Embedded Files
There are times where you want to update the tripwire policy after a system update. This section guides you on how to update the policy file (tw.pol).
Regenerate Policy File
Regenerate Policy File
The first step is to regenerate the policy file. you can execute the following:
$ twadmin --print-polfile > twpol.txtThis regenerate the txpol.txt for your use.
Update Your Policy
Update Your Policy
Once done, you may update your policy file accordingly in the re-generated twpol.txt.
Regenerate Database and Policy File
Regenerate Database and Policy File
Upon completions, you may now regenerate the policy file and database.
Delete Existing Database and Policy File
Delete Existing Database and Policy File
The first thing you need to do is to delete the database and policy file. This can be done using root account by:
$ rm /etc/tripwire/tw.pol$ rm /var/lib/tripwire/<hostname>.twdSign The New Policy File
Sign The New Policy File
Once done, you can re-sign the twpol.txt file inside /etc/tripwire.
$ cd /etc/tripwire$ twadmin --create-polfile --cfgfile tw.cfg --site-keyfile site.key twpol.txtInitialize New Database Again
Initialize New Database Again
with tw.pol ready, you can reinitialize the database. This is done by:
$ tripwire --initTest Run
Test Run
With the new database ready, you can double check its function:
$ tripwire --check --email-reportRemove Plaintext Policy File
Remove Plaintext Policy File
Lastly, you can remove the plaintext policy file.
$ rm twpol.txtThat's all for updating tripwire policy file.
Page updated
Google Sites
Report abuse