r3135 - in trunk/BOOK: . introduction/welcome postlfs/security

bdubbs at linuxfromscratch.org bdubbs at linuxfromscratch.org
Tue Dec 21 19:48:07 PST 2004


Author: bdubbs
Date: 2004-12-21 20:48:05 -0700 (Tue, 21 Dec 2004)
New Revision: 3135

Modified:
   trunk/BOOK/general.ent
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/postlfs/security/tripwire.xml
Log:
Updated tripwire

Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent	2004-12-22 01:00:40 UTC (rev 3134)
+++ trunk/BOOK/general.ent	2004-12-22 03:48:05 UTC (rev 3135)
@@ -33,7 +33,7 @@
 <!ENTITY shadow-version               "4.0.4.1">  
 <!ENTITY iptables-version             "1.2.11"> 
 <!ENTITY gnupg-version                "1.2.6">  
-<!ENTITY tripwire-version             "2.3.1-2">   
+<!ENTITY tripwire-version             "portable-0.9">   
 <!ENTITY heimdal-version              "0.6.2">   
 <!ENTITY mitkrb-version               "1.3.5"> 
 <!ENTITY cyrus-sasl-version           "2.1.20"> 

Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2004-12-22 01:00:40 UTC (rev 3134)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2004-12-22 03:48:05 UTC (rev 3135)
@@ -22,6 +22,8 @@
 
 <itemizedlist>
 
+<listitem><para>December 21st, 2004 [bdubbs]: Updated tripwire.</para></listitem>
+
 <listitem><para>December 21st, 2004 [randy]: Updated to KOffice-1.3.5 and 
 cpio-2.6; added MD5 sums and updated dependencies to GNOME-1.4 packages; 
 spelling, grammar, tag and excessive whitespace corrections to various 

Modified: trunk/BOOK/postlfs/security/tripwire.xml
===================================================================
--- trunk/BOOK/postlfs/security/tripwire.xml	2004-12-22 01:00:40 UTC (rev 3134)
+++ trunk/BOOK/postlfs/security/tripwire.xml	2004-12-22 03:48:05 UTC (rev 3135)
@@ -4,14 +4,14 @@
   <!ENTITY % general-entities SYSTEM "../../general.ent">
   %general-entities;
 
-  <!ENTITY tripwire-download-http "http://prdownloads.sourceforge.net/tripwire/tripwire-&tripwire-version;.tar.gz">
-  <!ENTITY tripwire-download-ftp  "ftp://ftp.fu-berlin.de/unix/security/tripwire/tripwire-&tripwire-version;.tar.gz">
-  <!ENTITY tripwire-size          "1.4 MB">
-  <!ENTITY tripwire-buildsize     "63 MB">
-  <!ENTITY tripwire-time          "2.35 SBU">
+  <!ENTITY tripwire-download-http "http://www.frenchfries.net/paul/tripwire/tripwire-&tripwire-version;.tar.gz">
+  <!ENTITY tripwire-download-ftp  " ">
+  <!ENTITY tripwire-size          "869 KB">
+  <!ENTITY tripwire-buildsize     "22 MB">
+  <!ENTITY tripwire-time          "2.96 SBU">
 ]>
 
-<sect1 id="tripwire" xreflabel="Tripwire-&tripwire-version;">
+<sect1 id="tripwire-portable" xreflabel="Tripwire-&tripwire-version;">
 <sect1info>
 <othername>$LastChangedBy$</othername>
 <date>$Date$</date>
@@ -38,14 +38,6 @@
 &tripwire-time;</para></listitem></itemizedlist>
 </sect3>
 
-<sect3><title>Additional downloads</title>
-<itemizedlist spacing='compact'>
-<listitem><para>Required patch to fix multiple build issues (see patch for 
-more information): <ulink 
-url="&patch-root;/tripwire-&tripwire-version;-gcc3_build_fixes-1.patch"/></para></listitem>
-</itemizedlist>
-</sect3>
-
 <sect3><title><application>Tripwire</application> dependencies</title>
 <sect4><title>Optional</title>
 <para><acronym>MTA</acronym> (See <xref linkend="server-mail"/>)</para></sect4>
@@ -59,31 +51,30 @@
 <para>Compile <application>Tripwire</application> by running the following 
 commands:</para>
 
