Author: bdubbs
Date: 2008-04-20 22:36:18 -0600 (Sun, 20 Apr 2008)
New Revision: 7389
Modified:
trunk/BOOK/postlfs/security/tripwire.xml
Log:
Remove tabs
Modified: trunk/BOOK/postlfs/security/tripwire.xml
===================================================================
--- trunk/BOOK/postlfs/security/tripwire.xml 2008-04-21 02:07:25 UTC (rev
7388)
+++ trunk/BOOK/postlfs/security/tripwire.xml 2008-04-21 04:36:18 UTC (rev
7389)
@@ -105,9 +105,9 @@
the binaries. There are two keys: a site key and a local key which are
stored in <filename class="directory">/etc/tripwire/</filename>.</para>
- <para><command>cp -v policy/*.txt /usr/doc/tripwire</command>:
This command
- installs the <application>tripwire</application> sample policy
files with
- the other <application>tripwire</application>
documentation.</para>
+ <para><command>cp -v policy/*.txt /usr/doc/tripwire</command>: This command
+ installs the <application>tripwire</application> sample policy files with
+ the other <application>tripwire</application> documentation.</para>
</sect2>
@@ -134,71 +134,71 @@
default installation and will need to be updated for your
system.</para>
- <para>Policy files should be tailored to each
individual distribution
- and/or installation. Some example policy files can be
found in <filename
- class="directory">/usr/doc/tripwire/</filename> (Note
that <filename
- class="directory">/usr/doc/</filename> is a symbolic
link on LFS systems
- to <filename
class="directory">/usr/share/doc/</filename>).</para>
+ <para>Policy files should be tailored to each individual distribution
+ and/or installation. Some example policy files can be found in <filename
+ class="directory">/usr/doc/tripwire/</filename> (Note that <filename
+ class="directory">/usr/doc/</filename> is a symbolic link on LFS systems
+ to <filename class="directory">/usr/share/doc/</filename>).</para>
- <para>If desired, copy the policy file you'd like to
try into <filename
- class="directory">/etc/tripwire/</filename> instead of
using the default
- policy file, <filename>twpol.txt</filename>. It is,
however, recommended
- that you edit your policy file. Get ideas from the
examples above and
- read
<filename>/usr/doc/tripwire/policyguide.txt</filename> for
- additional information. <filename>twpol.txt</filename>
is a good policy
- file for learning about
<application>Tripwire</application> as it will
- note any changes to the file system and can even be
used as an annoying
- way of keeping track of changes for uninstallation of
software.</para>
+ <para>If desired, copy the policy file you'd like to try into <filename
+ class="directory">/etc/tripwire/</filename> instead of using the default
+ policy file, <filename>twpol.txt</filename>. It is, however, recommended
+ that you edit your policy file. Get ideas from the examples above and
+ read <filename>/usr/doc/tripwire/policyguide.txt</filename> for
+ additional information. <filename>twpol.txt</filename> is a good policy
+ file for learning about <application>Tripwire</application> as it will
+ note any changes to the file system and can even be used as an annoying
+ way of keeping track of changes for uninstallation of software.</para>
- <para>After your policy file has been edited to your
satisfaction you may
- begin the configuration steps (perform as the
<systemitem
- class='username'>root</systemitem>):</para>
+ <para>After your policy file has been edited to your satisfaction you may
+ begin the configuration steps (perform as the <systemitem
+ class='username'>root</systemitem>):</para>
<screen role="root"><userinput>twadmin --create-polfile --site-keyfile
/etc/tripwire/site.key \
/etc/tripwire/twpol.txt &&
tripwire --init</userinput></screen>
<para>Depending on your system and the contents of the policy file, the
- initialization phase above can take a relatively long
time.</para>
+ initialization phase above can take a relatively long time.</para>
</sect3>
<sect3>
<title>Usage Information</title>
- <para><application>Tripwire</application> will identify
file changes in
- the critical system files specified in the policy file.
Using
- <application>Tripwire</application> while making
frequent changes to
- these directories will flag all these changes. It is
most useful after a
- system has reached a configuration that the user
considers stable.</para>
+ <para><application>Tripwire</application> will identify file changes in
+ the critical system files specified in the policy file. Using
+ <application>Tripwire</application> while making frequent changes to
+ these directories will flag all these changes. It is most useful after a
+ system has reached a configuration that the user considers stable.</para>
- <para>To use <application>Tripwire</application> after
creating a policy
- file to run a report, use the following command:</para>
+ <para>To use <application>Tripwire</application> after creating a policy
+ file to run a report, use the following command:</para>
<screen role="root"><userinput>tripwire --check >
/etc/tripwire/report.txt</userinput></screen>
- <para>View the output to check the integrity of your
files. An automatic
- integrity report can be produced by using a cron
facility to schedule the
- runs.</para>
+ <para>View the output to check the integrity of your files. An automatic
+ integrity report can be produced by using a cron facility to schedule the
+ runs.</para>
- <para>Reports are stored in binary and, if desired,
encrypted. View reports,
- as the <systemitem class="username">root</systemitem>
user, with:</para>
+ <para>Reports are stored in binary and, if desired, encrypted. View
reports,
+ as the <systemitem class="username">root</systemitem> user, with:</para>
<screen role="root">twprint --print-report -r
/var/lib/tripwire/report/<replaceable><report-name.twr></replaceable></screen>
- <para>After you run an integrity check, you should
examine the
- report (or email) and then modify the
<application>Tripwire</application>
- database to reflect the changed files on your system.
This is so that
- <application>Tripwire</application> will not
continually notify you that
- files you intentionally changed are a security
violation. To do this you
- must first <command>ls -l
/var/lib/tripwire/report/</command> and note
- the name of the newest file which starts with your
system name as
- presented by the command <userinput>uname -n</userinput>
- and ends in <filename>.twr</filename>. These files were
created
- during report creation and the most current one is
needed to update the
- <application>Tripwire</application> database of your
system. As the
- <systemitem class='username'>root</systemitem> user,
type in the
- following command making the appropriate report
name:</para>
+ <para>After you run an integrity check, you should examine the
+ report (or email) and then modify the <application>Tripwire</application>
+ database to reflect the changed files on your system. This is so that
+ <application>Tripwire</application> will not continually notify you that
+ files you intentionally changed are a security violation. To do this you
+ must first <command>ls -l /var/lib/tripwire/report/</command> and note
+ the name of the newest file which starts with your system name as
+ presented by the command <userinput>uname -n</userinput>
+ and ends in <filename>.twr</filename>. These files were created
+ during report creation and the most current one is needed to update the
+ <application>Tripwire</application> database of your system. As the
+ <systemitem class='username'>root</systemitem> user, type in the
+ following command making the appropriate report name:</para>
<screen role="root"><userinput>tripwire --update --twrfile
/var/lib/tripwire/report/<replaceable><report-name.twr></replaceable></userinput></screen>
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
