twadmin -m P -S /etc/tripwire/site.key /etc/tripwire/twpol.txt That's a lot to have to type for a simple rebuild. Since (most of the time) the same keys and same policy files will be used, how about if you make a Makefile in /etc/tripwire, much like is done in /etc/mail, to rebuild these files more easily? Additional Information:
Sounds fairly reasonable to me. Will consider for a future release. Thanks.
I think that the folowing features would be very usefull option in tripwire: 1: identify files that don't belong to any RPM package. Most of the trojen horse type files are not part of any package. 2: generate checksumm "sum -s <file_name>" and compare to checksum stored in RPM database --- #!/bin/bash # # Check Linux filesystem for files that don't belong to any package # #for i in bin boot dev etc home lib misc mnt opt proc root sbin tmp usr var; do for i in bin boot etc lib misc mnt opt proc root sbin usr var; do echo "# $i - Files not owned by any package" >/tmp/rpm_$i.lst find /$i -exec rpm -qf {} 2>&1 \; |awk '/^file / {print $2}' >>/tmp/rpm_$i.lst done ----
Deferring for future consideration. If someone supplies a patch, etc. it could help speed up this possible enhancement.
Closing bug, since tripwire hasn't been shipped for so long.