macOS
brew install aidelocal Homebrew formula metadata
sudo port install aideMacPorts ports tree · security/aide/Portfile · source: api.github.com
brew
File and directory integrity checker. Version 0.19.3 via Homebrew; verified from local package data.
install
brew install aidelocal Homebrew formula metadata
sudo port install aideMacPorts ports tree · security/aide/Portfile · source: api.github.com
sudo apk add aideAlpine Linux edge package indexes · aide · source: dl-cdn.alpinelinux.org
sudo apt install aideDebian stable package indexes · aide · source: deb.debian.org
sudo dnf install aideFedora Rawhide package metadata · aide · source: dl.fedoraproject.org
nix profile install nixpkgs#aidenixpkgs package indexes · pkgs/by-name/ai/aide/package.nix · source: api.github.com
sudo zypper install aideopenSUSE Tumbleweed package metadata · aide · source: download.opensuse.org
winget install --id CodeStory.Aide -eWindows Package Manager source index · CodeStory.Aide · source: cdn.winget.microsoft.com
overview
File and directory integrity checker
history
AIDE, the Advanced Intrusion Detection Environment, is a Unix file and directory integrity checker. It builds a database from rules in `aide.conf`, records file metadata and cryptographic checksums, and later compares the live filesystem against that baseline.
AIDE was originally written by Rami Lehti and Pablo Virolainen in 1999. The official project site records Richard van den Berg as maintainer from 2003 to 2010 and Hannes von Haugwitz taking over in October 2010.
The project has stayed close to classic Unix security-tool culture: C source releases, signed tarballs and git tags, a mailing list, manual pages, text configuration, and distribution packaging. Its release notes show gradual modernization, including the 0.17 configuration/reporting changes in 2021, PCRE2 and multithreaded checksum work in 0.18, and the 0.19 move from libmhash to libnettle plus newer hash algorithms and report formats.
The current public GitHub repository was created in 2019, but official project history predates GitHub by two decades. The official website lists stable release 0.19.3 with release date 2026-01-31.
AIDE is widely distributed through operating-system package repositories rather than primarily through language package managers. The official site lists downstream packages for Debian, Ubuntu, FreeBSD, Gentoo, Homebrew, MacPorts, NixOS, OpenBSD, openSUSE/SUSE, Red Hat, CentOS, and Fedora.
The input package facts also list apk, brew, Debian, dnf, MacPorts, Nix, Ubuntu, winget, and zypper package names, reinforcing that it is a cross-distribution system administration tool.
Administrators initialize an AIDE database for a known-good system and later rerun AIDE to detect changed files, attributes, links, permissions, ownership, timestamps, and hashes. The official manual frames it as a way to detect tampering in key system binaries and other files after a suspected compromise.
AIDE does not use application credentials. Although `aide.conf` is central to operation, the sources checked did not document one portable config-file path across package managers, so this batch leaves config-file-location null.
AIDE is the kind of package that package managers exist to carry: old, security-sensitive, C-based, compiled with optional platform features, distributed through nearly every Unix family, and expected to integrate with local filesystem layout and administrator policy.
Its formula and distro packages matter because local defaults, compile-time options, hash libraries, and config paths can differ. For package nerds, AIDE is less about a fashionable CLI and more about the long tail of maintaining trustworthy system tools across operating systems.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
aide | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
install metadata
| Package key | brew:aide |
|---|---|
| Version | 0.19.3 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/aide |
| Homepage | https://aide.github.io/ |
| Repository | https://github.com/aide/aide |
| Upstream docs | https://aide.github.io/ |
| License | GPL-2.0-or-later |
| Source archive | https://github.com/aide/aide/releases/download/v0.19.3/aide-0.19.3.tar.gz |
| Dependencies | libgcrypt, libgpg-error, pcre2 |
| Build dependencies | pkgconf |
| Uses from macOS | curl |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | aide |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
aide 0.19.1-2+deb13u2
Advanced Intrusion Detection Environment - dynamic binary
sudo apt install aideaide-common 0.19.1-2+deb13u2
Advanced Intrusion Detection Environment - Common files
sudo apt install aide-commonaide-dynamic 0.19.1-2+deb13u2
Advanced Intrusion Detection Environment - transitional package
sudo apt install aide-dynamicaide
nix profile install nixpkgs#aideaide 0.18.6-2build2
Advanced Intrusion Detection Environment - dynamic binary
sudo apt install aideaide-common 0.18.6-2build2
Advanced Intrusion Detection Environment - Common files
sudo apt install aide-commonaide-dynamic 0.18.6-2build2
Advanced Intrusion Detection Environment - transitional package
sudo apt install aide-dynamicaide 0.19.3-r0
file integrity checker and intrusion detection program
sudo apk add aideaide-doc 0.19.3-r0
file integrity checker and intrusion detection program (documentation)
sudo apk add aide-docaide 0.19.2-15.fc44
Intrusion detection environment
sudo dnf install aideaide 0.19.2-2.3
Advanced Intrusion Detection Environment
sudo zypper install aideaide-test 0.19.2-2.3
Simple AIDE testing
sudo zypper install aide-testaide
sudo port install aideCodeStory.Aide
winget install --id CodeStory.Aide -esource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.