rpms/tripwire/FC-5 README.Fedora.in, NONE, 1.1 .cvsignore, 1.3, 1.4 sources, 1.3, 1.4 tripwire.spec, 1.7, 1.8 Latest-Changes, 1.2, NONE README.RPM.in, 1.1, NONE pipedmailmessage.patch, 1.1, NONE tripwire-2.3.0-50-rfc822.patch, 1.1, NONE tripwire-2.3.1-gcc3.new.patch, 1.1, NONE tripwire-mkstemp.patch, 1.1, NONE tripwire.txt, 1.1, NONE

Brandon Holbrook (static) fedora-extras-commits at redhat.com
Thu Mar 1 06:18:23 UTC 2007 

Author: static

Update of /cvs/extras/rpms/tripwire/FC-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27933

Modified Files:
	.cvsignore sources tripwire.spec 
Added Files:
	README.Fedora.in 
Removed Files:
	Latest-Changes README.RPM.in pipedmailmessage.patch 
	tripwire-2.3.0-50-rfc822.patch tripwire-2.3.1-gcc3.new.patch 
	tripwire-mkstemp.patch tripwire.txt 
Log Message:
Upgrade to upstream 2.4.1.1



--- NEW FILE README.Fedora.in ---
Post-Installation Instructions

The Tripwire RPM installs the basic program files needed to run the software. However, this installation does not complete custom configurations that Tripwire 2.4 needs to perform correctly. After you unpack the RPM, you must:
1. Generate the system-specific cryptographic key files ( @sbindir@/tripwire-setup-keyfiles )
2. Initialize the Tripwire database file. ( @sbindir@/tripwire --init )
3. Run the first integrity check. ( @sbindir@/tripwire --check )
4. Edit the configuration file ( twcfg.txt ) with a text editor, if desired.
5. Edit the policy file ( twpol.txt ) with a text editor, if desired.

Note: If you plan to modify the policy file, we recommend you do so before running the configuration script. If you modify the policy file after running the configuration script, you must re-run the configuration file before initializing the database file. 

Modifying the Policy File
You can specify how Tripwire software checks your system in the Tripwire policy file (twpol.txt). A default policy file is included in the Tripwire software installation. We recommend you tailor this policy file to fit your particular system. Tailoring the policy file greatly increases Tripwire software's ability to ensure the integrity of your system. 

Locate the default policy file at  /etc/tripwire/twpol.txt. An example policy file (located at   /usr/share/doc/tripwire-VER#-REL#/policyguide.txt) is included to help you learn the policy language. Read the sample policy file and the comments in the sample policy file to learn the policy language. 

After you modify the policy file, follow the Post-Installation Instructions (run the configuration script). This script signs the modified policy file and renames it to tw.pol. This is the active policy file that runs as part of the Tripwire software. 

Selecting Passphrases
Tripwire files are signed or encrypted using site or local keys. These keys are protected by passphrases. When selecting passphrases, the following recommendations apply:
Use at least eight alphanumeric and symbolic characters for each passphrase. The maximum length of a passphrase is 1023 characters. Quotes should not be used as passphrase characters.

Assign a unique passphrase for the site key. The site key passphrase protects the site key, which is used to sign Tripwire software configuration and policy files. Assign a unique passphrase for the local key. The local key signs Tripwire database files. The local key may sign the Tripwire report files also. 

Store the passphrases in a secure location. There is no way to remove encryption from a signed file if you forget your passphrase. If you forget the passphrases, the files are unusable. In that case you must reinitialize the baseline database.

Initializing the Database 
In Database Initialization mode, Tripwire software builds a database of filesystem objects based on the rules in the policy file. This database serves as the baseline for integrity checks. The syntax for Database Initialization mode is:
tripwire  --init 

Running an Integrity Check
The Integrity Check mode compares the current file system objects with their properties recorded in the Tripwire database. Violations are printed to stdout. The report file is saved and can later be accessed by twprint. An email option enables you to send email. The syntax for Integrity Check mode is:
tripwire --check 

Printing Reports - twprint Print Report Mode
The twprint --print-report mode prints the contents of a Tripwire report. If you do not specify a report with the --twrfile or -r command-line argument, the default report file specified by the configuration file REPORTFILE variable is used. 
Example: On a machine named LIGHTHOUSE, the command would be:
./twprint -m r --twrfile LIGHTHOUSE-19990622-021212.twr

