Opened 17 years ago
Closed 16 years ago
#2308 closed defect (fixed)
Horrible situation with Tripwire
| Reported by: | Arthur Demchenkov | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | 6.3 |
| Component: | BOOK | Version: | SVN |
| Severity: | major | Keywords: | |
| Cc: |
Description
Hello, happy (B)LFS users! :-)
As far as I'm installing a plenty of third-party packages on my LFS-6.2 box, I've got a need to control my filesystem integrity for security reasons.
So I've installed tripwire package. There are bunch of fixes corresponding part of the book should be applied to:
1) Instructions in the book are not correct.
AN EXAMPLE:
tripwire --update -twrfile \
/var/lib/tripwire/report/linux-<???????>-<??????>.twr
SHOULD BE CHANGED TO:
tripwire --update --twrfile \
/var/lib/tripwire/report/$HOSTNAME-<???????>-<??????>.twr
2) http://home.iprimus.com.au/glombowski/blfs/twpol-lfs.txt IS DAMN OUT OF DATE I could manage to update it. Or even better to make our own twpol-blfs.txt for example.
3) What do I come to following the BLFS-instructions? tripwire --update --twrfile bla-bla-bla.twr ... Entering vim with report. Ok I want to approve all changes made to filesystem -> I just type :x<Enter> And what I get next? This error message appears:
No protocol specified Interactive Update failed. ### Error: Report file could not be parsed. Report may be corrupt. ### Exiting...
And of course the tripwire integrity database is not updated.
I've reinstalled tripwire, checked my config files, but nothing helped. Any ideas? Ah, my tripwire-configuration is in attachment for your use. Maybe there is another opensource integrity-checking tool we should use in BLFS?
Best regardz from Spinal
Attachments (2)
Change History (8)
by , 17 years ago
| Attachment: | tw-cfg.tar.bz2 added |
|---|
comment:1 by , 17 years ago
Looks like that package has some locale issues...
This command runs well:
LC_ALL=C tripwire --update --twrfile /var/lib/tripwire/report/bla-bla-bla.twr
Here's my i18n.sh:
$ cat /etc/profile.d/i18n.sh # Set up i18n variables export LC_ALL=ru_RU.UTF-8 export LANG=ru_RU.UTF-8 export G_FILENAME_ENCODING=@locale
comment:2 by , 17 years ago
Here's the link to patch which fixes the bug with "corrupted" reports in multibyte locales.
tripwire-2.4.0.1-mb_fix.patch
f718d9a488d43fce0e210550de215336 tripwire-2.4.0.1-mb_fix.patch
by , 17 years ago
| Attachment: | tripwire-2.4.0.1-mb_fix.patch added |
|---|
Fixes the bug with multibyte locales
comment:4 by , 17 years ago
| Owner: | changed from to |
|---|---|
| Priority: | highest → normal |
| Severity: | blocker → major |
I'll go ahead and accept out this bug, but I won't be able to get to it until at lease April 16.
comment:5 by , 17 years ago
| Milestone: | 6.2.1 → 6.3 |
|---|
comment:6 by , 16 years ago
| Status: | new → assigned |
|---|
comment:7 by , 16 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Updated Tripwire to 2.4.1.2 and updated the text.
To address the issues in this ticket:
- Said that the base of the report filename is $(uname -n)
- Removed the external examples (that are not available any more). It is up to the user to update configuration
files for the specific target system, but I revised the text quite a bit.
- Changed the :x to the correct :wq in two places.
Fixed at revisions 7386-8.
Spinal' tripwire configuration files