Tripwire Questions

[Mark Sargent]

Mark Sargent wrote:

> Scot L. Harris wrote:
>
>> On Fri, 2005-03-04 at 11:30, Mark Sargent wrote:
>>  
>>
>>> Hi All,
>>>
>>> I followed a Fedora 2 book for setting up tripwire(FC3 box), and 
>>> used a perl script(from the same book) that scans the twpol.txt 
>>> file, removes/adds what's needed and updates the file, which saves a 
>>> lot of manual stuff. Anyway, this is the command I executed,
>>> /usr/local/bin/cleanpol.pl <twpol.txt.orig \ >twpol.txt
>>> and, it showed 4 additions and 141 removals. I then went and opened 
>>> twpol.txt with Gedit, but, it's empty. Shouldn't this file be 
>>> updated with the revised rules.? Confused. Cheers.
>>>
>>> Mark Sargent.
>>>   
>>
>>
>> Sounds like a problem with the script.  I have always manually edited
>> the twpol.txt file clean it of missing files and add in things that are
>> not included.
>>
>> I usually run a check and then use that report to walk through the
>> policy making the required changes.  Usually takes about 3 or 4 passes
>> to get a clean policy setup. 
>> Which book are you using?  Would be interested in such a script if one
>> exists.
>>
>>  
>>
> Hi All,
>
> am using Beginning Fedora 2 from Wrox. I'll copy the script from the 
> box(hasn't touched the net yet) and paste it in here for you. Rather 
> handy, when it works(which it has on another machine, some time ago). 
> Cheers.
>
> Mark Sargent.
>
Hi All,

here is the script,


#! /usr/bin/perl -w

$Additions = 0;
$Removals = 0;
while ($line = <STDIN>) {
if ( $line =~ /^\s*#\s*(\/\S+)/ ) {
if ( -e $1 ) {
    $line =~ s/^\s*#//;
    $Additions++;
}
}elsif ( $line =~ /^\s*(\/\S+)/ ) {
if ( ! -e $1 ) {
   $line = "#" . $line;
   $Removals++;
}
}
}
print STDERR "Number of additions: $Additions\n";
print STDERR "Number of removals: $Removals\n";

Cheers.

Mark sargent.