Bug 1708015
| Summary: | aide.conf needs updates for RHEL 8 | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Steve Grubb <sgrubb> | ||||||
| Component: | aide | Assignee: | Radovan Sroka <rsroka> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | high | ||||||||
| Version: | 8.0 | CC: | dapospis, fweimer, rsroka | ||||||
| Target Milestone: | rc | Keywords: | Triaged | ||||||
| Target Release: | 8.1 | Flags: | pm-rhel:
mirror+
|
||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | aide-0.16-9.el8 | Doc Type: | If docs needed, set a value | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2019-11-05 21:24:18 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 1510124 | ||||||||
| Attachments: |
|
||||||||
Created attachment 1592714 [details]
Updated config for aide
This is the updated config based on the updates that were added to RHEL 7.
(In reply to Steve Grubb from comment #13) > Created attachment 1592714 [details] > Updated config for aide > > This is the updated config based on the updates that were added to RHEL 7. Thanks! If you change this anyway: +# glibc linker +/etc/ld.so.cache$ CONTENT_EX +/etc/ld.so.conf$ CONTENT_EX +/etc/ld.so.conf.d/ CONTENT_EX It may make sense to add /etc/ld.so.preload here, which has been used to inject LD_PRELOAD-style rootkits. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2019:3485 |
Created attachment 1565874 [details] New config file for aide Description of problem: RHEL 8 has different files that need to be watched when compared to RHEL 7. The Common Criteria certification is setting the SCAP policy which will become a STIG. The current STIG mandates aide be installed. So, we need to update the aide.conf file. Additional info: Will attach a replacement conf file.