide developer.
  • You should be able to do it by issuing the command: gpg --recv-keys 2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931

Compare the output to the one in this github page:https://github.com/aide/aide it should be something along the lines of:

Hannes von Haugwitz hannes@vonhaugwitz.com Hannes von Haugwitz hvhaugwitz@debian.org 4096 bit RSA key F6947DAB68E7B931, created: 2011-06-28 Fingerprint: 2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931

andrej commented on 2021-03-27 20:58 (UTC) (edited on 2021-03-27 21:49 (UTC) by andrej)

A few more notes on this package:

  • The current version, 0.17.3, needs a few config tweaks (database_in instead of database, log_level and report_level instad of verbose).
  • It creates legacy logs -> it should have an entry in /etc/logrotate.d/.
  • It would be nice to have a few systemd units (.service and .timer) for regular maintenance and checks. Also, the database files need to be "rotated" after each run etc. The WiKi suggests using cron, but that's an outdated idea compared to systemd timers.
  • The cron idea is in fact also wrong, because it updates the checksums unconditionally. Automated regular maintenance (a systemd timer) should only run and log aide -C, not aide -u.
    • A Pacman hook (or the like) should run aide -u after updates. This could (and most likely should) be a systemd .service (but not a systemd .timer), so that it can be restarted in the background by Pacman after updates. This would have quite a few advantages:
      • aide -u would run automatically at the right time.
      • Pacman wouldn't need to block and wait for aide -u after an update.
      • However, if a reboot was to follow, aide -u would be waited for properly.
      • Another Pacman update started closely afterwards would block and wait for the previous aide -u correctly before starting a new one in the background (hence a restart instead of just a start).

kitterhuff commented on 2020-06-16 21:48 (UTC)

Hello, I am the current maintainer and I'm new to packaging, as such I will try my best to maintain the package up-to-date, if there's ANY problem message me: kitterhuff@gmail.com

Latest Comments

1 2 Next › Last »

simona commented on 2023-11-04 17:13 (UTC)

src/aidecheck.service missing

simona commented on 2023-07-12 08:34 (UTC)

install: impossibile eseguire stat di '/home/simona/.cache/yay/aide/src/aidecheck.service': File o directory non esistente

crab2313 commented on 2023-07-04 06:31 (UTC)

diff --git a/PKGBUILD b/PKGBUILD
index ec24bea..dc70c30 100755
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -14,11 +14,14 @@ license=('GPL')
 depends=('acl' 'e2fsprogs' 'libelf' 'mhash' 'pcre')
 backup=('etc/aide.conf')
 source=("https://github.com/aide/aide/releases/download/v${pkgver}/aide-${pkgver}.tar.gz"{,.asc} \
+       "aidecheck.service"
+       "aidecheck.timer"
         "aide.conf")
-sha256sums=('758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4' # aide-${pkgver}.tar.gz sha256sum
-             'SKIP'
-             'dd8f40a6e0a298dd0f457e6d814bc29c3fd5e5061cc9007386e2c2c3c7887f1a' # aide.conf chksum
-             )
+sha256sums=('758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4'
+            'SKIP'
+            'fc7bd68dccc0e8694bb5a001fb6a80514f1380e41b95742e19d19b3172b22878'
+            '818a70166118652c217cbc64d24eee4d8adc8f40dd41edaca543f67e2117b242'
+            'dd8f40a6e0a298dd0f457e6d814bc29c3fd5e5061cc9007386e2c2c3c7887f1a')

 validpgpkeys=('2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931') # Hannes von Haugwitz <hannes@vonhaugwitz.com>

<deleted-account> commented on 2023-06-23 15:28 (UTC)

Failed to compile due to missing src/aidecheck.service any workaround to fix it? I don't see where the compilation process is reference it or why it's disappearing every time I try to install

NebulaSurfer commented on 2023-05-18 14:49 (UTC)

Builds are still failing for me with @kyau's error message.

Scimmia commented on 2023-05-15 02:12 (UTC)

You only applied half of gabor_zoka's patch. Without adding the files to the source array, they aren't accessible in $srcdir, and the package is unbuildable.

haawda commented on 2023-04-26 12:39 (UTC) (edited on 2023-04-26 13:29 (UTC) by haawda)

The mhash packge in [community] does not have a file mhash.pc, therefore the build of aide fails.

