diff --git a/.files b/.files
index 4d94463..cfafca9 100644
Binary files a/.files and b/.files differ
diff --git a/.rev b/.rev
index f088817..087a4c2 100644
--- a/.rev
+++ b/.rev
@@ -250,4 +250,12 @@
- Run spec-cleaner (forwarded request 823631 from elimat)
823667
+
+ 80448fa5a6834de3574f1f7533c4039a
+ 0.17.3
+
+ RBrownSUSE
+ - Update default config file to match v0.17 (forwarded request 874872 from polslinux)
+ 874874
+
diff --git a/aide-0.16.1-as-needed.patch b/aide-0.16.1-as-needed.patch
deleted file mode 100644
index 1ff5730..0000000
--- a/aide-0.16.1-as-needed.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Index: aide-0.16/Makefile.am
-===================================================================
---- aide-0.16.orig/Makefile.am
-+++ aide-0.16/Makefile.am
-@@ -55,7 +55,7 @@ if USE_CURL
- aide_SOURCES += include/fopen.h src/fopen.c
- endif
-
--aide_LDADD = -lm @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@
-+aide_LDADD = -lm @LDFLAGS@ @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@
- AM_CFLAGS = @AIDE_DEFS@ -W -Wall -g
- AM_CPPFLAGS = -I$(top_srcdir) \
- -I$(top_srcdir)/include \
diff --git a/aide-0.16.2.tar.gz b/aide-0.16.2.tar.gz
deleted file mode 120000
index b115612..0000000
--- a/aide-0.16.2.tar.gz
+++ /dev/null
@@ -1 +0,0 @@
-/ipfs/bafybeiaphoxl4qs74rjzjnm2pgu6vbvmuskrxphl5lipdy4emzmqxpvhu4
\ No newline at end of file
diff --git a/aide-0.16.2.tar.gz.asc b/aide-0.16.2.tar.gz.asc
deleted file mode 100644
index 167da09..0000000
--- a/aide-0.16.2.tar.gz.asc
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQGzBAABCgAdFiEEVJXNoXyawXqyOEGnGO6GOGAi71cFAlzhrn0ACgkQGO6GOGAi
-71dmhQv/XI8jzv7XP6rLMQF7NFYbdQMrRUHtix2TOivOM/en9Pun9eNsANjKT7Ge
-Sh2hciKRmu//L5NTX5UtH7QgYmn2b3A1Q8VexlWgqgUo0hUfcMKX46lw4J4mY5UU
-xn7wHYSD2KMtcbXa/WsEqxjqo/aDt8f75p1I3YcoxI8OGm2xw/vIm3Zb7+2/chc+
-tmCREYRt4Y8Rph6MscKNymusgjMEoT3bt8Sza6pb3RlBH9Acj91VwKthqKloXyb9
-I3fpeyixW7+EBa2o/hOOrWYNKC47I0fgqpxSKGeD1Ogeklac4abEYkEuNPzLyYVO
-f6y0EjaJaVGFB3Udys59S7MPSavu3MxAu7jTcHaXej5WssZ5lJLoL5tDU+665weq
-uHun0+lnDVN1Cf6e4qsg7a4X8PazanhNY30d8vaQ/nZdrnffI8QWQ+cHDbthX7ml
-pnHjJPQLxSOWaoxKwkd51Tn71Os6knAQq1t+//10FnMJFntYpNmRT8xn5W909pDd
-wWARK/e6
-=mHB7
------END PGP SIGNATURE-----
diff --git a/aide-0.17.3-as-needed.patch b/aide-0.17.3-as-needed.patch
new file mode 100644
index 0000000..2784cb7
--- /dev/null
+++ b/aide-0.17.3-as-needed.patch
@@ -0,0 +1,11 @@
+--- aide-0.17.3/Makefile.am.orig 2021-02-24 12:03:16.648845473 +0100
++++ aide-0.17.3/Makefile.am 2021-02-24 12:03:57.336978950 +0100
+@@ -59,7 +59,7 @@
+ aide_SOURCES += include/fopen.h src/fopen.c
+ endif
+
+-aide_LDADD = -lm @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@ @CAPLIB@ ${CURL_LIBS}
++aide_LDADD = -lm @LDFLAGS@ @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@ @CAPLIB@ ${CURL_LIBS}
+
+ if HAVE_CHECK
+ TESTS = check_aide
diff --git a/aide-0.17.3.tar.gz b/aide-0.17.3.tar.gz
new file mode 120000
index 0000000..cf7ccba
--- /dev/null
+++ b/aide-0.17.3.tar.gz
@@ -0,0 +1 @@
+/ipfs/bafybeib6pxdxlwiq4t4ygpm3gybmzhn4spz4sdj3c3f5nmams74yrggcwm
