How to install Aide
To install AIDE just issue the following command:
yum -y install aide
It installs aide but creates nothing until it is being instructed to do so.
How to setup Aide
Once aide is installed, the first step is to create a new database of the current system status, ideally this must be done just after OS installation is done. The rpm available on Bashlinux repository has done a configuration file that is located on /etc/aide.conf, and and only root can access it.
- Initialize the database
- Set database created as "database" to be compared against
mv /etc/aide.db.new /etc/aide.db
- Change database attributes
chattr +i /etc/aide.db
How to run Aide
This an abstract from the man pages.
- Check the database for inconsistencies. You must have an initialized database to do this. This is also the default command. Without any command aide does a check.
- Initialize the database. You must initialize a database and move it to the appropriate place before you can use the
- Check the database and updates the database non-interactively. The input and output databases must be different.
- Compares two databases. They must be defined in configfile with
- Stops after reading in the configuration file. Any errors will be reported. If aide was compiled with the
--with-dbhmackeyoption, a hash for the config file will be calculated. See the aide manual for more information