tenseleyflow/shithub / 1a02f43

Browse files

fix(aide): aideinit creates: should check .db not .db.gz on Ubuntu 24

Authored by espadonne
SHA
1a02f4376d83da89871ed83f09160b60abf3e9ee
Parents
ab67f98
Tree
472e05d

1 changed file

StatusFile+-
M deploy/ansible/roles/base/tasks/aide.yml 5 2
deploy/ansible/roles/base/tasks/aide.ymlmodified
@@ -53,10 +53,13 @@
5353
5454
 - name: AIDE — initialize baseline DB if missing
5555
   # Use creates: so this is a one-shot. Re-baselining is an explicit
56
-  # operator action (runbook), not an Ansible side-effect.
56
+  # operator action (runbook), not an Ansible side-effect. The DB
57
+  # path is .db (uncompressed) on Ubuntu 24's aide 0.18 — older
58
+  # references say .db.gz, but the shipped /etc/aide/aide.conf
59
+  # writes uncompressed.
5760
   command:
5861
     cmd: /usr/sbin/aideinit -y -f
59
-    creates: /var/lib/aide/aide.db.gz
62
+    creates: /var/lib/aide/aide.db
6063
6164
 - name: cron — nightly aide check at 03:30 UTC
6265
   # Slightly after the 03:17 backup so the backup's transient files