\ No newline at end of file
diff --git a/aide-0.17.3.tar.gz.asc b/aide-0.17.3.tar.gz.asc
new file mode 100644
index 0000000..e940fe4
--- /dev/null
+++ b/aide-0.17.3.tar.gz.asc
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQGzBAABCgAdFiEEVJXNoXyawXqyOEGnGO6GOGAi71cFAmAkT9kACgkQGO6GOGAi
+71ejJwwAj8ZxtcD7+LCnc2zJD4niB3gy1Jl50ocISgCq0do1xE9Gehs9HYSasCQY
+61+kKM22/3Wr0Io/p3SrqoWm6zDQVchULK9YQsu1HEEU5KaePI3kvUKnJx1GCMVR
+G16G6fDJ6irRhG2x7QTmolnp0jxp30p9z/ZUIySxY1FGfW00px8kl/Y1qrlxcejU
+JEjV2aztW7ONTEmGIQF6iGPLxrF9CHP86FSX1WjtxF5f95wyAlVnD3/+CNew8ib4
+HXcCSbTbIgWIt+8/t2eq+dOEwaWI//h3RMkHnhDwxHcB+L5lXtkFlvr20w3eRKzG
+SQOdOnUzlTkX6qZcWZTYNFymfpMp0z1Lp1UmI4APtjkGomkpz/e/+nlJxUT3Ycvh
+Ed+FJCKDlOjKVAGIuaqT6pS2fo8qvhTWnsSBsxXXpi07BcYYx56JMj752ZzIxSGF
+EMjlfJa7gX/qceMHMEWSQG8O3w9FSGpIg0Ww5KFghXDaqbJy4mcsgnn62Zt4WS4C
+gVyhKy4h
+=VCaY
+-----END PGP SIGNATURE-----
diff --git a/aide-define_hash_use_gcrypt.patch b/aide-define_hash_use_gcrypt.patch
deleted file mode 100644
index e643a00..0000000
--- a/aide-define_hash_use_gcrypt.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-diff -Nur aide-0.16/include/md.h aide-0.16.new/include/md.h
---- aide-0.16/include/md.h 2016-07-25 22:56:55.000000000 +0200
-+++ aide-0.16.new/include/md.h 2018-11-21 14:07:01.347479021 +0100
-@@ -48,7 +48,7 @@
- #define HASH_GCRYPT_COUNT GCRY_MD_CRC32
- #ifndef WITH_MHASH
- #define HASH_USE_GCRYPT (DB_MD5|DB_SHA1|DB_RMD160|DB_TIGER|DB_CRC32|\
-- DB_HAVAL|DB_CRC32|DB_SHA256|DB_SHA512)
-+ DB_CRC32B|DB_SHA256|DB_SHA512)
- #endif
- #endif
-
-diff -Nur aide-0.16/src/md.c aide-0.16.new/src/md.c
---- aide-0.16/src/md.c 2016-07-25 22:56:55.000000000 +0200
-+++ aide-0.16.new/src/md.c 2018-11-21 14:06:05.602295496 +0100
-@@ -55,10 +55,12 @@
- r=DB_TIGER;
- break;
- }
-+/* until libgcrypt-1.8.4 not implemented yet, see doc/gcrypt.info-1
- case GCRY_MD_HAVAL: {
- r=DB_HAVAL;
- break;
- }
-+*/
- case GCRY_MD_SHA256: {
- r=DB_SHA256;
- break;
-@@ -219,7 +221,7 @@
- if(gcry_md_enable(md->mdh,i)==GPG_ERR_NO_ERROR){
- md->calc_attr|=h;
- } else {
-- error(0,"gcry_md_enable %i failed",i);
-+ error(0,"gcry_md_enable %i failed, see /usr/include/gcrypt.h enum gcry_md_algos",i);
- md->todo_attr&=~h;
- }
- }
diff --git a/aide-dynamic.patch b/aide-dynamic.patch
deleted file mode 100644
index ad95154..0000000
--- a/aide-dynamic.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Index: aide-0.15.1/src/util.c
-===================================================================
---- aide-0.15.1.orig/src/util.c
-+++ aide-0.15.1/src/util.c
-@@ -497,6 +497,7 @@ int syslog_facility_lookup(char *s)
- /* We need these dummy stubs to fool the linker into believing that
- we do not need them at link time */
-
-+#if 0
- void* dlopen(char*filename,int flag)
- {
- return NULL;
-@@ -516,6 +517,7 @@ const char* dlerror(void)
- {
- return NULL;
- }
-+#endif
-
- const char* aide_key_2=CONFHMACKEY_02;
- const char* db_key_2=DBHMACKEY_02;
diff --git a/aide-xattr-in-libc.patch b/aide-xattr-in-libc.patch
index 08aa387..814e3a2 100644
--- a/aide-xattr-in-libc.patch
