editfiles:
	{ /etc/aide/aide.conf
		#
		# Logs = p+n+u+g
		#
		# Debian rotates its logfiles, so ignore inode, number of inodes and growing size
		#
		BeginGroupIfNoLineMatching "^[[:blank:]]*Logs[[:blank:]]*=.*$"
			Append "Logs = p+n+u+g # Added by cfengine"
		EndGroup
		LocateLineMatching "^[[:blank:]]*Logs[[:blank:]]*=.*$"
		BeginGroupIfNoLineMatching "^[[:blank:]]*Logs[[:blank:]]*=[[:blank:]][\+pug]*([[:blank:]]+(#.*)?)?"
			ReplaceLineWith "Logs = p+u+g # Edited by cfengine"
		EndGroup
		#
		# Devices = p+i+n+u+g+s+b+md5+sha1
		#
		# Ignore ctime - some devices change ctime when used (ttySx with hylafax)
		#
		BeginGroupIfNoLineMatching "^[[:blank:]]*Devices[[:blank:]]*=.*$"
			Append "Devices = p+i+n+u+g+s+b+md5+sha1 # Added by cfengine"
		EndGroup
		LocateLineMatching "^[[:blank:]]*Devices[[:blank:]]*=.*$"
		BeginGroupIfNoLineMatching "^[[:blank:]]*Devices[[:blank:]]*=[[:blank:]][\+pinugsbcmd5sha1]*([[:blank:]]+(#.*)?)?"
			ReplaceLineWith "Devices = p+i+n+u+g+s+b+c+md5+sha1 # Edited by cfengine"
		EndGroup
		#
		# #/var/log/aide/...
		# #/var/log/setuid...
		#
		# Treat these as regular logfiles - they are rotated as well
		#
		HashCommentLinesMatching "^/var/log/aide/.*"
		HashCommentLinesMatching "^/var/log/setuid.*"
		#
		# #/var/log$ StaticDir
		#
		SetCommentStart "#"
		SetCommentEnd ""
# bug!		CommentLinesMatching "^/var/log\$[[:blank:]]StaticDir.*"
#		LocateLineMatching "^/var/log\$[[:blank:]]StaticDir.*"
# bug!		CommentNLines "1"
		LocateLineMatching "^/var/log\$[[:blank:]]StaticDir[[:blank:]]*"
		ReplaceLineWith "#/var/log$ StaticDir"
		CatchAbort
		#
		# !/dev/log
		# !/dev/xconsole
		# !/dev/core
		#
		LocateLineMatching "^[[:blank:]]*\!/dev/.*"
		CatchAbort
		BeginGroupIfNoLineMatching "^[[:blank:]]*\!/dev/.*"
			GotoLastLine
		EndGroup
		BeginGroupIfNoLineMatching "^[[:blank:]]*\!/dev/log([[:blank:]]+(#.*)?)?"
			InsertLine "!/dev/log # Added by cfengine"
		EndGroup
		DeleteLinesMatching "^\!/dev/xconlsole # Added by cfengine"
		BeginGroupIfNoLineMatching "^[[:blank:]]*\!/dev/xconsole([[:blank:]]+(#.*)?)?"
			InsertLine "!/dev/xconsole # Added by cfengine"
		EndGroup
		BeginGroupIfNoLineMatching "^[[:blank:]]*\!/dev/core([[:blank:]]+(#.*)?)?"
			InsertLine "!/dev/core # Added by cfengine"
		EndGroup
	}