Adelaide

Adelaide is a command-line script to automate the checking of important files for unauthorized changes on Linux and UNIX system.
Download

Adelaide Ranking & Summary

Advertisement

  • Rating:
  • License:
  • GPL
  • Price:
  • FREE
  • Publisher Name:
  • John Edwards
  • Publisher web site:
  • http://www.cornerstonelinux.co.uk/

Adelaide Tags


Adelaide Description

Adelaide is a command-line script to automate the checking of important files for unauthorized changes on Linux and UNIX system. Adelaide is a command-line script to automate the checking of important files for unauthorized changes on Linux and UNIX system, and then email the system administrator with the details if anything has changed.Requirements:· AIDEInstallation:This program is mainly a shell script and it's configuration file.If you have the Stow package management system then installation is easy: mkdir -p /usr/local/stow/adelaide cp -ai bin etc var /usr/local/stow/adelaide stow -v -d /usr/local/stow adelaideStow will create symbolic links in /usr/local to the real files in /usr/local/stow/adelaide. This means that you know which package the files belong to and can add or remove them easily. Stow is a single Perl script will run on most versions of UNIX or Linux.If you don't want to use stow then you copy the script and it's configuration file anywhere, though I would recomend against /usr/ as that will probably interfere with your OS package manager. When you run adelaide you will need to tell it where the config file is, eg: adelaide --config /opt/adelaide/etc/adelaide.confThis script will probably need to be run as the root user as there may be areas that only root can read.A cron job should be used to run this script at the desired times.Configuration:The adelaide.conf is the configuration file for this script. Important values to check and change before running are:aide_bin - location of the AIDE programaide_auto_dir - base directory where you installed adelaidewarning_email_to & db_email_to - where to send the emailsreport_lifetime & db_lifetime - how long to keep report and database filesYou will also need a working aide.conf, the configuration file for AIDE itself. Some settings will need to match the files locations you entered in the adelaide.conf file, such as:@@define TOPDIR /usr/local/stow/adelaidedatabase=file://@@{TOPDIR}/var/aide/aide.dbdatabase_out=file://@@{TOPDIR}/var/aide/aide.db.outdatabase_new=file://@@{TOPDIR}/var/aide/aide.db.newreport_url=stdoutgzip_dbout=noverbose=20The rest of the file will be a list of files to check and what properties to check them for (eg contents, timestamps, ownership). It may need some tweaking over time to get it checking what you want (eg some hosts may use DHCP and have /etc/resolv.conf changing).Some example aide.conf files have been included in the examples directory.


Adelaide Related Software

About SoftwareSea