Updating the Database after an Integrity Check
Database Update mode enables you to update the Tripwire database after an integrity check if you determine that the violations discovered are valid. This update process saves time by enabling you to update the database without having to re-initialize it. It also enables selective updating, which cannot be done through re-initialization. The syntax for Database Update mode is:
tripwire --update 

Updating the Policy File
Change the way that Tripwire software scans the system by changing the rules in the policy file. You can  then update the database without a complete re-initialization. This saves a significant amount of time and preserves security by keeping the policy file synchronized with the database it uses.  The syntax for Policy Update mode is:
tripwire  --update-policy 

Testing email functions
Test mode tests the software's email notification system, using the settings currently specified in the configuration file. The syntax for Email Test Reporting mode is:
tripwire  --test 

Tripwire Components
The policy file begins as a text file containing comments, rules, directives, and variables. These dictate the way Tripwire software checks your system. Each rule in the policy file specifies a system object to be monitored. Rules also describe which changes to the object to report, and which to ignore. 

System objects are the files and directories you wish to monitor. Each object is identified by an object name. A property refers to a single characteristic of an object that Tripwire software can monitor. Directives control conditional processing of sets of rules in a policy file. During installation, the text policy file is encrypted and renamed, and becomes the active policy file. 

The database file is an important component of Tripwire software. When first installed, Tripwire software uses the policy file rules to create the database file. The database file is a baseline "snapshot" of the system in a known secure state. Tripwire software compares this baseline against the current system to determine what changes have occurred. This is an integrity check.

When you perform an integrity check, Tripwire software produces report files. Report files summarize any changes that violated the policy file rules during the integrity check. You can view the report file in a variety of formats, at varying levels of detail.  

The Tripwire configuration file stores system-specific information, such as the location of Tripwire data files. Tripwire software generates some of the configuration file information during installation. The system administrator can change parameters in the configuration file at any time. The configuration file variables POLFILE, DBFILE, REPORTFILE, SITEKEYFILE, and LOCALKEYFILE specify where the policy file, database file, report files, and site and local key files reside. These variables must be defined or the configuration file is invalid. If any of these variables are undefined, an error occurs on execution of Tripwire software and the program exits. 

Tripwire Help
All Tripwire commands support the help arguments. Example: To get help with Create Configuration File mode, type: ./twadmin --help --create-cfgfile

-?		Display usage and version information
--help		Display all command modes
--help all	Display help for all command modes
--help [mode]	Display help for current command mode
--version	Display version information


Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/tripwire/FC-5/.cvsignore,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- .cvsignore	11 Nov 2006 16:29:00 -0000	1.3
+++ .cvsignore	1 Mar 2007 06:17:50 -0000	1.4
@@ -1,2 +1 @@
-tripwire-2.3.1-2.tar.gz
-tw-20030919.patch.bz2
+tripwire-2.4.1.1-src.tar.bz2


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/tripwire/FC-5/sources,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- sources	11 Nov 2006 16:29:00 -0000	1.3
+++ sources	1 Mar 2007 06:17:50 -0000	1.4
@@ -1,2 +1 @@
-6a15fe110565cef9ed33c1c7e070355e  tripwire-2.3.1-2.tar.gz
-728884715c96b27edb31fe0afb60c0cf  tw-20030919.patch.bz2
+472af7b2acd40f2497d68ac6da38abf7  tripwire-2.4.1.1-src.tar.bz2


Index: tripwire.spec
===================================================================
RCS file: /cvs/extras/rpms/tripwire/FC-5/tripwire.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- tripwire.spec	11 Nov 2006 16:29:00 -0000	1.7
+++ tripwire.spec	1 Mar 2007 06:17:50 -0000	1.8
@@ -1,40 +1,28 @@
 %define		path_to_vi /bin/vi
 %define		path_to_sendmail /usr/sbin/sendmail
-Summary:	IDS (Intrusion Detection System)
+
 Name:		tripwire
-Version:	2.3.1
-Release:	22
+Version:	2.4.1.1
+Release:	1%{?dist}
+Summary:	IDS (Intrusion Detection System)
 
