Default Cygwin policy, and install script tweak to enable it, by using uname -o when uname -s gives us a name in a format we'd rather not use, like 'CYGWIN_NT_10.0'

installer/install.sh

@@ -154,10 +154,16 @@ TAR_DIR=${TAR_DIR:-${START_DIR}}
 
 OS=`uname -s`
 POLICYSRC="twpol-${OS:=GENERIC}.txt"
-if [ ! -r ${TAR_DIR}/policy/${POLICYSRC} ]
+if [ ! -r ${TAR_DIR}/policy/${POLICYSRC} ]; then
-then POLICYSRC="twpol-GENERIC.txt"
+    OS=`uname -o`
+    POLICYSRC="twpol-${OS:=GENERIC}.txt"
 fi
 
+if [ ! -r ${TAR_DIR}/policy/${POLICYSRC} ]; then
+    POLICYSRC="twpol-GENERIC.txt"
+fi
+
+
 ##-------------------------------------------------------
 ## Parse the command line.
 ##-------------------------------------------------------

policy/twpol-Cygwin.txt

@@ -0,0 +1,163 @@
+###############################################################################
+#                                                                            ##
+#    Default Tripwire 2.4 Policy file for Cygwin                             ##
+#                                                                            ##
+###############################################################################
+
+
+###############################################################################
+#                                                                            ##
+# Global Variable Definitions                                                ##
+#                                                                            ##
+# These are defined at install time by the installation script.  You may     ##
+# Manually edit these if you are using this file directly and not from the   ##
+# installation script itself.                                                ##
+#                                                                            ##
+###############################################################################
+
+@@section GLOBAL
+TWROOT=;
+TWBIN=;
+TWPOL=;
+TWDB=;
+TWSKEY=;
+TWLKEY=;
+TWREPORT=;
+HOSTNAME=;
+
+##############################################################################
+#  Predefined Variables                                                      #
+##############################################################################
+#
+#  Property Masks
+#
+#  -  ignore the following properties
+#  +  check the following properties
+#
+#  a  access timestamp (mutually exclusive with +CMSH)
+#  b  number of blocks allocated
+#  c  inode creation/modification timestamp
+#  d  ID of device on which inode resides
+#  g  group id of owner
+#  i  inode number
+#  l  growing files (logfiles for example)
+#  m  modification timestamp
+#  n  number of links
+#  p  permission and file mode bits
+#  r  ID of device pointed to by inode (valid only for device objects)
+#  s  file size
+#  t  file type
+#  u  user id of owner
+#
+#  C  CRC-32 hash
+#  H  HAVAL hash
+#  M  MD5 hash
+#  S  SHA hash
+#
+##############################################################################
+
+#Device        = +pugsdr-intlbamcCMSH ;
+#Dynamic       = +pinugtd-srlbamcCMSH ;
+#Growing       = +pinugtdl-srbamcCMSH ;
+#IgnoreAll     = -pinugtsdrlbamcCMSH ;
+#IgnoreNone    = +pinugtsdrbamcCMSH-l ;
+#ReadOnly      = +pinugtsdbmCM-rlacSH ;
+Temporary     = +pugt ;
+
+@@section FS 
+
+#########################################
+#                                      ##
+#  Tripwire Binaries and Data Files    ##
+#                                      ##
+#########################################
+
+# Tripwire Binaries
+(
+  rulename = "Tripwire Binaries",
+)
+{
+  $(TWBIN)/siggen                      -> $(ReadOnly) ;
+  $(TWBIN)/tripwire                    -> $(ReadOnly) ;
+  $(TWBIN)/twadmin                     -> $(ReadOnly) ;
+  $(TWBIN)/twprint                     -> $(ReadOnly) ;
+}
+
+# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
+(
+  rulename = "Tripwire Data Files",
+)
+{
+  # NOTE: We remove the inode attribute because when Tripwire creates a backup,
+  # it does so by renaming the old file and creating a new one (which will
+  # have a new inode number).  Inode is left turned on for keys, which shouldn't
+  # ever change.
+
+  # NOTE: The first integrity check triggers this rule and each integrity check
+  # afterward triggers this rule until a database update is run, since the
+  # database file does not exist before that point.
+
+  $(TWDB)                              -> $(Dynamic) -i ;
+  $(TWPOL)/tw.pol                      -> $(ReadOnly) -i ;
+  $(TWPOL)/tw.cfg                      -> $(ReadOnly) -i ;
+  $(TWLKEY)/$(HOSTNAME)-local.key      -> $(ReadOnly) ;
+  $(TWSKEY)/site.key                   -> $(ReadOnly) ;
+
+  # don't scan the individual reports
+  $(TWREPORT)                          -> $(Dynamic) (recurse=0) ;
+}
+
+##############################################################################
+
+(rulename="Binary files",)
+{
+  /bin -> $(IgnoreNone) -a;
+  /usr/bin -> $(IgnoreNone) -a;
+  /usr/local/bin -> $(IgnoreNone) -a;
+}
+
+(rulename="Development",)
+{
+  /usr/x86_64-pc-cygwin -> $(IgnoreNone) -a;
+}
+
+(rulename="Libexec",)
+{
+  /usr/libexec -> $(IgnoreNone) -a;
+}
+
+(rulename="Admin binaries",)
+{
+  /sbin -> $(IgnoreNone) -a;
+  /usr/sbin -> $(IgnoreNone) -a;
+}
+
+(rulename="Libraries",)
+{
+  /lib -> $(IgnoreNone) -a;
+  /usr/lib -> $(IgnoreNone) -a;
+  /usr/local/lib -> $(IgnoreNone) -a;
+}
+
+(rulename="Etc",)
+{
+  /etc -> $(IgnoreNone) -a;
+  /usr/local/etc -> $(IgnoreNone) -a;
+}
+
+(rulename="Dev",)
+{
+  /dev -> $(Device);
+}
+
+(rulename="Tmp",)
+{
+  /tmp -> $(Temporary);
+  /var/tmp -> $(Temporary);
+  /usr/tmp -> $(Temporary);
+}
+
+(rulename="Log",)
+{
+  /var/log -> $(Growing);
+}