This file is indexed.

/usr/share/doc/samhain/manual.html/ccp-limitations.html is in samhain 4.1.4-2build1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>2. Limitations</title><link rel="stylesheet" type="text/css" href="docbook.css"><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><link rel="home" href="index.html" title="The Samhain Host Integrity Monitoring System"><link rel="up" href="change-control-integration.html" title="Chapter 8. Change Control Process Integration"><link rel="prev" href="change-control-integration.html" title="Chapter 8. Change Control Process Integration"><link rel="next" href="signed-files.html" title="Chapter 9. Additional Features &#8212; Signed Configuration/Database Files"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><!--#if expr="! ($HTTP_USER_AGENT = /MSIE/)"--><!--#include virtual="/resources/ssi/header.html"--><!--#endif--><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">2. Limitations</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="change-control-integration.html">Prev</a> </td><th width="60%" align="center">Chapter 8. Change Control Process Integration</th><td width="20%" align="right"> <a accesskey="n" href="signed-files.html">Next</a></td></tr></table><hr></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="ccp-limitations"></a>2. Limitations</h2></div></div></div><p>
	The <span class="command"><strong>--verify-database</strong></span> requires that the
	policy under which a file is checked is stored in the baseline
	database. (Note that this affects only this command. 
	For the normal file system monitoring,
	the checking policy is taken from the configuratiion file,
	not from the baseline database.) 
	For this reason, the format of the baseline database 
	has changed in samhain 4.0. However, it is possible that
	the information about the check policy becomes incorrect:
      </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">Added files</span></dt><dd>
	    If files are added to the filesystem after baseline
	    initialisation and reported by the client, the correct
	    policy should be set. To ensure this, the option
	    <span class="command"><strong>ReportCheckflags = yes</strong></span> should be set
	    in the client configuration (for backward compatibility,
	    this option is off by default.)
	  </dd><dt><span class="term">Merging a DeltaDB</span></dt><dd>
	    The DeltaDB is generated with the policy set to
	    <span class="emphasis"><em>ReadOnly</em></span>, to collect a complete set
	    of checksum and metadata. However, if the actual policy
	    should be less restrictive because some of that data
	    is allowed to change, a later <span class="command"><strong>--verify-database</strong></span>
	    may result in spurious failures.
	  </dd><dt><span class="term">Client configuration change</span></dt><dd>
	    If the configuration file for the client is changed
	    to alter the checking policy for the monitored files,
	    it is recommended to re-initialize the baseline.
	  </dd></dl></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="change-control-integration.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="change-control-integration.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="signed-files.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 8. Change Control Process Integration </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 9. Additional Features &#8212; Signed
    Configuration/Database Files</td></tr></table></div><!--#if expr="! ($HTTP_USER_AGENT = /MSIE/)"--><!--#include virtual="/resources/ssi/footer.html"--><!--#endif--></body></html>