- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: TripWire Config Woes!
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2006 02:59 AM
тАО12-28-2006 02:59 AM
ixTripwire A.08.00-2.4.0.1 Security and Data integrity tool
Here's what I've done so far:
1.) Used the provided twcfg.txt and twpol.txt. Only changes were to HOSTNAME in twcfg.txt and and 'emailto = "mymail@domain.com"' entry in twpol.txt to the "Critical configuratiomn files" rule.
2.) Ran "/opt/iexpress/tripwire/sbin/twinstall.sh" but errors out with:
Signing policy file...
### Error: Severity value outside of allowable limits.
### 100emailto: Line number 777
### Exiting...
The policy file was not altered.
Error: signing of policy file failed.
Step 4. should have been:
tripwire --init
Step 5. should have been:
tripwire --check
.... etc...
Any clue as to the issue with twinstall.sh and the emailto line?
Thanks!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2006 03:15 AM
тАО12-28-2006 03:15 AM
Re: TripWire Config Woes!
(
rulename = "Critical Files"
severity = $(SIG_HI),
emailto = "joker@mydom.com"
)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2006 03:18 AM
тАО12-28-2006 03:18 AM
SolutionSome examples of valid syntax for twcfg.txt and twpol.txt are here:
http://www.akadia.com/services/tripwire.html
PCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2006 03:18 AM
тАО12-28-2006 03:18 AM
Re: TripWire Config Woes!
[ /opt/iexpress/tripwire/etc ]
root@testsrv # tripwire --init
### Error: File could not be opened.
### Filename: /opt/iexpress/tripwire/etc/skoda-local.key
### No such file or directory
### Exiting...
Any clues? Are my steps above correct?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2006 04:09 AM
тАО12-28-2006 04:09 AM
Re: TripWire Config Woes!
> ### Filename:
> /opt/iexpress/tripwire/etc/skoda-local.key
> ### No such file or directory
> ### Exiting...
That error is usually a bug (as far as I can tell) in Tripwire. There is probably a file in ./etc named local.key and that is the file it is looking for. Apparently the ${HOSTNAME} variable isn't getting used correctly in the twcfg.txt file or something. The easiest way to correct it is to create a link (ln -s local.key skoda-local.key) or change your twcfg.txt to just use local.key (which is what I did). I didn't really see the need to distinguish between hostnames on a single system.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2006 04:10 AM
тАО12-28-2006 04:10 AM
Re: TripWire Config Woes!
I thought there was as step:
tripwire --initdb
Maybe I'm remembering incorrectly.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-28-2006 05:32 AM
тАО12-28-2006 05:32 AM
Re: TripWire Config Woes!
I did some more research into the local keyfile naming "bug". It turns out that the twinstall.sh script is the culprit. It redefines (thereby overriding) the twcfg.txt setting for the path and filename. Therefore, any changes to make to the local keyfile name/path need to (also) be done on line 42 of the twinstall.sh script.