AIDE : Database updating
- Using a script
Rotating has been a process that gets repeated enough that using a script file was deemed worthwhile. See if the script file exists:
- If the script exists
If it does, then, great. Go ahead and use it (if you trust the software on this machine).
If the script doesn't exist yet, determine whether it should be installed. The key reason not to use the script is just that the current version requires OpenSSH's
(or a suitably compatible shell;
is also currently believed to be suitable enough to work). If such a shell is undesirable, then using the older method may be needed.
If you are going to be using the script, start by obtaining, and then installing it as follows:
If a private server is going to be used, have that variable be set to point to the desired location.
Also, check that a required directory exists:
- The /var/log/aide/ directory should be writable (which implies that it exists). (If the directory is not writable, commands to take care of that are in the filesystem integrity checker section, which provides information and resources for setting up this software.) Checking this is not typically something that needs to happen every time that the database is updated. This check is simply being done to verify that this got taken care of, at least once, probably around the time that the software was initially being configured.
- Installing required programs
The current version of the script uses
. (If those programs are unavailable,
could be used instead of
, and there are other compressors avaiable. However, the script does not check for suitable alternative programs. So, if possible, install the programs that the script seeks to use. Then there won't be the need to alter the script.)
- Installing required programs
- Programs to download/install
- Installing pv in OpenBSD
Additionally, the “rotate data” script should be installed before running this script.
When using this script, there won't be a need to manually perform rotation, because this script rotates files by running another script named
(which is a script that does not exist by default, and needed to be installed seperately).
That will likely start showing some output, incliding lines like “
”, and may take some time (a few minutes, or maybe many more minutes).
encode base64, data length:
- The older approach
For a while, the intended process was to perform “copy and paste” of some commands for rotating database files and updating database files. Experience indicated that process was more cumbersome than it should be, considering how often rotations are recommended, and so installing script files is worthwhile. Still, these old instructions remain avaiable.
It is recommended to start out by rotating the database files.
These instructions expect that some variables got set. These variables are set when following this guide's instructions for rotating the database files. If, for some reason, there is a desire to skip the step of rotating the database, then still make sure that these required environment variables are set. See: AIDE
The preferred syntax of the next line is designed for OpenBSD's
and similar/compatible shells:
- Preferred syntax
This can be accomplished with OpenBSD's
and similar/compatible shells by using:
After this is run, you can check the number reported after
to see the “error”/return code. Details for interpreting that are at: AIDE: Return code
- Other shells
If the shell does not support that preferred syntax, one could just remove the comment character from the following example command:
This does not capture the error code. (Trying to print the exit code after piping the results to
will just show the exit code of the
Note: If any files have been changed, then a non-zero “error level”/”return code” is normal. With many commands, seeing a non-zero error code is an indicator of a problem. (This is noted by Advanced Shell Scripting Guide (focused on Bash) Appendix E: Exit Codes With Special Meanings.) With this command, that is not a problem (unless the report was expected to show that no changes have happened).
After updating the database, the next thing that is recommended is to rotate the database files.
A common activity to do (after updating the files, and then rotating the files), is to view the resulting report. Details for doing that are at: AIDE “resulting report” showing (older method: AIDE: Reviewing the report).