10 gadus atpakaļ · 552fda2e66
--- a/beaglebone.txt
+++ b/beaglebone.txt
@@ -7158,33 +7158,19 @@ Set *SYSLOGREPORTING* to false and comment out the line, then save and exit.
 
				 editor /etc/tripwire/twpol.txt
			
 
				 #+END_SRC
			
 
				 
			
 
				-Comment out the lines:
			
 
				-
			
 
				-#+BEGIN_SRC: bash
			
 
				-	/var/log		-> $(SEC_CONFIG) ;
			
 
				-	/proc		-> $(Device) ;
			
 
				-	/root/.xsession-errors		-> $(SEC_CONFIG) ;
			
 
				-	/root/.xauth			-> $(SEC_CONFIG) ;
			
 
				-	/root/.gnome_private		-> $(SEC_CONFIG) ;
			
 
				-	/root/.gnome-desktop		-> $(SEC_CONFIG) ;
			
 
				-	/root/.gnome			-> $(SEC_CONFIG) ;
			
 
				-	/root/.Xresources		-> $(SEC_CONFIG) ;
			
 
				-	/root/.Xauthority		-> $(SEC_CONFIG) -i ;
			
 
				-	/root/mail			-> $(SEC_CONFIG) ;
			
 
				-	/root/Mail			-> $(SEC_CONFIG) ;
			
 
				-	/root/.ICEauthority		    -> $(SEC_CONFIG) ;
			
 
				-	/etc/rc.boot		-> $(SEC_BIN) ;
			
 
				-	/root/.tcshrc			-> $(SEC_CONFIG) ;
			
 
				-	/root/.sawfish			-> $(SEC_CONFIG) ;
			
 
				-	/root/.pinerc			-> $(SEC_CONFIG) ;
			
 
				-	/root/.mc			-> $(SEC_CONFIG) ;
			
 
				-	/root/.elm			-> $(SEC_CONFIG) ;
			
 
				-	/root/.cshrc		        -> $(SEC_CONFIG) ;
			
 
				-	/root/.bash_logout		-> $(SEC_CONFIG) ;
			
 
				-	/root/.bash_profile		-> $(SEC_CONFIG) ;
			
 
				-	/root/.amandahosts		-> $(SEC_CONFIG) ;
			
 
				-	/root/.addressbook.lu		-> $(SEC_CONFIG) ;
			
 
				-	/root/.addressbook		-> $(SEC_CONFIG) ;
			
 
				+Edit the "Root config files" section so that it looks like this:
			
 
				+
			
 
				+#+BEGIN_SRC: bash
			
 
				+# These files change the behavior of the root account
			
 
				+(
			
 
				+  rulename = "Root config files",
			
 
				+  severity = 100
			
 
				+)
			
 
				+{
			
 
				+	/root				-> $(SEC_CRIT) ; # Catch all additions to /root
			
 
				+	/root/.bashrc			-> $(SEC_CONFIG) ;
			
 
				+	/root/.bash_history		-> $(SEC_CONFIG) ;
			
 
				+}
			
 
				 #+END_SRC
			
 
				 
			
 
				 Then save and exit.