1. Update request. Latest download at https://github.com/aide/aide/releases/download/v0.18.8/aide-0.18.8.tar.gz 2. Licence is stated as GPLv2 Refer https://github.com/aide/aide/blob/master/src/aide.c in the preamble https://aide.github.io/ "AIDE is licensed under GPL-2.0." 3. Would it be possible to add the following to CONFIGURE_ARGS --with-posix-acl use POSIX ACLs (no checking) --with-xattr use xattr (no checking) 4. I'm unable to ascertain if the Configure option --with-capabilities use caps (no checking) leverages FreeBSD's capabilities. Perhaps consideration for another day? FYI: The Changelog references 0.19 (unreleased) with compatability changes and performance and error handling improvements.
Hey Cy, How can we assist with this? Would providing a patch help speed things up? Thanks.
(In reply to Stan Rudenko from comment #1) Sure. If you want full credit commit them to your own git tree and extract the commits using git format-patch. Then attach to this PR. If you want to make clean-up changes to the port, submit them separately. This keeps the log clean. I do have an update here but it fails to build due to obvious programming errors.
(In reply to Cy Schubert from comment #2) A quick update. The lastest stable Version, 0.19 is now available, refer: https://github.com/aide/aide/releases/download/v0.19/aide-0.19.tar.gz From https://aide.github.io/ Thank-you.
(In reply to dewayne from comment #3) I'm working through the excellent CIS_FreeBSD_14_Benchmark_v1.0.1.pdf (referenced from https://freebsdfoundation.org/project/center-for-internet-security-cis-freebsd-14-benchmark/ ) by Allan and Moin. This document references AIDE. The sections "5.3.1 Ensure AIDE is installed", and "5.3.2 Ensure filesystem integrity is regularly checked " both reference and use aide for the purpose of file integrity checking. As I'm building a new server, it would be a useful exercise to be fully compliance, hence this update. Unfortunately there are quite a few changes in 0.19 that are beyond me: 1. From https://www.ipi.fi/pipermail/aide/2025-April/001808.html "The most noteworthy changes between v0.18 and v0.19 are: * BACKWARDS INCOMPATIBLE CHANGES - switch from libmhash to libnettle" and this may be a problem, from https://github.com/aide/aide/commit/002712ac1307b4213bd8dbf5ad77b03b8b05c3e5 2. "2025-03-25 Hannes von Haugwitz <hannes@vonhaugwitz.com> * Handle SIGUSR1 only after config parsing (closes: #181)More actions * Require nettle >= 3.7 and libselinux >= 3.4" So I rebuilt AIDE 0.18.6 on a FreeBSD 14.3-PRERELEASE. Perhaps if e2fsattrs is required it could be an option. I don't use ext2/3 and forced: # 20250623 Force acls only CONFIGURE_ARGS+=--with-posix-acl #.if ${FLAVOR:U} != without_acl #CONFIGURE_ARGS+=--with-posix-acl \ # --with-e2fsattrs #LIB_DEPENDS+= libe2p.so:filesystems/e2fsprogs-core #.endif This works well on devices mounted with acls, but the default ufs2 will generate a lot of WARNING: failed to get ACL of ... even when acls The aide.db is correct and functional, per aide --init|check|update|config-check Lets rebuild with xattrs (BTW: this fails) # 20250623 Force acl and xattr CONFIGURE_ARGS+=--with-posix-acl --with-xattr #.if ${FLAVOR:U} != without_acl #CONFIGURE_ARGS+=--with-posix-acl \ # --with-e2fsattrs #LIB_DEPENDS+= libe2p.so:filesystems/e2fsprogs-core #.endif # aide --check; echo $? WARNING: /usr/local/etc/aide.conf:79: ignoring not compiiled-in attribute(s): xattrs (line: '/m/ M') WARNING: failed to get ACL of /sbin: Invalid argument Finally I replaced database=file:///var/db/aide/databases/aide.db with database_in=file:///var/db/aide/databases/aide.db and suppressed the Warning messages with log_level=error I then tried 0.18.8 as a stop-gap to 0.19, by: cp -pvR security/aide security/aide8 modified Makefile for PORTVERSION= 0.18.8 PORTREVISION= 0 make -C security/aide8 makesum make -C security/aide8 clean build splat! : warning: call to undeclared function 'write'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 129 | (void) !write(STDERR_FILENO ,str, strlen(str)); | ^ src/aide.c:129:25: error: use of undeclared identifier 'STDERR_FILENO' 129 | (void) !write(STDERR_FILENO ,str, strlen(str)); Unfortunately, the next action to take is beyond me. Sorry. I hope this saves you some work and/or is useful?
^Triage: what is the state of this aging Problem Report?
Updated to aide-0.19.2 already.