You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

OCI: aide(1) is Failing with FIPSR Error

edited May 29, 2023 4:54AM in Linux

Applies To:

Linux OS – Version Oracle Linux 7.0 to Oracle Linux 9.0 [Release OL7 to OL9]

Linux x86_64 on Oracle Public Cloud

Symptoms:

AIDE is an intrusion detection utility that checks on the integrity of files on the system.

aide(1) can fail with "Error in expression:FIPSR".

# aide --check
173:Error in expression:FIPSR
Configuration error
#

Cause:

/etc/aide.conf is empty.

# cat /etc/aide.conf
#

Solution:

  • Regenerate a new database for aide(1). This will take a few minutes.
# aide --init
...
#
  • Populate a new configuration file/etc/aide.conf with this:
# START OF FILE
# Example configuration file for AIDE.
@@define DBDIR /var/lib/aide
@@define LOGDIR /var/log/aide
# The location of the database to be read.
database=file:@@{DBDIR}/aide.db.gz
# The location of the database to be written.
#database_out=sql:host:port:database:login_name:passwd:table
#database_out=file:aide.db.new
database_out=file:@@{DBDIR}/aide.db.new.gz
# Whether to gzip the output to database
gzip_dbout=yes
# Default.
verbose=5
report_url=file:@@{LOGDIR}/aide.log
report_url=stdout
#report_url=stderr
#NOT IMPLEMENTED report_url=mailto:root@foo.com
#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
# These are the default rules.
#
#p:      permissions
#i:      inode:
#n:      number of links
#u:      user
#g:      group
#s:      size
#b:      block count
#m:      mtime
#a:      atime
#c:      ctime
#S:      check for growing size
#acl:           Access Control Lists
#selinux        SELinux security context
#xattrs:     

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!