Hi, ALL,
I'm a long time Linux user but at home I'm using Gentoo.
Recently I got hired as a developer and at work the company uses RedHat.
Now we are facing the following issue.
We are very close to the release of our software. And we use RedHat as an OS. One of the component of the OS image is AIDE tool.
The previous version of the software was shipped with the RedHat 5 which uses AIDE version 0.13.1. There was no problem at all.
The current version for the software will be shiopped with the RH 6 which uses AIDE version 0.14. Here we have following issue:
Right after the OS boot-up AIDE scan kicks in. The time frame for the AIDE tool to run differen significantly between those 2 releases/OSes. On RHEL 6 it takes 2-2.5 times longer than on RHEL 5. Now during the bootup process we scan only the system (critical) files. Looking at the critixcal database file size and compare between v5 and v6, I see the increase of just ~20%. This does not qiualify as the 2 times increase of the scan time.
I checked and the configuration files are the same in both cases. Nothing was changed.
I also checked the command line of the AIDE and we start the tool the same way on both RH5 and RH6.
Now we do use RH5 and RH6 as 32-bit OSes. However, when I tried to run:
Code:
/usr/sbin/aide --version
I see that the configuration parameters used are "WITH_LSTAT64" and "WITH_READDIR64". Now those configuration is the same on both RH5 and RH6. The only difference is RH6 AIDE was compiled without ZLIB and without PRELINK.
The scan runs right after the OS bots up and so nothing is running on the machine.
I tried to build the AIDE tool manually, but "configure throws an error saying I need the libgpg-error.a to be installed. Both libgpg-error and libgpg-error-devel packages are installed on the system.
Does anybody have an idea what might be the cause?
Thank you for any pointers you can give.
