* N. Raghavendra ([EMAIL PROTECTED]) spake thusly: > Hello debian-user, > > I have just installed the tripwire package. Two questions: > > 1. The directory /usr/lib/tripwire/databases was empty, so I > created a database by doing 'tripwire -initialize'. It looks like > this is a necessary step, because /etc/cron.daily tripwire says > "do not run if there is no database file". I am puzzled about why > there was no instruction to do this during the installation or in > the README.debian file. Was I doing something unnecessary? > > 2. The file README.debian says, "Please make sure you make > /usr/lib/tripwire a read-only mount point." How do I do this? (It > is not a separate filesystem like /usr or /tmp.)
The idea is to have the database somewhere where Evil Hackers(tm) can't get to it. How you do it depends on your level of paranoia: from simply chattr +i /usr/lib/tripwire/databases/tw.db (lax security) to storing the database on a write-protected floppy, or burning it onto a CDR (paranoid setup). Presumably README refers to the paranoid option. Dima -- E-mail dmaziuk at bmrb dot wisc dot edu (@work) or at crosswinds dot net (@home) http://www.bmrb.wisc.edu/descript/gpgkey.dmaziuk.ascii -- GnuPG 1.0.4 public key I'm going to exit now since you don't want me to replace the printcap. If you change your mind later, run -- magicfilter config script