|
|
|
|
@ -41,7 +41,7 @@ Now it's time to configure which files & directories OST will monitor. A few si
|
|
|
|
|
The Tripwire policy language is documented in detail in the **twpolicy(4)** manual page, and default policies for most common operating systems are available in the OST project's policy subdirectory.
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
./twadmin --create-polfile -S /etc/tripwire/twpol.txt
|
|
|
|
|
./twadmin --create-polfile -S /path/to/site.key /etc/tripwire/twpol.txt
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### Creating a baseline
|
|
|
|
|
@ -129,8 +129,7 @@ The ```--enable-static``` option causes the build to create statically linked bi
|
|
|
|
|
Note that Linux systems that use NSS for name lookups will still employ shared libraries behind the scenes even when the OST binaries are statically linked. There have been occasional reports of segfaults when trying to do a name lookup in these circumstances, particularly when the binary was built on a different machine or it's trying to do an LDAP or NIS name lookup. If this occurs, there are two ways to work around it: Either switch to dynamic binaries, or set the Tripwire config file option ```RESOLVE_IDS_TO_NAMES=false```, which tells OST to just watch numeric user & group IDs and not perform name lookups.
|
|
|
|
|
|
|
|
|
|
If the configure or make step fails with errors about the automake/autoconf version, it may be necessary to run the script
|
|
|
|
|
```
|
|
|
|
|
./touchconfig.sh```
|
|
|
|
|
```./touchconfig.sh```
|
|
|
|
|
before building the project. This script simply touches files in the correct order such that their last change times are not all identical, and that they're different in the right order.
|
|
|
|
|
|
|
|
|
|
Then just
|
|
|
|
|
|
Brian Cox