You could include one in this taurball (name:mhash.pc)

prefix=/usr
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include
Name: mhash
Description: mhash - A thread-safe hash library which provides a uniform interface to hash algorithms (MD5, SHA1, HAVAL, etc)
URL:
Version: 0.9.9.9
Cflags: -I/usr/include/mhash
Libs: -L$(libdir) -lmhash
Libs.private:

pkgconfig_DATA = mhash.pc

and adjust the PKGBUILD to use it.

source=("https://github.com/aide/aide/releases/download/v${pkgver}/aide-${pkgver}.tar.gz"{,.asc} \
        "aide.conf" mhash.pc)
sha256sums=('758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4'
            'SKIP'
            'dd8f40a6e0a298dd0f457e6d814bc29c3fd5e5061cc9007386e2c2c3c7887f1a'
            'b82f2723de35bb6f6e5008c6505f07cdf6f4b63a06dc0316da7cd23b4da32e65')

plus

export PKG_CONFIG_PATH="/usr/lib/pkgconfig/:$srcdir" 

in the build function.

Otherwise and alternatively, --with-mhash would have to be removed.

And please remove --with-prelink configure option. It is not recognized anyway.

And please quote "$srcdir" and "$pkgdir".

leon22heart commented on 2023-04-26 10:15 (UTC) (edited on 2023-04-26 10:16 (UTC) by leon22heart)

Failing to build . Missing the mhash.pc file , which is not provided by the mhash package. Also tried PKG_CONFIG_PATH=/usr/lib/pkgconfig trizen -S aide .


lolidas@lolidas ~ (git)-[master] % trizen -S aide                                          
:: Pulling AUR changes: aide

--------------------------------------------------------------------------------
:: Content of /tmp/trizen-lolidas/aide/PKGBUILD
--------------------------------------------------------------------------------

# Maintainer: John Doe <kitterhuff@gmail.com>
# Previous Maintainer: Lukas Jirkovsky <l.jirkovsky@gmail.com>
# Contributor: Thomas S Hatch <thatch45@gmail.com>
# Contributor: Daniel J Griffiths <ghost1227@archlinux.us>
# Contributor: Tom Newsom <Jeepster@gmx.co.uk>

pkgname=aide
pkgver=0.18.2
pkgrel=3
pkgdesc='A file integrity checker and intrusion detection program.'
arch=('x86_64')
url="https://aide.github.io/"
license=('GPL')
depends=('acl' 'e2fsprogs' 'libelf' 'mhash' 'pcre')
backup=('etc/aide.conf')
source=("https://github.com/aide/aide/releases/download/v${pkgver}/aide-${pkgver}.tar.gz"{,.asc} \
        "aide.conf")
sha256sums=('758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4' # aide-${pkgver}.tar.gz sha256sum
             'SKIP'
             'dd8f40a6e0a298dd0f457e6d814bc29c3fd5e5061cc9007386e2c2c3c7887f1a' # aide.conf chksum
             )

validpgpkeys=('2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931') # Hannes von Haugwitz <hannes@vonhaugwitz.com>

build() {
        echo $srcdir
    cd $srcdir/$pkgname-$pkgver
    ./configure \
        --prefix=/usr \
        --sysconfdir=/etc \
        --with-mhash \
        --with-posix-acl \
        --with-prelink \
        --with-xattr \
        --with-zlib \
        --with-e2fsattrs \
        --disable-static
    make
}

package() {
    cd ..
    cp aidecheck.service $srcdir/aidecheck.service
    cp aidecheck.timer $srcdir/aidecheck.timer
    cd $srcdir/$pkgname-$pkgver
    make DESTDIR=$pkgdir install
    echo $pkgdir
    install -D -m644 $srcdir/aide.conf $pkgdir/etc/aide.conf
    install -D -m644 $srcdir/aidecheck.service $pkgdir/usr/lib/systemd/system/aidecheck.service
    install -D -m644 $srcdir/aidecheck.timer $pkgdir/usr/lib/systemd/system/aidecheck.timer
        mkdir -p $pkgdir/var/{log,lib}/aide/
}

--------------------------------------------------------------------------------
:: Content of /tmp/trizen-lolidas/aide/aide.conf
--------------------------------------------------------------------------------

# Example configuration file for AIDE.
# More information about configuration options available in the aide.conf manpage.
@@define DBDIR /var/lib/aide
@@define LOGDIR /var/log/aide

# The location of the database to be read.
database_in=file:@@{DBDIR}/aide.db.gz

# The location of the database to be written.
#database_out=sql:host:port:database:login_name:passwd:table
#database_out=file:aide.db.new
database_out=file:@@{DBDIR}/aide.db.new.gz

# Whether to gzip the output to database
gzip_dbout=yes

# Default.
log_level=warning
report_level=changed_attributes

report_url=file:@@{LOGDIR}/aide.log
report_url=stdout
#report_url=stderr
# 
# Here are all the attributes we can check
#p:       permissions
#i:       inode
#n:       number of links
#l:       link name
#u:       user
#g:       group
#s:       size
###b:        block count
#m:       mtime
#a:       atime
#c:       ctime
#S:       check for growing size
#I:       ignore changed filename
#ANF:     allow new files
#ARF:     allow removed files
#

