Re: find file changes

[Tony]

On Tue, 9 Oct 2001 Mark.Burgess@iu.hio.no wrote:

> On  9 Oct, Tony wrote:
> >
> > Conseptually I'd like to see something like tripwire or aide like
> > functionality integrated w/ cfengine.
> >
> > So my cfengine.conf would contain something like
> >
> > files:
> > AllMachines.FileMonitor::
> > /etc/TIMEZONE               L
> > /etc/aliases                L
> > /etc/auto_master    L
> > /etc/bootparams     L
> > /etc/bootptab               L
> > /etc/datemsk                L
> > /usr/bin                R-tiger-rmd160-sha1
> > /usr/include            R-tiger-rmd160-sha1
> > /usr/lib                R-tiger-rmd160-sha1
> > /usr/libdata            R-tiger-rmd160-sha1
> > /usr/libexec            R-tiger-rmd160-sha1
> > /usr/local/bin          R-tiger-rmd160-sha1
> > /usr/local/etc          L
> > /usr/local/lib          R-tiger-rmd160-sha1
> > /usr/local/libexec      R-tiger-rmd160-sha1
> > /usr/local/sbin         R-tiger-rmd160-sha1
> >
> > where L is an aide is a predefined macro for things about the file to check 
> > for.
> >
>
>
> I don't reall understand why folks have not understood that this
> is all pretty much possible today and has been for some time.

Probably b/c they haven't read most of the refernece page. :)

> Tripwire is about binding people's time by just sending warnings.
> Cfengine is about saving time by keeping things right.

I agree w/ that.

> never allow that to change. If cfengine really is missing something
> important (i.e. not just something traditional) then I will
> add it, but I do not add features just because other well known
> software has them. There has to be a defensible reason.

Sure. But would it wrong to not want sha1?

-Tony