[Pkg-aide-maintainers] lenny+aide: feedback

julien julien.t43 at gmail.com
Tue Sep 1 18:49:43 UTC 2009


Marc Haber wrote on 30/08/09 14:55:
> Can you strace the "running" process and find out what exactly it is
> doing? Please open a bug against the package to keep me on the issue.

$ time sudo strace aide --config=/var/lib/aide/aide.conf.autogenerated 
-u 2>&1 |tee /tmp/strace.out
real    1166m38.039s
user    172m42.928s
sys     112m41.415s
=> ~19h

seems a lot mmap/munmap alone, i believe

as file is big, is there a prefered way to transmit ?
-rw-r--r-- 1 srt  srt   74M aoû 31 10:26 strace.out
-rw-r--r-- 1 srt  srt  3,8M aoû 31 14:37 strace.out.gz

config is mostly default with more exclusion as default has nearly the 
whole system.

$ dpkg -l |grep aide; uname -a
ii  aide                              0.13.1-10                Advanced 
Intrusion Detection Environment - s
ii  aide-common                       0.13.1-10                Advanced 
Intrusion Detection Environment - C
Linux etch-server 2.6.26-2-686 #1 SMP Fri Aug 14 01:27:18 UTC 2009 i686 
GNU/Linux
$ cat /etc/debian_version
5.0.2

thanks
Best regards

	Julien

Note: partial config is
database=file:/var/lib/aide/aide.db
database_out=file:/var/lib/aide/aide.db.new
database_new=file:/var/lib/aide/aide.db.new
gzip_dbout=no
Checksums = md5
OwnerMode = p+u+g
Size = s+b
InodeData = OwnerMode+n+i+Size
StaticFile = m+c+Checksums
RamdiskData = InodeData-i
Full = InodeData+StaticFile
VarFile = OwnerMode+n
VarDir = OwnerMode+n+i
Log = OwnerMode+n+S
FreqRotLog = Log-S
LowLog = Log-S
SerMemberLog  = Full+I
LoSerMemberLog = SerMemberLog+ANF
HiSerMemberLog = SerMemberLog+ARF
LowDELog = SerMemberLog+ANF+ARF
SerMemberDELog = Full+ANF
LinkedLog = Log-n
@@define FQDN etch-server\.localdomain
@@define HOSTNAME etch-server
@@define DNSDOMAINNAME localdomain
@@define ARCH i386
@@define YEAR4D 2009
/@@{ROOTPREFIX}var/log/acpid$ Log
[...]




More information about the Pkg-aide-maintainers mailing list