-<screen><userinput><command>patch -Np1 -i ../tripwire-&tripwire-version;-gcc3_build_fixes-1.patch &&
-make -C src release &&
-cp install/install.{sh,cfg} .</command></userinput></screen>
+<screen><userinput><command>sed -i -e 's at TWDB="${prefix}@TWDB="/var/lib@' install/install.cfg &&
+./configure --prefix=/usr --sysconfdir=/etc/tripwire &&
+make &&
+make install &&
+cp policy/*.txt /usr/share/doc/tripwire</command></userinput></screen>
 
 <para>The default configuration is to use a local <acronym>MTA</acronym>. If 
 you don't have an <acronym>MTA</acronym> installed and have no wish to install 
 one, modify <filename>install.cfg</filename> to use an <acronym>SMTP</acronym> 
-server instead. Install <application>Tripwire</application> by running the 
-following commands:</para>
+server instead.</para>
 
-<screen><userinput><command>./install.sh &&
-cp /etc/tripwire/tw.cfg /usr/sbin &&
-cp policy/*.txt /usr/share/doc/tripwire</command></userinput></screen>
-
 </sect2>
 
 <sect2>
 <title>Command explanations</title>
 
-<para><command>make release</command>: This command creates the
-<application>Tripwire</application> binaries.</para>
+<para><command>sed -i -e 's at TWDB="${prefix}@TWDB="/var/lib@' install/install.cfg</command>: 
+This command tells the package to install the program database and reports in
+<filename>/var/lib/tripwire</filename>.</para>
 
-<para><command>cp install.{sh,cfg} .</command>: These files are copied to 
-the main <application>Tripwire</application> directory so that the script 
-can be used to install the package.</para>
+<para><command>make install</command>: This command creates the
+<application>Tripwire</application> security keys as well as installing the
+binaries. There are two keys: a site key and a local key which are stored in
+<filename class="directory">/etc/tripwire/</filename>.</para>
 
 <para><command>cp policy/*.txt /usr/share/doc/tripwire</command>: This command 
 installs the documentation.</para>
@@ -102,11 +93,10 @@
 <para><application>Tripwire</application> uses a policy file to determine which 
 files are integrity checked. The default policy file 
 (<filename>/etc/tripwire/twpol.txt</filename>) is for a default 
-installation of Redhat 7.0 and is woefully outdated.</para>
+installation Redhat and will need to be updated for your system.</para>
 
-<para>Policy files are also a custom thing and should be tailored to each 
-individual distribution and/or installation. Some custom policy files can be 
-found below: </para>
+<para>Policy files should be tailored to each individual distribution and/or
+installation. Some custom policy files can be found below: </para>
 
 <screen><ulink url="http://home.iprimus.com.au/glombowski/blfs/twpol-all.txt"/>
 Checks integrity of all files
@@ -128,20 +118,16 @@
 <filename class="directory">/etc/tripwire/</filename> you may begin the 
 configuration steps:</para>
 
-<screen><userinput><command>twadmin -m P /etc/tripwire/twpol.txt &&
-tripwire -m i</command></userinput></screen>
+<screen><userinput><command>twadmin --create-polfile --site-keyfile=/etc/tripwire site.key /etc/tripwire/twpol.txt &&
+tripwire --init</command></userinput></screen>
 
-<para>During installation <application>Tripwire</application> will create two
-keys: a site key and a local key which are stored in 
-<filename class="directory">/etc/tripwire/</filename>.</para>
-
 </sect3>
 
 <sect3><title>Usage Information</title>
 <para>To use <application>Tripwire</application> after creating a policy file 
 to run a report, use the following command:</para>
 
