لطفا منتظر باشید ...
Recipe 1.3 Modifying the Policy and Configuration
1.3.1 Problem
You want to change
the set of files and directories that tripwire
examines, or change tripwire's
default behavior.
1.3.2 Solution
Extract the policy and configuration to plaintext files: [Recipe 1.2]
# cd /etc/tripwire
# twadmin --print-polfile > twpol.txt
# twadmin --print-cfgfile > twcfg.txt
Modify the policy file twpol.txt and/or the
configuration file twcfg.txt with any text
editor. Then re-sign the modified files: [Recipe 1.1]
# twadmin --create-cfgfile --cfgfile /etc/tripwire/tw.cfg \
--site-keyfile site_key etc/tripwire/twcfg.txt
# twadmin --create-polfile --cfgfile /etc/tripwire/tw.cfg --site-keyfile site_key etc/tripwire/twpol.txt
and reinitialize the database: [Recipe 1.1]
# tripwire --init
# rm twcfg.txt twpol.txt
1.3.3 Discussion
This is much like setting up Tripwire from scratch [Recipe 1.1], except our existing, cryptographically-signed
policy and configuration files are first converted to plaintext.
[Recipe 1.2]You'll want to modify the policy if
tripwire complains that a file does not exist:
### Error: File could not be opened.
Edit the policy file and remove or comment out the reference to this
file if it does not exist on your system. Then re-sign the policy
file.You don't need to follow this procedure if
you're simply updating the database after an
integrity check [Recipe 1.11], only if
you've modified the policy or configuration.
1.3.4 See Also
twadmin(8), tripwire(8).
