Red Hat Linux 7.1: The Official Red Hat Linux Reference Guide
Prev	Chapter 10. Installing and Configuring Tripwire	Next

Modifying the Policy File

You can specify how Tripwire checks your system by modifying the Tripwire policy file (twpol.txt). Modifying the policy file to your particular system configuration increases the usefulness of Tripwire reports by minimizing false alerts for files or programs you aren't using but Tripwire is still reporting as altered or missing.

Locate the default policy file at /etc/tripwire/twpol.txt. An example policy file (located at /usr/share/doc/tripwire-<version-number>/policyguide.txt) is included to help you learn the policy language. Read the example policy file for instructions on how to edit the default policy file.

If you modify the policy file immediately after installing the tripwire package, be sure to type /etc/tripwire/twinstall.sh to run the configuration script. This script signs the modified policy file and renames it to tw.pol. This is the active policy file used by the tripwire program when it executes.

If you modify the sample policy file after running the configuration script, see the section called Updating the Policy File for instructions on signing it to make the required tw.pol file.

	Note
	If you modify the sample policy file, it will not be used by Tripwire until it is signed, encrypted and made into the new `/etc/tripwire/tw.pol` file (see the section called Updating the Policy File).

Prev	Home	Next
Tripwire Components	Up	Selecting Passphrases