# Here are all the digests we can use
#md5:           md5 checksum
#sha1:          sha1 checksum
#sha256:        sha256 checksum
#sha512:        sha512 checksum
#rmd160:        rmd160 checksum
#tiger:         tiger checksum
#haval:         haval checksum
#crc32:         crc32 checksum
#gost:          gost checksum
#whirlpool:     whirlpool checksum

# These are the default rules 
#R:             p+i+l+n+u+g+s+m+c+md5
#L:             p+i+l+n+u+g
#E:             Empty group
#>:             Growing logfile p+l+u+g+i+n+S

# You can create custom rules - my home made rule definition goes like this 
ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
# Everything but access time (Ie. all changes)
EVERYTHING = R+ALLXTRAHASHES

# Sane, with multiple hashes
# NORMAL = R+rmd160+sha256+whirlpool
NORMAL = R+rmd160+sha256

# For directories, don't bother doing hashes
DIR = p+i+n+u+g+acl+xattrs

# Access control only
PERMS = p+i+u+g+acl

# Logfile are special, in that they often change
LOG = >

# Just do md5 and sha256 hashes
LSPP = R+sha256

# Some files get updated automatically, so the inode/ctime/mtime change
# but we want to know when the data inside them changes
DATAONLY =  p+n+u+g+s+acl+xattrs+md5+sha256+rmd160+tiger


# Next decide what directories/files you want in the database.

/boot   NORMAL
/bin    NORMAL
/sbin   NORMAL
/lib    NORMAL
/lib64  NORMAL
/opt    NORMAL
/usr    NORMAL
/root   NORMAL
# These are too volatile
!/usr/src
!/usr/tmp

# Check only permissions, inode, user and group for /etc, but
# cover some important files closely.
/etc    PERMS
!/etc/mtab
# Ignore backup files
!/etc/.*~
/etc/exports  NORMAL
/etc/fstab    NORMAL
/etc/passwd   NORMAL
/etc/group    NORMAL
/etc/gshadow  NORMAL
/etc/shadow   NORMAL
/etc/security/opasswd   NORMAL

/etc/hosts.allow   NORMAL
/etc/hosts.deny    NORMAL

/etc/sudoers NORMAL
/etc/skel NORMAL

/etc/logrotate.d NORMAL

/etc/resolv.conf DATAONLY

/etc/nscd.conf NORMAL
/etc/securetty NORMAL

# Shell/X starting files
/etc/profile NORMAL
/etc/bashrc NORMAL
/etc/bash_completion.d/ NORMAL
/etc/login.defs NORMAL
/etc/zprofile NORMAL
/etc/zshrc NORMAL
/etc/zlogin NORMAL
/etc/zlogout NORMAL
/etc/profile.d/ NORMAL
/etc/X11/ NORMAL

# Ignore logs
!/var/lib/pacman/.*
!/var/cache/.*
!/var/log/.*  
!/var/run/.*  
!/var/spool/.*

--------------------------------------------------------------------------------
:: Content of /tmp/trizen-lolidas/aide/aidecheck.service
--------------------------------------------------------------------------------

[Unit]
Description=Aide Check
ConditionACPower=true

[Service]
Type=simple
ExecStart=/usr/bin/aide --check

[Install]
WantedBy=multi-user.target

--------------------------------------------------------------------------------
:: Content of /tmp/trizen-lolidas/aide/aidecheck.timer
--------------------------------------------------------------------------------

[Unit]
Description=Aide check every day at 5AM

[Timer]
OnCalendar=*-*-* 05:00:00
Unit=aidecheck.service

[Install]
WantedBy=multi-user.target

Repository      : AUR
Name            : aide
Version         : 0.18.2-3
Maintainer      : kitterhuff
URL             : https://aide.github.io/
AUR URL         : https://aur.archlinux.org/packages/aide
License         : GPL
Votes           : 2
Popularity      : 0.00013%
Installed       : Yes
Out Of Date     : No
Depends On      : acl
                  e2fsprogs
                  libelf
                  mhash
                  pcre
Make Deps       : None
Check Deps      : None
Optional Deps   : None
Provides        : None
Conflicts With  : None
Replaces        : None
Package Base    : aide
Last Update     : Mon Apr 24 08:51:56 2023
Description     : A file integrity checker and intrusion detection program.

