Installation guide

ManualsBrandsPythonQ ManualsIndustrial248-8XX

141

142

143

144

145

146

147

148

149

150

Chapter 11. Tripwire 147

2. If the CD-ROM does not automatically mount, type the following command:

mount /mnt/cdrom

3. Verify that the tripwire RPM is on the CD-ROM by typing:

ls /mnt/cdrom/RedHat/RPMS/ | grep tripwire

If the RPM is on the CD-ROM, this command will display the package name.

If the RPM is not on the CD-ROM, the shell prompt will return. In this case, you will need

to check CD 3 and, possibly, CD 1 of the Red Hat Linux 8.0 installation CD-ROMs by ﬁrst

unmounting the CD-ROM then repeating steps one through three.

Unmount the CD-ROM by right-clicking on the CD-ROM icon and selecting Eject or by typing

the following command at the shell prompt:

umount /mnt/cdrom

4. Once you have located the tripwire RPM, install it by typing the following command as the

root user:

rpm -Uvh /mnt/cdrom/RedHat/RPMS/tripwire*.rpm

In the /usr/share/doc/tripwire-

version-number / directory, you will ﬁnd release notes

and README ﬁles for Tripwire. These documents contain important information about the default

policy ﬁle and other topics.

11.3. Customizing Tripwire

After you have installed the Tripwire RPM, you need to complete the following steps to initialize the

software:

11.3.1. Edit /etc/tripwire/twcfg.txt

Although you are not required to edit this sample Tripwire conﬁguration ﬁle, you may ﬁnd it necessary

for your situation. For instance you may want to alter the location of Tripwire ﬁles, customize email

settings, or customize the level of detail for reports.

Below is a list of required user conﬁgurable variables in the /etc/tripwire/twcfg.txt ﬁle:

• POLFILE — Speciﬁes the location of the policy ﬁle; /etc/tripwire/tw.pol is the default value.

• DBFILE — Speciﬁes the location of the database ﬁle; /var/lib/tripwire/$(HOSTNAME).twd

is the default value.

• REPORTFILE — Speciﬁes the location of the report ﬁles. By default this value is set to

/var/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr.

• SITEKEYFILE — Speciﬁes the location of the site key ﬁle; /etc/tripwire/site.key is the

default value.

• LOCALKEYFILE — Speciﬁes the location of the local key ﬁle; /etc/tripwire/$(HOSTNAME)-

local.key is the default value.

Important

If you edit the conﬁguration ﬁle and leave any of the above variables undeﬁned, the conﬁguration ﬁle

will be invalid. If this occurs, when you execute the tripwire command it will report an error and exit.

The rest of the conﬁgurable variables in the sample /etc/tripwire/twcfg.txt ﬁle are optional.

These include the following: