Last active
January 4, 2026 17:34
-
-
Save rubo77/437636a27b58e4717a783740e599ce39 to your computer and use it in GitHub Desktop.
/etc/aide/aide.conf.d/00_local_excludes exclude file with all folders, that frequently change
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| !/backup* | |
| !/dev/disk/ | |
| !/etc/.etckeeper | |
| !/etc/.git/ | |
| !/etc/aide/.aide.conf.swp | |
| !/etc/aide/.aide.conf.swp | |
| !/etc/aide/aide.conf.d/00_local_excludes | |
| !/etc/ld.so.cache | |
| !/etc/lvm/archive | |
| !/etc/lvm/backup | |
| !/media/* | |
| !/root/.* | |
| !/run | |
| !/var/backups/ | |
| !/var/cache/ | |
| !/var/lib/apt/daily_lock | |
| !/var/lib/apt/periodic/unattended-upgrades-stamp | |
| !/var/lib/apt/periodic/upgrade-stamp | |
| !/var/lib/clamav/ | |
| !/var/lib/dpkg/triggers/Lock | |
| !/var/lib/fail2ban/fail2ban.sqlite3 | |
| !/var/lib/logrotate | |
| !/var/lib/monit/state | |
| !/var/lib/systemd/timers/stamp-apt-daily-upgrade.timer | |
| !/var/lib/systemd/timers/stamp-apt-daily.timer | |
| !/var/lib/vnstat/* | |
| !/var/log.* | |
| !/var/spool/.* |
Author
Thanks, this looks handy, I have tried it, but how do you avoid AIDE following symbolic links into these excluded paths? I have noticed that the "aide --init" is working with files in excluded paths per the "watch -n 1 lsof -p aidepidhere" command output. That excluded path I have in /etc/aide/aide.conf.d/00_local_excludes
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
used here: https://askubuntu.com/questions/1074558/installing-aide-on-ubuntu-18-04-1/1184314#1184314