-<screen><userinput><command>tripwire -m c > /etc/tripwire/report.txt</command></userinput></screen>
+<screen><userinput><command>tripwire --check > /etc/tripwire/report.txt</command></userinput></screen>
 
 <para>View the output to check the integrity of your files. An automatic
 integrity report can be produced by using a cron facility to schedule
@@ -160,7 +146,7 @@
 system. Then, type in the following command making the appropriate 
 substitutions for <replaceable>[?]</replaceable>:</para>
 
-<screen><userinput><command>tripwire -m u -r /var/lib/tripwire/report/linux-<replaceable>[???????]</replaceable>-<replaceable>[??????]</replaceable>.twr</command></userinput></screen>
+<screen><userinput><command>tripwire --update -twrfile /var/lib/tripwire/report/linux-<replaceable>[???????]</replaceable>-<replaceable>[??????]</replaceable>.twr</command></userinput></screen>
 
 <para>You will be placed into <application>vim</application> with a copy of 
 the report in front of you. If all the changes were good, then just type 
@@ -176,8 +162,8 @@
 use a new one, modify the policy file and then execute the following
 commands:</para>
 
-<screen><userinput><command>twadmin -m P /etc/tripwire/twpol.txt &&
-tripwire -m i</command></userinput></screen>
+<screen><userinput><command>twadmin --create-polfile /etc/tripwire/twpol.txt &&
+tripwire --init</command></userinput></screen>
 
 </sect3>
 
@@ -185,38 +171,45 @@
 
 <sect2>
 <title>Contents</title>
+<segmentedlist>
+  <segtitle>Installed Programs</segtitle>
+  <seglistitem>
+    <seg>siggen, tripwire, twadmin and twprint.</seg>
+  </seglistitem>
+</segmentedlist>
 
-<para>The <application>Tripwire</application> package contains 
-<command>siggen</command>, <command>tripwire</command>, 
-<command>twadmin</command> and <command>twprint</command>.</para>
+<variablelist>
+  <bridgehead renderas="sect3">Short Descriptions</bridgehead>
+  <?dbfo list-presentation="list"?>
 
-</sect2>
+  <varlistentry id="siggen"> 
+    <term><command>siggen</command></term>
+    <listitem><para>is a signature gathering utility that displays 
+      the hash function values for the specified files.</para>
+    </listitem>
+  </varlistentry>
 
-<sect2>
-<title>Description</title>
+  <varlistentry id='tripwire'>
+    <term><command>tripwire</command></term> 
+    <listitem><para>is the main file integrity checking program.</para></listitem>
+  </varlistentry>
 
-<sect3>
-<title>siggen</title>
-<para><command>siggen</command> is a signature gathering utility that displays 
-the hash function values for the specified files.</para></sect3>
+  <varlistentry id='twadmin'>
+    <term><command>twadmin</command></term>
+    <listitem><para>administrative and utility tool used to perform 
+      certain administrative functions related to 
+      <application>Tripwire</application> files and configuration options.</para>
+    </listitem>
+  </varlistentry>
 
-<sect3>
-<title>tripwire</title>
-<para><command>tripwire</command> is the main file integrity checking program.
-</para></sect3>
+  <varlistentry id='twprint'>
+    <term><command>twprint</command></term>
+    <listitem><para>prints <application>Tripwire</application> 
+      database and report files in clear text format.</para>
+    </listitem>
+  </varlistentry>
+</variablelist>
 
-<sect3>
-<title>twadmin</title>
-<para><command>twadmin</command> is <application>Tripwire</application>'s 
-administrative and utility tool used to perform certain administrative 
-functions related to <application>Tripwire</application> files and 
-configuration options.</para></sect3>
-
-<sect3>
-<title>twprint</title>
-<para><command>twprint</command> prints <application>Tripwire</application> 
-database and report files in clear text format.</para></sect3>
-
 </sect2>
 
 </sect1>




More information about the blfs-book mailing list