OCI: aide(1) is Failing with FIPSR Error
Applies To:
Linux OS – Version Oracle Linux 7.0 to Oracle Linux 9.0 [Release OL7 to OL9]
Linux x86_64 on Oracle Public Cloud
Symptoms:
AIDE is an intrusion detection utility that checks on the integrity of files on the system.
aide(1)
can fail with "Error in expression:FIPSR".
# aide --check 173:Error in expression:FIPSR Configuration error #
Cause:
/etc/aide.conf
is empty.
# cat /etc/aide.conf #
Solution:
- Regenerate a new database for
aide(1)
. This will take a few minutes.
# aide --init ... #
- Populate a new configuration file
/etc/aide.conf
with this:
# START OF FILE # Example configuration file for AIDE. @@define DBDIR /var/lib/aide @@define LOGDIR /var/log/aide # The location of the database to be read. database=file:@@{DBDIR}/aide.db.gz # The location of the database to be written. #database_out=sql:host:port:database:login_name:passwd:table #database_out=file:aide.db.new database_out=file:@@{DBDIR}/aide.db.new.gz # Whether to gzip the output to database gzip_dbout=yes # Default. verbose=5 report_url=file:@@{LOGDIR}/aide.log report_url=stdout #report_url=stderr #NOT IMPLEMENTED report_url=mailto:root@foo.com #NOT IMPLEMENTED report_url=syslog:LOG_AUTH # These are the default rules. # #p: permissions #i: inode: #n: number of links #u: user #g: group #s: size #b: block count #m: mtime #a: atime #c: ctime #S: check for growing size #acl: Access Control Lists #selinux SELinux security context #xattrs:
Tagged:
0