Summary: Checks to see if files have changed on your system. Summary(ja): システムが改ざんされていないか検査するツール Name: tripwire Version: 1.2 Release: 5vl2 License: BSD Group: Applications/System Source0: ftp://ftp.cert.org/pub/tools/tripwire/tripwire-1.2.tar.Z Source2: tripwire.verify Patch0: tripwire-1.2-rhlinux.patch Patch1: tripwire-1.2-security.patch ExclusiveArch: %{ix86} sparc BuildRoot: %{_tmppath}/%{name}-%{version}-root Vendor: Project Vine Distribution: Vine Linux %description Tripwire is a very valuable security tool for Linux systems, if it is installed to a clean system. Tripwire should be installed right after the OS installation, and before you have connected your system to a network (i.e., before any possibility exists that someone could alter files on your system). When Tripwire is initially set up, it creates a database that records certain file information. Then when it is run, it compares a designated set of files and directories to the information stored in the database. Added or deleted files are flagged and reported, as are any files that have changed from their previously recorded state in the database. When Tripwire is run against system files on a regular basis, any file changes will be spotted when Tripwire is run. Tripwire will report the changes, which will give system administrators a clue that they need to enact damage control measures immediately if certain files have been altered. Extra-paranoid Tripwire users will set it up to run once a week and email the results to themselves. Then if the emails stop coming, you'll know someone has gotten to the Tripwire program... %description -l ja tripwire は「私のシステムは昨日と同じだろうか?」という基本的な疑問に 答えるツールです。tripwire は設定されたポリシーに従ってファイルやその 性質の暗号化されたデータベースを作成します。このデータベースは、シス テムに対して何らかの不信な変更が加えられていないかを検証するために用い られます。 %prep %setup -q -c tar -C .. -xf T1.2.tar %patch0 -p1 -b .sopwith %patch1 -p1 -b .mike %build make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -ggdb" %install rm -rf %{buildroot} mkdir -p %{buildroot}/usr/sbin mkdir -p %{buildroot}%{_mandir}/man{1,5,8} mkdir -p %{buildroot}/etc/cron.daily mkdir -p %{buildroot}/var/spool/tripwire make TOPDIR=%{buildroot} MANDIR=%{buildroot}%{_mandir} install install -m 600 lib/tw.config %{buildroot}/etc/tw.config install -m 700 $RPM_SOURCE_DIR/tripwire.verify %{buildroot}/etc/cron.daily chmod 700 %{buildroot}/var/spool/tripwire chmod 700 %{buildroot}/usr/sbin/* chmod -R 644 FAQ Changelog INTERNALS README README.FIRST Readme chmod -R 644 TODO WHATSNEW docs/* chmod 755 docs #%post #cd /var/spool/tripwire #(/usr/sbin/tripwire -initialize 2>&1 | \ # /bin/mail -s "Tripwire initialization report" root ) \ # && mv databases/tw.db_* . && rm -rf databases & %clean rm -rf %{buildroot} %files %defattr(-,root,root) %doc FAQ Changelog INTERNALS README README.FIRST Readme TODO WHATSNEW docs %dir /var/spool/tripwire %config /etc/tw.config %config /etc/cron.daily/tripwire.verify /usr/sbin/tripwire /usr/sbin/siggen %{_mandir}/man5/tw.config.5* %{_mandir}/man8/tripwire.8* %{_mandir}/man8/siggen.8* %changelog * Thu Feb 07 2002 Toru Sagami 1.2-5vl2 - install man pages into %%{_mandir} - ExclusiveArch: %%{ix86} instead of i386 * Thu Sep 21 2000 Yoshihiro Kajiki - 1.2-5vl1 rebuild for VineSeed based on powertool's [1.2-5] - add Japanese summarys and descriptions * Thu Jan 13 2000 Tim Powers - commented out the post initialization script, was tripping people up. * Thu Jul 22 1999 Tim Powers - rebuilt for 6.1 * Thu Feb 11 1999 Michael Maher - added security patch for bug #693 * Thu Sep 10 1998 Michael Maher - built package from elliot's