diff options
author | agc <agc> | 1998-11-17 16:27:25 +0000 |
---|---|---|
committer | agc <agc> | 1998-11-17 16:27:25 +0000 |
commit | ad5d3449473964f0f16bb40d5f3ad1b5b398f4f7 (patch) | |
tree | a058cdb593c72939aa1077ce1fcaca4dfa1f7503 /security/tripwire/files | |
parent | ecc7a19348b749b297fa68bcda2a8a20d25506e4 (diff) | |
download | pkgsrc-ad5d3449473964f0f16bb40d5f3ad1b5b398f4f7.tar.gz |
Initial import of tripwire-1.2, a file and directory integrity checker,
into the NetBSD Packages Collection.
Diffstat (limited to 'security/tripwire/files')
-rw-r--r-- | security/tripwire/files/conf-netbsd.h | 54 | ||||
-rw-r--r-- | security/tripwire/files/md5 | 3 | ||||
-rw-r--r-- | security/tripwire/files/tw.conf.netbsd | 150 |
3 files changed, 207 insertions, 0 deletions
diff --git a/security/tripwire/files/conf-netbsd.h b/security/tripwire/files/conf-netbsd.h new file mode 100644 index 00000000000..8a93506e606 --- /dev/null +++ b/security/tripwire/files/conf-netbsd.h @@ -0,0 +1,54 @@ +/* Original Id: conf-bsd.h,v 1.2 1993/08/19 05:26:52 genek Exp */ + +/* + * conf-bsd.h + * + * Tripwire configuration file + * + * Gene Kim + * Purdue University + */ + +/*** + *** Operating System specifics + *** + *** If the answer to a question in the comment is "Yes", then + *** change the corresponding "#undef" to a "#define" + ***/ + +/* + * is your OS a System V derivitive? if so, what version? + * (e.g., define SYSV 4) + */ + +#undef SYSV + +/* + * does your system have a <malloc.h> like System V? + */ + +#undef MALLOCH + +/* + * does your system have a <stdlib.h> like POSIX says you should? + */ + +#define STDLIBH + +/* + * does your system use readdir(3) that returns (struct dirent *)? + */ + +#define DIRENT + +/* + * is #include <string.h> ok? (as opposed to <strings.h>) + */ + +#define STRINGH + +/* + * does your system have gethostname(2) (instead of uname(2))? + */ + +#define GETHOSTNAME diff --git a/security/tripwire/files/md5 b/security/tripwire/files/md5 new file mode 100644 index 00000000000..3ca426e0cab --- /dev/null +++ b/security/tripwire/files/md5 @@ -0,0 +1,3 @@ +$NetBSD: md5,v 1.1.1.1 1998/11/17 16:27:25 agc Exp $ + +MD5 (tripwire-1.2.tar.Z) = c82e0327e0caa1821e3e564fa1938d88 diff --git a/security/tripwire/files/tw.conf.netbsd b/security/tripwire/files/tw.conf.netbsd new file mode 100644 index 00000000000..8c8e0b27fa5 --- /dev/null +++ b/security/tripwire/files/tw.conf.netbsd @@ -0,0 +1,150 @@ +# $NetBSD: tw.conf.netbsd,v 1.1.1.1 1998/11/17 16:27:25 agc Exp $ +# Original Id: tw.conf.386bsd,v 1.1 1993/11/22 06:38:01 genek Exp +# +# tripwire.config +# Generic version for NetBSD +# Will need editing...see comments below +# +# This file contains a list of files and directories that System +# Preener will scan. Information collected from these files will be +# stored in the tripwire.database file. +# +# Format: [!|=] entry [ignore-flags] +# +# where: '!' signifies the entry is to be pruned (inclusive) from +# the list of files to be scanned. +# '=' signifies the entry is to be added, but if it is +# a directory, then all its contents are pruned +# (useful for /tmp). +# +# where: entry is the absolute pathname of a file or a directory +# +# where ignore-flags are in the format: +# [template][ [+|-][pinugsam12] ... ] +# +# - : ignore the following atributes +# + : do not ignore the following attributes +# +# p : permission and file mode bits a: access timestamp +# i : inode number m: modification timestamp +# n : number of links (ref count) c: inode creation timestamp +# u : user id of owner 1: signature 1 +# g : group id of owner 2: signature 2 +# s : size of file +# +# +# Ex: The following entry will scan all the files in /etc, and report +# any changes in mode bits, inode number, reference count, uid, +# gid, modification and creation timestamp, and the signatures. +# However, it will ignore any changes in the access timestamp. +# +# /etc +pinugsm12-a +# +# The following templates have been pre-defined to make these long ignore +# mask descriptions unecessary. +# +# Templates: (default) R : [R]ead-only (+pinugsm12-a) +# L : [L]og file (+pinug-sam12) +# N : ignore [N]othing (+pinusgsamc12) +# E : ignore [E]verything (-pinusgsamc12) +# +# By default, Tripwire uses the R template -- it ignores +# only the access timestamp. +# +# You can use templates with modifiers, like: +# Ex: /etc/lp E+ug +# +# Example configuration file: +# /etc R # all system files +# !/etc/lp R # ...but not those logs +# =/tmp N # just the directory, not its files +# +# Note the difference between pruning (via "!") and ignoring everything +# (via "E" template): Ignoring everything in a directory still monitors +# for added and deleted files. Pruning a directory will prevent Tripwire +# from even looking in the specified directory. +# +# +# Tripwire running slowly? Modify your tripwire.config entries to +# ignore the (signature 2) attribute when this computationally-exorbitant +# protection is not needed. (See README and design document for further +# details.) +# + +# First, root's "home" +=/ L +/root/.rhosts R # may not exist +/root/.profile R # may not exist +/root/.cshrc R # may not exist +/root/.login R # may not exist +/root/.exrc R # may not exist +/root/.logout R # may not exist +/root/.emacs R # may not exist +/root/.forward R # may not exist +/root/.netrc R # may not exist + +# Unix itself +/netbsd R + +# /bin and exceptions +/bin R-2 +/bin/rcp R + +# /dev +/dev L + +# /etc and exceptions +/etc R-2 +/etc/aliases L +/etc/daily L +/etc/disktab L +/etc/dumpdates L +/etc/master.passwd L +/etc/monthly L +/etc/motd L +/etc/passwd L +/etc/pwd.db L +/etc/spwd.db L +/etc/uucp L +/etc/weekly L + +# /home +=/home + +# /root +/root R-2 +/root/.history L + +# /sbin +/sbin R-2 + +# /usr/bin +/usr/bin R-2 + +/usr/include R-12 + +/usr/lib R-2 + +/usr/libexec R-2 + +/usr/local/bin R-2 + +/usr/local/etc L + +/usr/sbin R-2 + +/usr/src/bin R-2 +/usr/src/lib R-2 +/usr/src/libexec R-2 +/usr/src/sbin R-2 +/usr/src/usr.bin R-2 +/usr/src/usr.sbin R-2 +/usr/src/sys R-2 +!/usr/src/sys/arch/i386/compile +!/usr/src/sys/arch/i386/conf + +# packages... +=@localbase@ +=@x11base@ + +########################################### |