I too ran in that bug many times since Ubuntu 16.04.
In most cases, all I had to do is remove a few directories from the
twpol.txt file and it would work again.
However, if any file gets created anywhere with what getpwuid()
considers an unknown user, we end up with a SEGV. That means tripwire
stops to work at that point. This happens if a file in the directories
defined in twpol.txt has a user identifier that is not in the
/etc/passwd file. You could, for example, try to do so to replicate the
issue:
touch /etc/my-test-file
chown 555 /etc/my-test-file
and then run `tripwire --init` or a similar command and it is going to
SEGV (at least if the glibc do not match 100%). It happens to me on
Ubuntu 22.04 even though I just recompiled and installed the package or
tried with the src/tripwire binary from within the build tree.
So as Ben mentioned, we should get rid of the --enable-static command
line option because the getpwuid() will anyway load shared libraries so
it is anyway not trustworthy.