+++ b/aide-xattr-in-libc.patch
@@ -1,19 +1,27 @@
-diff -Pdpru aide-0.16.1.orig/configure.ac aide-0.16.1/configure.ac
---- aide-0.16.1.orig/configure.ac 2019-03-17 22:12:56.269936982 +0100
-+++ aide-0.16.1/configure.ac 2019-03-17 22:14:48.084669784 +0100
-@@ -536,7 +536,7 @@ AC_ARG_WITH([xattr],
+diff -ru old/configure.ac new/configure.ac
+--- old/configure.ac 2021-02-10 22:01:14.000000000 +0100
++++ new/configure.ac 2021-02-24 13:17:31.287619804 +0100
+@@ -483,7 +483,7 @@
AS_IF([test "x$with_xattr_support" != xno],
[AC_DEFINE(WITH_XATTR,1,[use xattr])
- ATTRLIB=-lattr
+ ATTRLIB=
compoptionstring="${compoptionstring}WITH_XATTR\\n"
- aideextragroups="${aideextragroups}+xattrs"
AC_MSG_RESULT(yes)],
-diff -Pdpru aide-0.16.1.orig/include/db_config.h aide-0.16.1/include/db_config.h
---- aide-0.16.1.orig/include/db_config.h 2019-03-17 22:12:56.269936982 +0100
-+++ aide-0.16.1/include/db_config.h 2019-03-17 22:16:01.303841342 +0100
-@@ -62,7 +62,6 @@ typedef struct acl_type {
+ [AC_MSG_RESULT(no)]
+diff -ru old/include/db_config.h new/include/db_config.h
+--- old/include/db_config.h 2021-02-10 22:01:14.000000000 +0100
++++ new/include/db_config.h 2021-02-24 13:49:16.813840910 +0100
+@@ -23,7 +23,6 @@
+ #ifndef _DB_CONFIG_H_INCLUDED
+ #define _DB_CONFIG_H_INCLUDED
+ #include "config.h"
+-#include "attributes.h"
+ #include "report.h"
+ #include "types.h"
+ #include
+@@ -48,7 +47,6 @@
#ifdef WITH_XATTR /* Do generic user Xattrs. */
#include
@@ -21,3 +29,5 @@ diff -Pdpru aide-0.16.1.orig/include/db_config.h aide-0.16.1/include/db_config.h
#ifndef ENOATTR
# define ENOATTR ENODATA
#endif
+Only in new/include: md.h.orig
+Only in new/src: md.c.orig
diff --git a/aide.changes b/aide.changes
index 061bede..967b4ae 100644
--- a/aide.changes
+++ b/aide.changes
@@ -1,4 +1,89 @@
-------------------------------------------------------------------
+Wed Feb 24 13:45:59 UTC 2021 - Paolo Stivanin
+
+- Update default config file to match v0.17
+
+-------------------------------------------------------------------
+Wed Feb 24 11:01:03 UTC 2021 - Paolo Stivanin
+
+- Update to 0.17.3:
+ * BACKWARDS INCOMPATIBLE CHANGES
+ - '--verbose' command line option and 'verbose' config option are no
+ longer supported, use 'log_level' and 'report_level' options instead
+ - '--report' command line option is no longer supported, use
+ 'report_url' config option instead
+ - 'ignore_list' config option is no longer supported, use
+ 'report_ignore_changed_attrs' instead
+ - 'report_attributes' config option is no longer supported, use
+ 'report_force_attrs' instead
+ - (restricted) regular rules must start with literal '/', i.e. the rule
+ cannot begin with a macro variable
+ - config lines must end with new line
+ - '@' and ' ' in the configuration are now escaped with '\', that means
+ to match a '\' you have to use four backslashes '\\\\' in your rules
+ - 'gzip_dbout=false' fails now with config error when no zlib support
+ is compiled in
+ - remove '--with-initial-errors' configure option
+ - remove PostgreSQL database backend support
