Tuesday, 12-Dec-2000 10:40:04 EST
Newbized Help Files articles discussion board bookshelf sensei's log advertising info

Installing and Configuring Tripwire 2.2.1 on SuSE 6.x

Home Page:


Tripwire is a straightforward tool with a single purpose: detect any variance in file integrity. This means that Tripwire can absolutely, unequivocally determine if a protected file has been altered in a way that violates the policy set by the administrator. Tripwire can also determine if files have been added to or deleted from protected system directories and much more.

Tripwire was written to work under Red Hat but with a few easy modifications to the install.cfg file and the policy text file you can make it work under SuSE 6.x.

With this NHF I have included a SuSE specific policy text file called suse.txt. The policy text file is used to create a Tripwire policy file. Note, since I do not have X on my system I removed references to the X files from the suse.txt file, if you want to add them back, just copy the X references from the twpol.txt file and add them to the suse.txt file. If your already confused don't worry, this is really easy and you'll understand more as you get further into this NHF.


1. Download a copy of Tripwire 2.2.1 from
2. Unpack the tar.gz file you downloaded. I unpacked mine into /tmp
3. cd /tmp or to the directory to which you unpacked Tripwire.
4. Edit the file install.cfg and change the value of TWEDITOR from "/bin/vi" to "/usr/bin/vi" Note: install.cfg will be opened as read only so when you make the changes and you exit use the command :wq!
6. Run the install script by typing ./
If your installing Tripwire onto a Linux distro other than RH 5.2 or 6.0 then you will get a warning message asking if you want to continue, just type y to continue.
7. Press Enter to view the license agreement.
8. Press q to exit the license agreement.
9. Type accept to accept the license agreement.
10. You will now get a message showing you where files will be copied to by default and it will ask if you want to continue. Type y then hit enter.
11. Enter a site keyfile passphrase of your choice.
12. Verify a site keyfile passphrase.
13. Enter a local keyfile passphrase of your choice.
14. Verify a local keyfile passphrase.
15. Enter the site keyfile passphrase when prompted.
16. Enter the site keyfile passphrase again.

That's it, Tripwire has been installed into /usr/TSS if you chose the default directory.

Create the Policy File:

The suse.txt file is used to generate the Tripwire policy file. If you edit this file you will see all of the files and directories that will be monitored by Tripwire. I would suggest getting a copy of the Tripwire pdf file to learn more about the features of the policy file.

1. Click here to get a copy of the suse.txt file.
2. Copy or download the suse.txt file to the /usr/TSS/policy directory.
3. Edit the suse.txt file and change the HOSTNAME to whatever your hostname is.
4. cd to /usr/TSS/bin
5. Enter this command ./twadmin --create-polfile ../policy/suse.txt
6. Enter your site passphrase when prompted.
You will now find a file called tw.pol in /usr/TSS/policy

Initialize the Tripwire Database

This is very easy.
1. cd /usr/TSS/bin
2. Run the command ./tripwire --init
3. Enter your local passphrase

You may get a warning that a file or directory does not exist. For example, the suse.txt policy file assumes your running Samba. If your not running Samba, you will get an error such as this:

### Warning: File system error.
### Filename: /etc/smb.conf
### No such file or directory
### Continuing....

You will get this error if you do not have this particular application or if the file is located in a different directory. You can do one of two things, vi the suse.txt file and remove the reference to the file and or directory that wasnt found or you can edit the suse.txt file and put the path to the file or directory. Once you do this, you will have to go back to step 4 under "CREATING THE POLICY FILE" then repeat the steps in "INITIALIZE THE TRIPWIRE DATABASE"

That's it, you have installed Tripwire, created the site policy file and initialized the database. If you havn't downloaded the Tripwire users guide in .pdf format I suggest you do since thise NHF doesnt cover how to operate Tripwire nor does this NHF cover all of Tripwires options.

Good luck and have fun!
Dr. SuSE
[-NHF Control Panel-]
The Linux Channel at
Linux Planet
Linux Today
Linux Central
Just Linux
Linux Programming
Linux Start
BSD Today
Apache Today
Enterprise Linux Today
BSD Central
All Linux Devices
[-What's New-]
Order a Linuxnewbie T-Shirt
Easy Webcam NHF
Directory Navigation NHF
Installing Snort 1.6.3 on SuSE 6.x-7.x
Customizing vim
The SysVinit NHF
Installing ALSA for the VT82C686 integrated sound
USB Creative Video Blaster II for Linux
Configuring the Intellimouse Explorer in XFree86 V4+
The beginnings of a distro NHF
Getting Past Carnivore?
Getting and Installing PGP
Getting your ATI Rage 128 Working
How to create a multiple partition system
Using Fdisk
Introduction to Programming in C/C++ with Vim
Adding a Hard drive in Linux -- In five steps
Installing ALSA for the Yamaha DS-XG Sound Card
Getting your Diamond Rio Mp3 Player to work with Linux
Bash Programming Cheat Sheet
Installing NVIDIA Drivers for Mandrake
Setting up Portsentry
Hard Drive Speed Tweak for Linux
Sensei's Log
Chat room
Join: SETI Black Belts!
Send in your news
Click the image to add to your MyNetscape Page
[-LNO Newsletter-]

The beginnings of a distro NHF
Connecting to the Internet using KPPP
Getting your SBLive to work
Unreal Tournament NHF
LWE Day 2 Pictures
LWE Day 1 Pictures
WoW (Words of Wisdom)
Other sites news
What is Linux?
What is Linux? part deux (ups & downs)
Search newsgroups
The List
ALS Report
Feedback Form
Match: Format: Sort by:
[-Quick Links-]

Copyright 2000 Corp. All Rights Reserved. Legal Notices Privacy Policy