[Openstack-security] [Bug 1617343] Re: AIDE should not look at changes in /run

OpenStack Infra 1617343 at bugs.launchpad.net
Sun Sep 4 02:28:06 UTC 2016


Reviewed:  https://review.openstack.org/362830
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-security/commit/?id=e7373c4985ae8f4921b54002e2416554cb0da200
Submitter: Jenkins
Branch:    liberty

commit e7373c4985ae8f4921b54002e2416554cb0da200
Author: Major Hayden <major at mhtx.net>
Date:   Fri Aug 26 09:17:18 2016 -0500

    Exclude /run from AIDE checks
    
    The /run directory contains items that change frequently and often
    change when services start/stop or the system reboots. This patch
    excludes the /run directory from AIDE checks.
    
    Closes-bug: 1617343
    Backport-of: Ic915d4821c8a90c613c5822c6d54c2f7ab54da16
    Change-Id: Ib74d6ec24991039299b3ad2c2d550f488fc463ba


** Tags added: in-liberty

-- 
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1617343

Title:
  AIDE should not look at changes in /run

Status in openstack-ansible:
  Fix Released

Bug description:
  AIDE shouldn't be wandering into /run since things there only live
  temporarily.

  ---------------------------------------------------
  Changed entries:
  ---------------------------------------------------

  d =.... mc.. .. .: /etc/apparmor.d/libvirt
  d =.... mc.. .. .: /etc/libvirt/qemu
  d =.... mc.. .. .: /root
  f >b... mc..C.. .: /root/.bash_history
  f >.... mc..C.. .: /root/.ssh/known_hosts
  f >b... mci.C.. .: /root/.viminfo
  f =.... mci.C..  : /run/motd.dynamic
  d >.... mc.. ..  : /run/shm
  f =.... ....C..  : /run/shm/spice.29052
  d =.... mc.. ..  : /run/systemd/sessions
  d =.... mc.. ..  : /run/systemd/users
  f =.... mci.C..  : /run/systemd/users/0
  d >....    . ..  : /run/udev/data
  d =.... mc.. ..  : /run/user

To manage notifications about this bug go to:
https://bugs.launchpad.net/openstack-ansible/+bug/1617343/+subscriptions




More information about the Openstack-security mailing list