180fc448eb
This patch adds variable `security_rhel7_enable_aide`. When it's False, all AIDE related tasks would be ommited. Change-Id: I64af348d9f49922ab51d8cd348d987df4263faa1
1.3 KiB
aide - Advanced Intrusion Detection Environment
AIDE provides integrity monitoring for files on a Linux system and can notify system administrators of changes to critical files and packages.
Overview
By default, AIDE will examine and monitor all of the files on a host
unless directories are added to its exclusion list. The security role
sets directories to exclude from AIDE monitoring via the
aide_exclude_dirs variable. this list excludes the most
common directories that change very often via automated methods.
The security role skips the AIDE initialization step by default to avoid system disruption or a reduction in performance. Deployers should determine the best time to initialize the database that does not interfere with the system's operations.
To initialize the AIDE database, set the following Ansible variable and re-apply the role:
security_rhel7_initialize_aide: trueWarning
Even with the excluded directories, the first AIDE initialization can take a long time on some systems. During this time, the CPU and disks are very busy.
To avoid installing and initializing AIDE, set the following Ansible variable:
security_rhel7_enable_aide: false