Bug 54867 - Default policy file references files that do not exist
Default policy file references files that do not exist
Status: CLOSED DUPLICATE of bug 75999
Product: Red Hat Public Beta
Classification: Retired
Component: tripwire (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Jeff Johnson
Depends On:
  Show dependency treegraph
Reported: 2001-10-21 23:15 EDT by Alexandre Oliva
Modified: 2007-04-18 12:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2002-08-09 16:46:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Alexandre Oliva 2001-10-21 23:15:02 EDT
The default policy file installed with tripwire references a number of
files that are not part of Red Hat Linux (i.e., that aren't installed in a
full installation).  As soon as tripwire is enabled, it starts sending
e-mail every day containing a long list of `File system errors'.

IMO, tripwire should add negative entries in its database and not report
the errors of the file.  If this is not possible, we could at least have a
more generic policy file that would give us as much security, possibly at
the expense of unnecessary checks, but that would not result in such large
and confusing reports.

Another problem in the default policy file is that it will report changes
in log files in /var/log, which is pretty much useless.  It seems to me
that such files should be configured as SEC_LOG, not SEC_CONFIG.
Comment 1 Jeff Johnson 2002-11-16 16:28:01 EST

*** This bug has been marked as a duplicate of 75999 ***
Comment 2 Damian Menscher 2003-11-29 22:02:16 EST
First off, this is NOT a duplicate of 75999.  That bug is about not 
checking files in /etc/pam.d, while this one is about checking files 
that don't exist in /bin and elsewhere.

Secondly, can this be fixed?  It's highly annoying to have to spend 
hours tuning the default policy for every new box.

Note You need to log in before you can comment on or make changes to this bug.