 License:	GPL
 Group:		Applications/System
-Source0:	http://download.sourceforge.net/tripwire/tripwire-2.3.1-2.tar.gz
+Source0:	http://download.sourceforge.net/tripwire/tripwire-%{version}-src.tar.bz2
 Source1:	tripwire.cron.in
-Source2:	tripwire.txt
 Source3:	tripwire.gif
 Source4:	twcfg.txt.in
 Source5:	tripwire-setup-keyfiles.in
 Source6:	twpol.txt.in
-Source7:	README.RPM.in
-Source8:	Latest-Changes
+Source7:	README.Fedora.in
 Source9:	License-Issues
 URL:		http://www.tripwire.org/
-Buildrequires:	autoconf openssl-devel
-Requires:	sed grep gzip tar gawk
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
-# Tripwire is NOT  64bit  clean,  nor  endian  clean,  and  only  works
-# properly  on  x86  architecture. This  open  source  code *is*  being
-# maintained, (albeit, quite slowly),  so  this  is  likely  to  change
-# eventually. Currently  We  exclude  non x86 arches.
-ExclusiveArch: %{ix86}
-
-Patch0:		tripwire-2.3.0-50-rfc822.patch
-Patch1:		tripwire-mkstemp.patch
-Patch2:		tw-20030919.patch.bz2
-Patch3:		tripwire-2.3.1-gcc3.new.patch
-Patch4:		tripwire-siggen-man8.patch
-Patch5:		pipedmailmessage.patch
+BuildRequires:	openssl-devel
+Requires(post):	sed
 
+Patch1:		tripwire-siggen-man8.patch
 
 %description
 Tripwire is a very valuable security tool for Linux systems, if  it  is
@@ -54,19 +42,11 @@
 enact damage control measures immediately if certain  files  have  been
 altered.
 
-
 %prep
-%setup -q -n %{name}-2.3.1-2
-%{__cp} -p %{SOURCE2} quickstart.txt
-%{__cp} -p %{SOURCE3} quickstart.gif
-
-%patch0 -p1 -b .rfc822
-%patch1 -p1 -b .mkstemp
-%patch2 -p1 -b .tw-20030919
-%patch3 -p1 -b .gcc3.new
-%patch4 -p1 -b .siggen.manpage
-%patch5 -p1 -b .pipedmailmessage
+%setup -q
+%{__cp} -p %{SOURCE3} .
 
+%patch1 -p1 -b .siggen.manpage
 
 %build
 %{__chmod} 755 configure
@@ -81,19 +61,17 @@
 	--libdir=%{_var}/lib \
 	--mandir=%{_mandir}
 
-# Do not parallelise this with _smp_flags or -j
-%{__make}
-
+%{__make} %{?_smp_mflags}
 
 %install
 %{__rm} -fr ${RPM_BUILD_ROOT}
 
 # Install the binaries.
 %{__mkdir_p} ${RPM_BUILD_ROOT}%{_sbindir}
-%{__install} -p -m755 bin/siggen   ${RPM_BUILD_ROOT}%{_sbindir}
+%{__install} -p -m755 bin/siggen ${RPM_BUILD_ROOT}%{_sbindir}
 %{__install} -p -m755 bin/tripwire ${RPM_BUILD_ROOT}%{_sbindir}
-%{__install} -p -m755 bin/twadmin  ${RPM_BUILD_ROOT}%{_sbindir}
-%{__install} -p -m755 bin/twprint  ${RPM_BUILD_ROOT}%{_sbindir}
+%{__install} -p -m755 bin/twadmin ${RPM_BUILD_ROOT}%{_sbindir}
+%{__install} -p -m755 bin/twprint ${RPM_BUILD_ROOT}%{_sbindir}
 
 # Install the man pages.
 %{__mkdir_p} ${RPM_BUILD_ROOT}%{_mandir}/{man4,man5,man8}
@@ -115,7 +93,7 @@
 	%{__sed} -e 's|@vardir@|%{_var}|g' >\
 	_tmpcfg/${outfile}
 done
-%{__mv} _tmpcfg/{tripwire-setup-keyfiles,README.RPM} .
+%{__mv} _tmpcfg/{tripwire-setup-keyfiles,README.Fedora} .
 
 # Create the reports directory.
 %{__install} -d -m700 ${RPM_BUILD_ROOT}%{_var}/lib/tripwire/report
@@ -133,18 +111,17 @@
 done
 
 # Install the keyfile setup script
-%{__install} -p -m755 tripwire-setup-keyfiles  ${RPM_BUILD_ROOT}%{_sbindir}
+%{__install} -p -m755 tripwire-setup-keyfiles ${RPM_BUILD_ROOT}%{_sbindir}
 
 # Fix permissions on documentation files.
-%{__cp} -p %{SOURCE8} %{SOURCE9} .
+%{__cp} -p %{SOURCE9} .
 %{__chmod} 644 \
-	README Release_Notes ChangeLog COPYING TRADEMARK quickstart.gif \
-	quickstart.txt README.RPM policy/policyguide.txt Latest-Changes \
-	License-Issues
+	ChangeLog COMMERCIAL COPYING TRADEMARK tripwire.gif \
+	README.Fedora policy/policyguide.txt License-Issues
 
