Additional tripwire rules

src/freedombone-base-tripwire

@@ -124,6 +124,13 @@ function install_tripwire {
     if ! grep -q '!/usr/local/lib/node_modules' /etc/tripwire/twpol.txt; then
         sed -i '\|/etc\t\t->.*|a\    !/usr/local/lib/node_modules ;' /etc/tripwire/twpol.txt
     fi
+    # Events here are likely due to USB HRNG activity
+    if ! grep -q '!/dev/char' /etc/tripwire/twpol.txt; then
+        sed -i '\|/dev\t\t->.*|a\    !/dev/char ;' /etc/tripwire/twpol.txt
+    fi
+    if ! grep -q '!/dev/bus/usb' /etc/tripwire/twpol.txt; then
+        sed -i '\|/dev\t\t->.*|a\    !/dev/bus/usb ;' /etc/tripwire/twpol.txt
+    fi
 
     # Not much is in /usr/local/bin other than project commands and avoiding it removes
     # problems with updates. This is a tradeoff, but not by much.