+ - remove Sun ACL support
+ - remove config and database signing support
+ * Enhancements:
+ - add new '--log-level' command line option and 'log_level' config option
+ - introduce named log levels
+ - add new 'report' log level to help to debug rule matching
+ - add new 'config' log level to help to debug config and rule parsing
+ - aad new '--dry-init' command
+ - add new '--path-check' command
+ - add directory support for @@include
+ - add new @@x_include config macro
+ - add new @@x_include_setenv config macro
+ - add new default compound group 'H' (all compiled-in hashsums)
+ - add support for per-report_url options
+ - add new 'report_level' config option
+ - add new 'report_append' config option
+ - add exit code 21 for file lock errors
+ - add default config values, available hashsums and compound groups
+ to '--version' output
+ - add Linux capabilities support
+ - show changed attributes in 'different attributes' message
+ - enable 'gost' and 'whirlpool' checksums when using gcrypt
+ - add 'stribog256' and 'stribog512' gcrypt algorithms
+ - add config file names to log output
+ * Miscellaneous behaviour changes:
+ - 'report_summarize_changes': hashsum changes are now indicated with 'H'
+ - print '--help' and '--verion' output to stdout
+ - log messages and errors are always written to stderr
+ - initialise report URLs after configuration parsing
+ - allow empty values for macro variables
+ - SIGUSR1 now toggles debug log level
+ - fail on errors in regular expressions during config parsing
+ - fail on invalid URLs during config check
+ - Fail on double slash in rule path
+ - cache log lines when 'log_level' is not yet set
+ * Deprecations:
+ - 'database' config option is now deprecated, use 'database_in' instead
+ - 'summarize_changes' config option is now deprecated, use
+ 'report_summarize_changes' instead
+ - 'grouped' config option is now deprecated, use 'report_grouped'
+ instead
+ - non-alphanumeric group names are deprecated
+ * Notable bug fixes:
+ - fix line numbers in log messages
+ - remove warning when input database is '/dev/null'
+ - correctly handle UTF-8 in path names and rules
+ - fix compilation with curl and gcrypt
+ - warn on unsupported hash algorithms
+ - improve large-file support
+ * Remove obsolete aide-attributes.sh script
+ * Remove outdated manual.html
+ * Update documentation
+
+- Rename aide-0.16.1-as-needed.patch to and rebase aide-0.17.3-as-needed.patch
+- Rebase aide-xattr-in-libc.patch
+- Remove aide-define_hash_use_gcrypt.patch (no longer needed)
+- Remove aide-dynamic.patch (no longer needed)
+
+-------------------------------------------------------------------
Thu Jul 30 20:13:39 UTC 2020 - Matthias Eliasson
- Update to 0.16.2
diff --git a/aide.conf b/aide.conf
index 89f9385..b81c7c6 100644
--- a/aide.conf
+++ b/aide.conf
@@ -1,85 +1,85 @@
#
-# AIDE _Example_ Configuration
+# AIDE _Example_ Configuration
#
-# Thanks to the Debian people and Dirk Müller
+# Thanks to the Debian people and Dirk Müller
#
-# Use at your own risk!
