Tripwire Questions

Scot L. Harris webid at cfl.rr.com
Wed Mar 9 13:38:31 UTC 2005


On Wed, 2005-03-09 at 03:54, Mark Sargent wrote:

> >>> here is the script,
> >>>
> >>>
> >>> #! /usr/bin/perl -w
> >>>
> >>> $Additions = 0;
> >>> $Removals = 0;
> >>> while ($line = <STDIN>) {
> >>> if ( $line =~ /^\s*#\s*(\/\S+)/ ) {
> >>> if ( -e $1 ) {
> >>>    $line =~ s/^\s*#//;
> >>>    $Additions++;
> >>> }
> >>> }elsif ( $line =~ /^\s*(\/\S+)/ ) {
> >>> if ( ! -e $1 ) {
> >>>   $line = "#" . $line;
> >>>   $Removals++;
> >>> }
> >>> }
> >>> }
> >>> print STDERR "Number of additions: $Additions\n";
> >>> print STDERR "Number of removals: $Removals\n";
> >>>   

> > Scott, the command sends the content of twpol.txt.orig in to the 
> > cleanpol.pl and then when completed, puts the results into twpol.txt. 
> > The < > characters in the command are supposed to do exactly that. 
> > But, for me, it isn't working. Anyway, as this is a study box, I've 
> > re-installed FC3, as the previous was an upgrade from 2, and some 
> > things may have been corrupted. Cheers.
> >
> > MArk Sargent.
> >
> Hi All,
> 
> well, even with a new install, I still get the same problem. Anyone 
> game..? Cheers.
> 
> Mark Sargent.

I still don't really see how that script is going to do what is needed
for a policy file. 

I personally would just edit the policy file by hand and go through the
process of signing it and installing it for use by tripwire.

Redhat has some good documentation on doing this here:

http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/ref-guide/ch-tripwire.html




-- 
Scot L. Harris
webid at cfl.rr.com

"To IBM, 'open' means there is a modicum of interoperability among some of their
equipment."
-- Harv Masterson 




More information about the users mailing list