Skip to Main Content
Linux Security Cookbook
book

Linux Security Cookbook

by Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
June 2003
Intermediate to advanced content levelIntermediate to advanced
336 pages
8h 54m
English
O'Reilly Media, Inc.
Content preview from Linux Security Cookbook

1.3. Modifying the Policy and Configuration

Problem

You want to change the set of files and directories that tripwire examines, or change tripwire’s default behavior.

Solution

Extract the policy and configuration to plaintext files: [Recipe 1.2]

# cd /etc/tripwire
# twadmin --print-polfile > twpol.txt
# twadmin --print-cfgfile > twcfg.txt

Modify the policy file twpol.txt and/or the configuration file twcfg.txt with any text editor. Then re-sign the modified files: [Recipe 1.1]

# twadmin --create-cfgfile --cfgfile /etc/tripwire/tw.cfg \ 
          --site-keyfile site_key etc/tripwire/twcfg.txt
# twadmin --create-polfile --cfgfile /etc/tripwire/tw.cfg \
          --site-keyfile site_key etc/tripwire/twpol.txt

and reinitialize the database: [Recipe 1.1]

# tripwire --init
# rm twcfg.txt twpol.txt

Discussion

This is much like setting up Tripwire from scratch [Recipe 1.1], except our existing, cryptographically-signed policy and configuration files are first converted to plaintext. [Recipe 1.2]

You’ll want to modify the policy if tripwire complains that a file does not exist:

### Error: File could not be opened.

Edit the policy file and remove or comment out the reference to this file if it does not exist on your system. Then re-sign the policy file.

You don’t need to follow this procedure if you’re simply updating the database after an integrity check [Recipe 1.11], only if you’ve modified the policy or configuration.

See Also

twadmin(8), tripwire(8).

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux Administration Cookbook

Linux Administration Cookbook

Adam K. Dean

Publisher Resources

ISBN: 0596003919Errata Page