How does one interpret the aide generated database file? I have the following in my aide config
Binlib = p+i+n+u+g+s+b+m+c+sha1+md5
/bin Binlib
The generated db file shows something like
/bin/dmesg /usr/bin/dmesg 4029 120777 139787 0 0 0 14 MTQ2NzAyODE3MQ== MTQ2NzAyODE3MQ== 1 0 0
/bin/rpm 0 16317 100755 141372 32 0 0 15240 MTQ3MDMyNjUzNQ== MTQ3NDE5NTY0Mw== 1 JddxIxH7PK/Z9yrE3YzTvA== hBE26obO0CPmTTdSDMxxpe4Ie8E=
What are these values, in particular what looks like a hash digest? I would have guessed those to be sha1 and md5 hashes - but the values appear to be same in the first line, and the second line has 4 such values.
I ran the sha1 or md5 hashes run by hand on these two files and base64 encoded them, they do not seem to match anything in the file:
#sha1
ZGVlYmM2OTBmNWNjNDY2Y2IwYTk5YWEwNjBiZDBiMTZjZTk2NmNkYgo=
ODQxMTM2ZWE4NmNlZDAyM2U2NGQzNzUyMGNjYzcxYTVlZTA4N2JjMQo=
#md5
ZGZkMzIwOWY4ZDczMjFlZDliODBkYjEzODJlZGMxMTcK
MjVkNzcxMjMxMWZiM2NhZmQ5ZjcyYWM0ZGQ4Y2QzYmMK
The aide program seems to be running fine as a difference report shows up properly when I fiddle with some file. I just wanted to have a better understanding of this stuff. I looked at aide manual and here but found no hints
My environment is as below:
Linux devserver 3.12.62-60.62-default #1 SMP Thu Aug 4 09:06:08 UTC 2016 (b0e5a26) x86_64 x86_64 x86_64 GNU/Linux
Aide 0.15.1
