diff options
Diffstat (limited to 'security/tripwire/files/tw.conf.freebsd')
-rw-r--r-- | security/tripwire/files/tw.conf.freebsd | 153 |
1 files changed, 153 insertions, 0 deletions
diff --git a/security/tripwire/files/tw.conf.freebsd b/security/tripwire/files/tw.conf.freebsd new file mode 100644 index 00000000000..f4388efc2da --- /dev/null +++ b/security/tripwire/files/tw.conf.freebsd @@ -0,0 +1,153 @@ +# $NetBSD: tw.conf.freebsd,v 1.1 2003/10/02 07:13:27 martti Exp $ +# Original Id: tw.conf.386bsd,v 1.1 1993/11/22 06:38:01 genek Exp +# +# tripwire.config +# Generic version for NetBSD +# Will need editing...see comments below +# +# This file contains a list of files and directories that System +# Preener will scan. Information collected from these files will be +# stored in the tripwire.database file. +# +# Format: [!|=] entry [ignore-flags] +# +# where: '!' signifies the entry is to be pruned (inclusive) from +# the list of files to be scanned. +# '=' signifies the entry is to be added, but if it is +# a directory, then all its contents are pruned +# (useful for /tmp). +# +# where: entry is the absolute pathname of a file or a directory +# +# where ignore-flags are in the format: +# [template][ [+|-][pinugsam12] ... ] +# +# - : ignore the following atributes +# + : do not ignore the following attributes +# +# p : permission and file mode bits a: access timestamp +# i : inode number m: modification timestamp +# n : number of links (ref count) c: inode creation timestamp +# u : user id of owner 1: signature 1 +# g : group id of owner 2: signature 2 +# s : size of file +# +# +# Ex: The following entry will scan all the files in /etc, and report +# any changes in mode bits, inode number, reference count, uid, +# gid, modification and creation timestamp, and the signatures. +# However, it will ignore any changes in the access timestamp. +# +# /etc +pinugsm12-a +# +# The following templates have been pre-defined to make these long ignore +# mask descriptions unecessary. +# +# Templates: (default) R : [R]ead-only (+pinugsm12-a) +# L : [L]og file (+pinug-sam12) +# N : ignore [N]othing (+pinusgsamc12) +# E : ignore [E]verything (-pinusgsamc12) +# +# By default, Tripwire uses the R template -- it ignores +# only the access timestamp. +# +# You can use templates with modifiers, like: +# Ex: /etc/lp E+ug +# +# Example configuration file: +# /etc R # all system files +# !/etc/lp R # ...but not those logs +# =/tmp N # just the directory, not its files +# +# Note the difference between pruning (via "!") and ignoring everything +# (via "E" template): Ignoring everything in a directory still monitors +# for added and deleted files. Pruning a directory will prevent Tripwire +# from even looking in the specified directory. +# +# +# Tripwire running slowly? Modify your tripwire.config entries to +# ignore the (signature 2) attribute when this computationally-exorbitant +# protection is not needed. (See README and design document for further +# details.) +# + +# First, root's "home" +=/ L +/root/.rhosts R # may not exist +/root/.profile R # may not exist +/root/.cshrc R # may not exist +/root/.login R # may not exist +/root/.exrc R # may not exist +/root/.logout R # may not exist +/root/.emacs R # may not exist +/root/.forward R # may not exist +/root/.netrc R # may not exist + +# Unix itself +/kernel +/boot/kernel/kernel R + +# /bin and exceptions +/bin R-2 +/bin/rcp R + +# /dev +/dev L + +# you need this if you have /dev/fd mounted as a fdesc filesystem +=/dev/fd R + +# /etc and exceptions +/etc R-2 +/etc/mail/aliases L +/etc/disktab L +/etc/dumpdates L +/etc/master.passwd L +/etc/motd L +/etc/passwd L +/etc/pwd.db L +/etc/spwd.db L +/etc/periodic/daily L +/etc/periodic/monthly L +/etc/periodic/weekly L + +# /home +=/home + +# /root +/root R-2 +/root/.history L + +# /sbin +/sbin R-2 + +# /usr/bin +/usr/bin R-2 + +/usr/include R-12 + +/usr/lib R-2 + +/usr/libexec R-2 + +/usr/local/bin R-2 + +/usr/local/etc L + +/usr/sbin R-2 + +/usr/src/bin R-2 +/usr/src/lib R-2 +/usr/src/libexec R-2 +/usr/src/sbin R-2 +/usr/src/usr.bin R-2 +/usr/src/usr.sbin R-2 +/usr/src/sys R-2 +!/usr/src/sys/i386/compile +!/usr/src/sys/i386/conf + +# packages... +=@localbase@ +=@x11base@ + +########################################### |