Re: find file changes

[Mark . Burgess]

On  9 Oct, Tony wrote:
> 
> Conseptually I'd like to see something like tripwire or aide like
> functionality integrated w/ cfengine.
> 
> So my cfengine.conf would contain something like
> 
> files:
> AllMachines.FileMonitor::
> /etc/TIMEZONE                 L
> /etc/aliases          L
> /etc/auto_master      L
> /etc/bootparams       L
> /etc/bootptab         L
> /etc/datemsk          L
> /usr/bin                R-tiger-rmd160-sha1
> /usr/include            R-tiger-rmd160-sha1
> /usr/lib                R-tiger-rmd160-sha1
> /usr/libdata            R-tiger-rmd160-sha1
> /usr/libexec            R-tiger-rmd160-sha1
> /usr/local/bin          R-tiger-rmd160-sha1
> /usr/local/etc          L
> /usr/local/lib          R-tiger-rmd160-sha1
> /usr/local/libexec      R-tiger-rmd160-sha1
> /usr/local/sbin         R-tiger-rmd160-sha1
> 
> where L is an aide is a predefined macro for things about the file to check 
> for.
> 


I don't reall understand why folks have not understood that this
is all pretty much possible today and has been for some time.
The specific features of tripwire which do not resemble cfengine's
way if working are mainly omitted because I strongly feel that tripwire's
approach is wrong.

Tripwire is about binding people's time by just sending warnings.
Cfengine is about saving time by keeping things right. I will
never allow that to change. If cfengine really is missing something
important (i.e. not just something traditional) then I will
add it, but I do not add features just because other well known
software has them. There has to be a defensible reason.

Mark

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272            Email:  Mark.Burgess@iu.hio.no
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~