From 7979839cc3974a1f4b91cabc3fc42b43220c8fdb Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sun, 1 Mar 2015 11:14:06 +0000
Subject: [PATCH] Improve the tripwire policy

---
 src/freedombone | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/freedombone b/src/freedombone
index f007ec5f..594cad5f 100755
--- a/src/freedombone
+++ b/src/freedombone
@@ -8038,8 +8038,12 @@ function intrusion_detection {
   chmod +x /usr/bin/reset-tripwire
 
   reset-tripwire
-  sed -i 's/SYSLOGREPORTING =true/#SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt
+  sed -i 's/SYSLOGREPORTING.*/SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt
   sed -i '/# These files change the behavior of the root account/,/}/ s/.*//g' /etc/tripwire/twpol.txt
+  # Don't show any changes to /proc
+  sed -i 's|/proc.*||g' /etc/tripwire/twpol.txt
+  # Don't report log changes
+  sed -i 's|/var/log.*||g' /etc/tripwire/twpol.txt
   reset-tripwire
 
   echo 'intrusion_detection' >> $COMPLETION_FILE