After conversing with Tavis Omanda (the package manger of tripwire) I'm entering this to let people know that I'm working on an enhancment for Gentoo tripwire configuration. Basically: 1) There will be a directory "/etc/tripwire/policy.d" that will contain individual files that are aggregated to form "twpol.txt". A script will be written to do this. 2) The will be a directory "/usr/lib/tripwire.cfg" that will contain gentoo package specific policy "templates" (one for each package that is considered important enough to have such a template). 2.1) The template files will have "version sections" so that as packages change significantly the templates can handle different versions 2.2) The templates will select files for various rules and security classifications using wild-cards 2.3) There will be a script that compares the templates with what is actually installed on the machine and generates files from the template and installs it in /etc/tripwire/policy.d. I need to workout a way to detect that the user has overridden the file with their own settings and not overwrite it. Any suggestions or comments, please add to this bug. Paul S. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Any advances on this? it looks like exactly what I'd like to have; would save a LOT of time!
Is this bug/feature/enhancement dead? My brain tells me so, but my heart is hoping otherwise...
Nothing to see here.