+# Use at your own risk!
#
-# Matthias G. Eckermann
+# Matthias G. Eckermann
#
#
# Configuration parameters
#
-database=file:/var/lib/aide/aide.db
+database_in=file:/var/lib/aide/aide.db
database_out=file:/var/lib/aide/aide.db.new
-verbose=1
report_url=stdout
warn_dead_symlinks=yes
#
# Custom rules
#
-Binlib = p+i+n+u+g+s+b+m+c+sha256+sha512
-ConfFiles = p+i+n+u+g+s+b+m+c+sha256+sha512
-Logs = p+i+n+u+g+S
-Devices = p+i+n+u+g+s+b+c+sha256+sha512
-Databases = p+n+u+g
-StaticDir = p+i+n+u+g
-ManPages = p+i+n+u+g+s+b+m+c+sha256+sha512
+Binlib = p+i+n+u+g+s+b+m+c+sha256+sha512
+ConfFiles = p+i+n+u+g+s+b+m+c+sha256+sha512
+Logs = p+i+n+u+g+S
+Devices = p+i+n+u+g+s+b+c+sha256+sha512
+Databases = p+n+u+g
+StaticDir = p+i+n+u+g
+ManPages = p+i+n+u+g+s+b+m+c+sha256+sha512
#
# Directories and files
#
# Kernel, system map, etc.
-/boot Binlib
+/boot Binlib
# watch config files, but exclude, what changes at boot time, ...
!/etc/mtab
!/etc/lvm*
-/etc ConfFiles
+/etc ConfFiles
# Binaries
-/bin Binlib
-/sbin Binlib
+/bin Binlib
+/sbin Binlib
# Libraries
-/lib Binlib
+/lib Binlib
# Complete /usr and /opt
-/usr Binlib
-/opt Binlib
+/usr Binlib
+/opt Binlib
# Log files
-/var/log$ StaticDir
-#/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
-#/var/log/aide/error.log(.[0-9])?(.gz)? Databases
-#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
-/var/log Logs
+/var/log$ StaticDir
+#/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
+#/var/log/aide/error.log(.[0-9])?(.gz)? Databases
+#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
+/var/log Logs
# Devices
!/dev/pts
-/dev Devices
+/dev Devices
# Other miscellaneous files
-/var/run$ StaticDir
+/var/run$ StaticDir
!/var/run
-/var/lib Databases
+/var/lib Databases
# Test only the directory when dealing with /proc
-/proc$ StaticDir
+/proc$ StaticDir
!/proc
# manpages can be trojaned, especially depending on *roff implementation
-#/usr/man ManPages
-#/usr/share/man ManPages
-#/usr/local/man ManPages
+#/usr/man ManPages
+#/usr/share/man ManPages
+#/usr/local/man ManPages
# check sources for modifications
-#/usr/src L
-#/usr/local/src L
+#/usr/src L
+#/usr/local/src L
# Check headers for same
-#/usr/include L
-#/usr/local/include L
+#/usr/include L
+#/usr/local/include L
+
diff --git a/aide.spec b/aide.spec
index f635498..12cdd44 100644
--- a/aide.spec
+++ b/aide.spec
@@ -1,7 +1,7 @@
#
# spec file for package aide
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: aide
-Version: 0.16.2
+Version: 0.17.3
Release: 0
Summary: Advanced Intrusion Detection Environment
License: GPL-2.0-or-later
@@ -28,10 +28,8 @@ Source2: aide-cron_daily.sh
Source3: aide-test.sh
Source42: https://github.com/aide/aide/releases/download/v%{version}/aide-%{version}.tar.gz.asc
Source43: aide.keyring
-Patch1: aide-0.16.1-as-needed.patch
-Patch3: aide-xattr-in-libc.patch
-Patch4: aide-dynamic.patch
-Patch5: aide-define_hash_use_gcrypt.patch
+Patch1: aide-0.17.3-as-needed.patch
+Patch2: aide-xattr-in-libc.patch
BuildRequires: automake
BuildRequires: bison
BuildRequires: curl-devel
@@ -54,9 +52,7 @@ Simple AIDE test script for externalized testing.
