You want to view Tripwire’s policy or configuration, but they are stored in non-human-readable, binary files, or they are missing.
Generate the active configuration file:
# cd /etc/tripwire # twadmin --print-cfgfile > twcfg.txt
Generate the active policy file:
# cd /etc/tripwire # twadmin --print-polfile > twpol.txt
Tripwire’s active configuration file tw.cfg and policy file tw.pol are encrypted and signed and therefore non-human-readable. To view them, you must first convert them to plaintext.
Tripwire’s documentation advises you to delete the plaintext versions of the configuration and policy after re-signing them. If your plaintext files were missing to start with, this is probably why.
Although you can redirect the output of twadmin to any files you like, remember that twinstall.sh requires the plaintext policy and configuration files to have the names we used, twcfg.txt and twpol.txt. [Recipe 1.1]
Get Linux Security Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