 
 %clean
-%{__rm} -fr ${RPM_BUILD_ROOT}
+%{__rm} -rf ${RPM_BUILD_ROOT}
 
 
 %post
@@ -153,21 +130,47 @@
 
 
 %files
-%defattr(-,root,root,-)
-%doc README Release_Notes ChangeLog COPYING TRADEMARK quickstart.gif
-%doc quickstart.txt README.RPM policy/policyguide.txt Latest-Changes
-%doc License-Issues
-%attr(0755,root,root) %dir %{_sysconfdir}/tripwire
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/tripwire/twcfg.txt
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/tripwire/twpol.txt
-%attr(0755,root,root) %config(noreplace) %{_sysconfdir}/cron.daily/tripwire-check
-%attr(0755,root,root) %dir %{_var}/lib/tripwire
-%attr(0755,root,root) %dir %{_var}/lib/tripwire/report
-%attr(0644,root,root) %{_mandir}/*/*
+%defattr(0644,root,root,0755)
+%doc ChangeLog COMMERCIAL COPYING TRADEMARK tripwire.gif
+%doc README.Fedora policy/policyguide.txt License-Issues
+%attr(0700,root,root) %dir %{_sysconfdir}/tripwire
+%config(noreplace) %{_sysconfdir}/tripwire/twcfg.txt
+%config(noreplace) %{_sysconfdir}/tripwire/twpol.txt
+%attr(0755,root,root) %{_sysconfdir}/cron.daily/tripwire-check
+%attr(0700,root,root) %dir %{_var}/lib/tripwire
+%attr(0700,root,root) %dir %{_var}/lib/tripwire/report
+%{_mandir}/*/*
 %attr(0755,root,root) %{_sbindir}/*
 
 
 %changelog
+* Wed Feb 28 2007 Brandon Holbrook <fedora at theholbrooks.org> 2.4.1.1-1
+- Upgrade to upstream 2.4.1.1 (obsoletes gcc4 patch)
+- Merge quickstart.txt into README.Fedora and fix doc bug (#161764)
+
+* Thu Dec 21 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-4
+- Don't print anything at install time
+
+* Tue Dec 19 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-3
+- Changed defattr to 644,755
+- removed BR: autoconf
+- Inform users about README.Fedora instead of spamming the install
+  with catting the whole file
+
+* Wed Nov 15 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-2
+- chmod'ed /etc/tripwire to 0700
+- Added sed to Requires(post)
+
+* Tue Aug 22 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-1.4
+- Include COMMERCIAL file from upstream
+- Print README.RPM on initial install
+- Added _smp_mflags to make
+- Removed ExclusiveArch: ix86
+- Replaced 2.3 with 2.4 in tripwire.txt
+
+* Tue Aug 22 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-1.2
+- Updated to 2.4.0.1
+
 * Fri Apr  7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
 - rebuilt
 
@@ -176,8 +179,8 @@
 - Fixed a bogus entry in twpol.txt.in (modeprobe.conf -> modprobe.conf)
 
 * Thu Jun 10 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.9
-- Applied Paul Herman's patch to fix a format string  vulnerability  in
-  pipedmailmessage.cpp
+- Applied Paul Herman's patch to fix a format string vulnerability in
+ pipedmailmessage.cpp
 
 * Sun Feb 29 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.8
 - Default policy overhaul
@@ -190,7 +193,7 @@
 - Removed explicit Buildrequires gcc-c++
 
 * Fri Feb 20 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.5
-- Finally moved twinstall.sh from the sysconfdir to the sbindir,  since
+- Finally moved twinstall.sh from the sysconfdir to the sbindir, since
   it is not a configuration file. Fixes Red Hat bug #61855
 - Renamed twinstall.sh to tripwire-setup-keyfiles, since  the  name  is
   misleading. It is setting up keyfiles, not installing an  application


--- Latest-Changes DELETED ---


--- README.RPM.in DELETED ---


--- pipedmailmessage.patch DELETED ---


--- tripwire-2.3.0-50-rfc822.patch DELETED ---


--- tripwire-2.3.1-gcc3.new.patch DELETED ---


--- tripwire-mkstemp.patch DELETED ---


--- tripwire.txt DELETED ---

More information about the fedora-extras-commits mailing list