tripwire - Ryan Bergauer

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Ryan Bergauer" <privateryan@mindspring.com>
To: <selinux@tycho.nsa.gov>
Subject: tripwire
Date: Thu, 18 Jul 2002 16:02:46 -0500	[thread overview]
Message-ID: <000501c22e9e$7807c200$0300a8c0@donkey> (raw)

[-- Attachment #1: Type: text/plain, Size: 1206 bytes --]

I just installed Tripwire on my SELinux play box. I have no problem
doing an integrity check when I'm logged in as root and newroled into
sysadm_r. However, the default system cron job for integrity checking
fails miserably because system_crond_t isn't granted the permissions
necessary to check and sign most files on my system (and with good
reason.) My first thought was to create a domain just for Tripwire, but
unfortunately, the fact that Tripwire needs access to just about every
file type on the disk results in a domain that not only would take quite
some time to create, but would also require a fair degree of
maintenance. Creating a cron job run by a user also appears out of the
question, since my sysadm has no root access, and root runs user_crond_t
cron jobs by default (which I feel would be wise to keep that way.)

Either I'm overlooking something (very likely) or I'm going to have to
suck it up and write that Tripwire domain. Any suggestions? If the
Tripwire domain is the answer, are there any good ways to give it a
large number of privileges very quickly?

Thanks in advance - you guys are a huge help! I appreciate you bearing
with those of us still getting used to this.
-Ryan

[-- Attachment #2: Type: text/html, Size: 4773 bytes --]

next             reply	other threads:[~2002-07-18 21:02 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-07-18 21:02 Ryan Bergauer [this message]
2002-07-18 21:33 ` tripwire Shaun Savage
2002-07-18 23:33   ` tripwire Ed Street
2002-07-22 11:45 ` tripwire Stephen Smalley

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='000501c22e9e$7807c200$0300a8c0@donkey' \
    --to=privateryan@mindspring.com \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.