[Openstack-security] [Bug 1617343] Re: AIDE should not look at changes in /run
OpenStack Infra
1617343 at bugs.launchpad.net
Mon Aug 29 23:31:08 UTC 2016
Reviewed: https://review.openstack.org/362242
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-security/commit/?id=a32903414c2e50bd251a928584c7b9b8c88f1862
Submitter: Jenkins
Branch: stable/mitaka
commit a32903414c2e50bd251a928584c7b9b8c88f1862
Author: Major Hayden <major at mhtx.net>
Date: Fri Aug 26 09:17:18 2016 -0500
Exclude /run from AIDE checks
The /run directory contains items that change frequently and often
change when services start/stop or the system reboots. This patch
excludes the /run directory from AIDE checks.
Closes-bug: 1617343
Change-Id: Ic915d4821c8a90c613c5822c6d54c2f7ab54da16
** Tags added: in-stable-mitaka
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1617343
Title:
AIDE should not look at changes in /run
Status in openstack-ansible:
Fix Released
Bug description:
AIDE shouldn't be wandering into /run since things there only live
temporarily.
---------------------------------------------------
Changed entries:
---------------------------------------------------
d =.... mc.. .. .: /etc/apparmor.d/libvirt
d =.... mc.. .. .: /etc/libvirt/qemu
d =.... mc.. .. .: /root
f >b... mc..C.. .: /root/.bash_history
f >.... mc..C.. .: /root/.ssh/known_hosts
f >b... mci.C.. .: /root/.viminfo
f =.... mci.C.. : /run/motd.dynamic
d >.... mc.. .. : /run/shm
f =.... ....C.. : /run/shm/spice.29052
d =.... mc.. .. : /run/systemd/sessions
d =.... mc.. .. : /run/systemd/users
f =.... mci.C.. : /run/systemd/users/0
d >.... . .. : /run/udev/data
d =.... mc.. .. : /run/user
To manage notifications about this bug go to:
https://bugs.launchpad.net/openstack-ansible/+bug/1617343/+subscriptions
More information about the Openstack-security
mailing list