%prep
%setup -q
%patch1 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
+%patch2 -p1
%build
autoreconf -fiv
@@ -84,7 +80,16 @@ install -m 700 %{SOURCE3} %{buildroot}%{_bindir}/
mkdir -p doc/examples%{_sysconfdir}/cron.daily/
cp -a %{SOURCE2} doc/examples%{_sysconfdir}/cron.daily/aide.sh
+%post
+if ! grep -q "database_in" %{_sysconfdir}/aide.conf ; then
+ # with the 0.17 update some backward incompatible changes were made to the config file. Therefore, we have to adapt those parameters, otherwise the program will fail
+ sed -i 's/database=/database_in=/' %{_sysconfdir}/aide.conf
+ sed -i '/verbose=/d' %{_sysconfdir}/aide.conf
+ sed -i 's/\t/ /g' %{_sysconfdir}/aide.conf
+fi
+
%check
+rm -rf %{_localstatedir}/tmp/aide-test
mkdir %{_localstatedir}/tmp/aide-test
export TESTDIR=%{_localstatedir}/tmp/aide-test
%make_build DESTDIR=$TESTDIR install
@@ -92,19 +97,26 @@ install -m 700 -d $TESTDIR%{_localstatedir}/lib/aide
install -m 700 -d $TESTDIR%{_sysconfdir}
install -m 600 %{SOURCE1} $TESTDIR%{_sysconfdir}/aide.conf.new
sed -e "s#%{_localstatedir}/lib/aide#$TESTDIR%{_localstatedir}/lib/aide#g" <$TESTDIR%{_sysconfdir}/aide.conf.new >$TESTDIR%{_sysconfdir}/aide.conf
+if ! grep -q "database_in" %{_sysconfdir}/aide.conf ; then
+ # with the 0.17 update some backward incompatible changes were made to the config file. Therefore, we have to adapt those parameters, otherwise the program will fail
+ sed -i 's/database=/database_in=/' $TESTDIR%{_sysconfdir}/aide.conf
+ sed -i '/verbose=/d' $TESTDIR%{_sysconfdir}/aide.conf
+ sed -i 's/\t/ /g' $TESTDIR%{_sysconfdir}/aide.conf
+fi
+$TESTDIR/usr/bin/aide -D -c $TESTDIR%{_sysconfdir}/aide.conf
sleep 2
sync
sleep 2
$TESTDIR/usr/bin/aide -c $TESTDIR%{_sysconfdir}/aide.conf --init
mv $TESTDIR%{_localstatedir}/lib/aide/aide.db.new $TESTDIR%{_localstatedir}/lib/aide/aide.db
-$TESTDIR/usr/bin/aide -c $TESTDIR%{_sysconfdir}/aide.conf --check --verbose
+$TESTDIR/usr/bin/aide -c $TESTDIR%{_sysconfdir}/aide.conf --check --log-level=info
rm -rf $TESTDIR
%files
%license COPYING
-%doc AUTHORS ChangeLog NEWS README doc/manual* doc/examples
+%doc AUTHORS ChangeLog NEWS README doc/examples
%{_bindir}/aide
/%{_mandir}/man1/aide.1.gz
/%{_mandir}/man5/aide.conf.5.gz