==> Making package: aide 0.18.2-3 (Wed 26 Apr 2023 12:04:50 PM CEST)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found aide-0.18.2.tar.gz
  -> Found aide-0.18.2.tar.gz.asc
  -> Found aide.conf
==> Validating source files with sha256sums...
    aide-0.18.2.tar.gz ... Passed
    aide-0.18.2.tar.gz.asc ... Skipped
    aide.conf ... Passed
==> Verifying source file signatures with gpg...
    aide-0.18.2.tar.gz ... Passed
==> Extracting sources...
  -> Extracting aide-0.18.2.tar.gz with bsdtar
==> Removing existing $pkgdir/ directory...
==> Starting build()...
/tmp/trizen-lolidas/aide/src
configure: WARNING: unrecognized options: --with-prelink
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a race-free mkdir -p... /usr/bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables... 
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether the compiler supports GNU C... yes
checking whether gcc accepts -g... yes
checking for gcc option to enable C11 features... none needed
checking whether gcc understands -c and -o together... yes
checking whether make supports the include directive... yes (GNU style)
checking dependency style of gcc... gcc3
checking whether make sets $(MAKE)... (cached) yes
checking for ranlib... ranlib
checking for bison... bison -y
checking for flex... flex
checking for lex output file root... lex.yy
checking for lex library... none needed
checking whether yytext is a pointer... yes
checking for ld... ld
checking for pkg-config... /usr/bin/pkg-config
checking for special C compiler options needed for large files... no
checking for _FILE_OFFSET_BITS value needed for large files... no
checking whether ld supports "-z,relro"... egrep: warning: egrep is obsolescent; using grep -E
yes
checking whether ld supports "-z,now"... egrep: warning: egrep is obsolescent; using grep -E
yes
checking whether gcc supports "-fPIE-DPIE"... yes
checking whether gcc supports "-Wundef"... yes
checking whether gcc supports "-Wmissing-format-attribute"... yes
checking whether gcc supports "-Wshadow"... yes
checking whether gcc supports "-Wlogical-op"... yes
checking for library containing syslog... none required
checking for vsyslog... yes
checking for stdio.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for strings.h... yes
checking for sys/stat.h... yes
checking for sys/types.h... yes
checking for unistd.h... yes
checking whether byte ordering is bigendian... no
checking for byte... no
checking for ushort... yes
checking for ulong... yes
checking for u16... no
checking for u32... no
checking for u64... no
checking size of unsigned short... 2
checking size of unsigned int... 4
checking size of unsigned long... 8
checking size of unsigned long long... 8
checking size of int... 4
checking size of long long... 8
checking size of uid_t... 4
checking size of gid_t... 4
checking size of ino_t... 8
checking size of nlink_t... 8
checking size of off_t... 8
checking size of blkcnt_t... 8
checking for strtoll... yes
checking for strtoimax... yes
checking for readdir... yes
checking for stricmp... no
checking for strnstr... no
checking for strnlen... yes
checking for fcntl... yes
checking for ftruncate... yes
checking for posix_fadvise... yes
checking for asprintf... yes
checking for snprintf... yes
checking for vasprintf... yes
checking for vsnprintf... yes
checking for va_copy... no
checking for __va_copy... no
checking for sigabbrev_np... yes
checking for sys/prctl.h... yes
checking for open/O_NOATIME... no
checking for syslog.h... yes
checking for inttypes.h... (cached) yes
checking for fcntl.h... yes
checking for ctype.h... yes
checking for pkg-config... (cached) /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for libpcre2-8... yes
checking for pthread for multithreading... yes
checking for a sed that does not truncate output... /usr/bin/sed
checking how to run the C preprocessor... gcc -E
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking whether gcc is Clang... no
checking whether pthreads work with "-pthread" and "-lpthread"... yes
checking for joinable pthread attribute... PTHREAD_CREATE_JOINABLE
checking whether more special flags are required for pthreads... no
checking for PTHREAD_PRIO_INHERIT... yes
checking for zlib compression... yes
checking for zlib... yes
checking for POSIX ACLs... yes
checking for libacl... yes
checking for SELinux... no
checking for xattr... yes
checking for libattr... yes
checking for POSIX 1003.1e capabilities... no
checking for e2fsattrs... yes
checking for e2p... yes
checking for cURL... no
checking for Mhash... yes
checking for GNU crypto library... check
checking for mhash... no
configure: error: mhash not found by pkg-config - Try to add directory containing mhash.pc to PKG_CONFIG_PATH environment variable
==> ERROR: A failure occurred in build().
    Aborting...
:: Unable to build aide - makepkg exited with code: 4
=>> Try again? [y/N]: 

kitterhuff commented on 2023-04-24 06:56 (UTC) (edited on 2023-04-25 11:03 (UTC) by kitterhuff)

Hello! it is mandatory to manually import the gpg key of the aide developer.
  • You should be able to do it by issuing the command: gpg --recv-keys 2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931

Compare the output to the one in this github page:https://github.com/aide/aide it should be something along the lines of:

Hannes von Haugwitz hannes@vonhaugwitz.com Hannes von Haugwitz hvhaugwitz@debian.org 4096 bit RSA key F6947DAB68E7B931, created: 2011-06-28 Fingerprint: 2BBBD30FAAB29B3253BCFBA6F6947DAB68E7B931