Uploaded image for project: 'Cloud Infrastructure Security & Compliance'
  1. Cloud Infrastructure Security & Compliance
  2. CMP-3655

AIDE configuration breaks with AIDE 0.18.0

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • File Integrity Operator
    • None
    • Quality / Stability / Reliability
    • 8
    • False
    • Hide

      None

      Show
      None
    • False
    • Moderate

      Description of problem:

      The File Integrity Operator uses AIDE to detect changes on node filesystems. In doing this, it configures AIDE according to the user's need.

Up to this point, the AIDE configuration that FIO uses has been relatively stable. New versions of AIDE (specific 0.18.4) are backwards incompatible with the configuration that FIO was using for AIDE.

This results in the AIDE pods falling into a crashloop because AIDE refuses to start with a bad configuration if you're using AIDE 0.18.0+.

      Version-Release number of selected component (if applicable):

       

      How reproducible:

      Always, so long as your using a container image with AIDE 0.18.0

      Steps to Reproduce:

      1. Build the aide container image using the latest available aide (fedora-minimal)
2. Run the e2e tests

      Actual results:

      You'll notice that the tests timeout, or that File Integrities fail to go to Active phase because AIDE refuses to start with a bad configuration.

      Expected results:

      The tests should work using newer AIDE versions

      Additional info:

       

              wenshen@redhat.com Vincent Shen
              lbragsta@redhat.com Lance Bragstad
              Xiaojie Yuan Xiaojie Yuan
              Maria Simon Marcos Maria Simon Marcos
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: