packages: tripwire/README.SuSE (NEW) - useful readme from SuSE

zbyniu zbyniu at pld-linux.org
Tue Jul 19 01:11:41 CEST 2011 

Author: zbyniu                       Date: Mon Jul 18 23:11:41 2011 GMT
Module: packages                      Tag: HEAD
---- Log message:
- useful readme from SuSE

---- Files affected:
packages/tripwire:
   README.SuSE (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/tripwire/README.SuSE
diff -u /dev/null packages/tripwire/README.SuSE:1.1
--- /dev/null	Tue Jul 19 01:11:41 2011
+++ packages/tripwire/README.SuSE	Tue Jul 19 01:11:35 2011
@@ -0,0 +1,54 @@
+Dear user,
+
+the tripwire package comes with a basic configuration file
+/etc/tripwire/twcfg.txt, which sets the mandatory variables
+to the defaults as described in the twconfig(4) manual
+page. This configuration is merely enough to set tripwire
+to work.
+
+The following five steps can serve you as a quick cookbook for
+setting tripwire to work.
+
+1. Choose a convenient HOSTNAME and generate site and local keys using
+
+     twadmin --generate-keys -L /etc/tripwire/${HOSTNAME}-local.key
+     twadmin --generate-keys -S /etc/tripwire/site.key
+
+   This creates the files named above as arguments.
+
+2. Compile the configuration file with
+
+     twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt
+
+   This creates file /etc/tripwire/tw.cfg.
+
+3. Create a policy file. A complex example can be found in
+   /usr/share/doc/packages/tripwire/twpol-Linux.txt. For test purposes,
+   a single rule
+
+     /bin -> $(ReadOnly);   # the ending semicolon is mandatory
+
+   or alike will do. Compile this with
+
+     twadmin --create-polfile -S /etc/tripwire/site.key /etc/tripwire/twpol.txt
+
+   provided /etc/tripwire/twpol.txt is the name of your policy file.
+   This creates file /etc/tripwire/tw.pol.
+
+4. Generates a baseline database (snapshot of the objects residing on
+   the system, according to the installed policy file) using
+
+     tripwire --init
+
+   This creates file /var/lib/tripwire/${HOSTNAME}.twd.
+
+5. You can check the system with
+
+     tripwire --check
+
+   This prints a report on the standard output and generates file
+   /var/lib/tripwire/report/${HOSTNAME}-YYYYMMDD-HHMMSS.twr. The report can
+   be redisplayed using
+
+     twprint --print-report -r /var/lib/tripwire/report/${HOSTNAME}-YYYYMMDD-HMMSS.twr
+
================================================================

More information about the pld-cvs-commit mailing list