Additional tripwire rules
This commit is contained in:
Bob Mottram
parent
32d89e951f
commit
4efb04dce5
|
|
@ -124,6 +124,13 @@ function install_tripwire {
|
|||
if ! grep -q '!/usr/local/lib/node_modules' /etc/tripwire/twpol.txt; then
|
||||
sed -i '\|/etc\t\t->.*|a\ !/usr/local/lib/node_modules ;' /etc/tripwire/twpol.txt
|
||||
fi
|
||||
# Events here are likely due to USB HRNG activity
|
||||
if ! grep -q '!/dev/char' /etc/tripwire/twpol.txt; then
|
||||
sed -i '\|/dev\t\t->.*|a\ !/dev/char ;' /etc/tripwire/twpol.txt
|
||||
fi
|
||||
if ! grep -q '!/dev/bus/usb' /etc/tripwire/twpol.txt; then
|
||||
sed -i '\|/dev\t\t->.*|a\ !/dev/bus/usb ;' /etc/tripwire/twpol.txt
|
||||
fi
|
||||
|
||||
# Not much is in /usr/local/bin other than project commands and avoiding it removes
|
||||
# problems with updates. This is a tradeoff, but not by much.
|
||||
|
|
|
|||
Loading…
Reference in New Issue