Improve the tripwire policy

2015-03-01 11:14:06 +00:00 · 2015-03-01 11:14:06 +00:00 · 7979839cc3
parent 4fd8c901b2
commit 7979839cc3
1 changed files with 5 additions and 1 deletions
--- a/src/freedombone
+++ b/src/freedombone
@ -8038,8 +8038,12 @@ function intrusion_detection {
  chmod +x /usr/bin/reset-tripwire

  reset-tripwire
-  sed -i 's/SYSLOGREPORTING =true/#SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt
+  sed -i 's/SYSLOGREPORTING.*/SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt
  sed -i '/# These files change the behavior of the root account/,/}/ s/.*//g' /etc/tripwire/twpol.txt
+  # Don't show any changes to /proc
+  sed -i 's|/proc.*||g' /etc/tripwire/twpol.txt
+  # Don't report log changes
+  sed -i 's|/var/log.*||g' /etc/tripwire/twpol.txt
  reset-tripwire

  echo 'intrusion_detection' >> $COMPLETION_FILE