Description of problem: The aide RPM does not verify if the admin modifies the /etc/aide.conf file. Version-Release number of selected component (if applicable): aide-0.13.1-9.fc8 (home built using the FC12 spec file, and the aide CVS source code) How reproducible: Always Steps to Reproduce: 1. Install aide 2. Modify /etc/aide.conf to suit your needs 3. Run 'RPM -V aide' Actual results: # rpm -V aide S.5....T c /etc/aide.conf Expected results: The aide rpm should verify cleanly (nothing output) Additional info: The RPM spec file has a '%verify' option (or something like that) I think that can be specified for config files, so that 'rpm -V' knows not to check the config file as it will probably have been changed.
Just upgraded my PC to F11, aide version aide-0.13.1-12.fc11.x86_64 (built from the FC12 aide RPM source). I changed one line in the aide.spec file: %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/aide.conf to %config(noreplace) %attr(0600,root,root) %verify(not md5 size mtime) %{_sysconfdir}/aide.conf This sorted out the rpm verify problem. John.
After discussing this on Fedora-devel mail list, I do not think its a good idea to purposely hide rpm's ability to detect changed config files. Especially for security packages.