[Openstack-security] [Bug 1617343] Re: AIDE should not look at changes in /run
OpenStack Infra
1617343 at bugs.launchpad.net
Fri Aug 26 21:54:10 UTC 2016
Reviewed: https://review.openstack.org/361237
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible-security/commit/?id=129e6292547f347b2038ba75655e95f73373b6cf
Submitter: Jenkins
Branch: master
commit 129e6292547f347b2038ba75655e95f73373b6cf
Author: Major Hayden <major at mhtx.net>
Date: Fri Aug 26 09:17:18 2016 -0500
Exclude /run from AIDE checks
The /run directory contains items that change frequently and often
change when services start/stop or the system reboots. This patch
excludes the /run directory from AIDE checks.
Closes-bug: 1617343
Change-Id: Ic915d4821c8a90c613c5822c6d54c2f7ab54da16
** Changed in: openstack-ansible
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1617343
Title:
AIDE should not look at changes in /run
Status in openstack-ansible:
Fix Released
Bug description:
AIDE shouldn't be wandering into /run since things there only live
temporarily.
---------------------------------------------------
Changed entries:
---------------------------------------------------
d =.... mc.. .. .: /etc/apparmor.d/libvirt
d =.... mc.. .. .: /etc/libvirt/qemu
d =.... mc.. .. .: /root
f >b... mc..C.. .: /root/.bash_history
f >.... mc..C.. .: /root/.ssh/known_hosts
f >b... mci.C.. .: /root/.viminfo
f =.... mci.C.. : /run/motd.dynamic
d >.... mc.. .. : /run/shm
f =.... ....C.. : /run/shm/spice.29052
d =.... mc.. .. : /run/systemd/sessions
d =.... mc.. .. : /run/systemd/users
f =.... mci.C.. : /run/systemd/users/0
d >.... . .. : /run/udev/data
d =.... mc.. .. : /run/user
To manage notifications about this bug go to:
https://bugs.launchpad.net/openstack-ansible/+bug/1617343/+subscriptions
More information about the Openstack-security
mailing list