Software :: Excluding Directories And Files In Tripwire?
Jul 12, 2010
I have tripwire 2.4.1 up and running on one of our servers, and I am now in the process of configuring it to exclude some files and/or directories that are known to change periodically between integrity checks.
I did some reading on the subject, and one file that came up was the tw.config file. However, when I did a search for the file, there was no instance of it on the server. My next thought was to modify the tw.pol file, and I did try to list some files to be excluded. However, when I tried to update the policy, I got an error message which indicated the syntax that I entered within the tw.pol file was incorrect.
If the tw.config file does not exist, can I create it, and modify the tw.pol file to indicate where the file is located on the server?
I have spent the last hour searching for a solution to this, but I can't get it to work. Here is what I am trying to do:
I have directories for different months in one folder. So for example Code: ../folder/Jan/ ../folder/Aug/ etc. Some of the folders have a dot in front of the month as so: Code: ../folder/.Sep/ ../folder/.Oct/
[Code].....
I am trying to find all the csv files EXCEPT those in a folder that has a dot. For example I want all the csv files in ../folder/Jan/ but I want none in ../folder/.Oct/.
I also want to exclude all the files in the /Aug/ folder that represent days 10-31.
Here is what I have so far: Code: find /some_path/folder/ ( ! -name "Aug[10-31]*.csv" ! -path "/.*/" -name "*.csv" ) | more This command lists all the .csv files except those in the /Aug/ files. So it just ignores the /Aug/ folder completely but lists every other .csv file.
At present in my server the log folder was filled up and causing memory issue. So I am planning to write a script in such a way that the files which are older than 30 days will be deleted and also need to find the files which were not compressed and need to compress this file. Compression will exclude if the file was created on the same day.
i am in need of linux help. iam at college and i need this back/restore script to pass this final part of an assessment. i require a backup script that will not only backup but also restore files to the relevent directories. e.g. users are instructed to store all wordprocessor files in a directory named wp. so i am needing to create a backup directory and 3 directories within that and some files within the 3 directories and then back them up ot restore them. l know i should/have to do this myself by been trying to get/understand info for the last few days and came up with zero.
I am writing a script, in that my requirement is, if all the fill types stored in one directory from that we need to separate different different directories based on the file types.
for example in a directory(anish). 5 different types files 1- directory 2- .txt files 2- .sh files
like that and my requirement is the (1- directory is moved to one new directory(dir) which we are given in the script)and (2 .txt files are moved to another new directory(test) which we are given in the script)and ( 2 .sh files are moved to another new directory(bash) which we are given in the scrip)finally the directory anish should be empty..using bash script.how it is possible !!
I need a script that will take all the files in a given directory and create new monthly sub-directories and sort all the files based on the creation date into the appropriate directory.For example, all files created between 01/01/09 and 01/31/09 will be placed in 'JAN-2009'
I want to copy all directories, files, and hidden files and hidden directories with one command. I want these items to replace any same items in the target directory.
I have tried several things, such as:
cp -r * cp -aR *
but I only seem to get visible files and directories. Obviously, I am missing something. (A brain, probably....)
How do I delete just directories and not files when performing a "rm -r foo*" command? E.G. I have foobar.txt foofoo.o foorebar.jpg and foo/ foonuggets/ and footemp/ in a directory. In one fell swoop how do I delete just the directories and preserve the files?
Seeing as how I only use the -r switch when removing directories I accidentally ran this command and removed files that I wanted (luckily nothing vital). Lesson learned now I want to prevent ever doing that on files that *are* vital.
I have just installed tripwire. I have created a baseline db using the default policy file. Then I checked the output of the db to see what I did not have on my filesystem that db was searching for (according to the default policy when tripwire was installed), I then changed my default clear text policy file accordingly and used twadmin to generate a new tw.pol file.
Next I come grinding to a halt after this (assuming the next thing is to update the policy in tripwire right? )
I recently deleted some files. I would like to know are the files kept in a directory? Like in windows recycle bin. I would like to know where these files are?
I downloaded some backgrounds from Gnome Art and am having trouble moving them to the backgrounds folder. I've been trying this: sudo mv desktop <filename> usr/share/backgrounds.I moved to the desktop to make it easier.
I'm totally new to Linux and this website. I was wondering if anyone had or could help me create a shell script that would merge two files from two different directories and then have that new merged file in a third differnt directory.The merged file would need to eliminate duplicates and sort the contents.
I'd like to remove all directories of a certain depth that don't contain .txt or .log files -- is this possible? So far I have: find ~ -mindepth 3 -maxdepth 4 -type d -exec rm -r '{}' ; Is it possible to add in "only if the directory doesn't contain .txt and/or .log files"? Or do I have to start learning perl to do that?
For example: dir 1: hello.txt runme.sh dir 2: runme.sh oct12.log [Code]....
I have tripwire 2.4.1.2 running on one of our servers on a daily basis, and I was curious to know if it is good practice to periodically update the policy file. The reason for my asking that is while the daily reports that I get indicate there have been changes to files on a daily basis, there are also files that have not been modified for over a month. My thinking is an update of the policy file will establish an updated baseline, and those files that have not been changed for so long will not be reported on until they get changed again.
I have disabled root login in my remote shell and I have a pretty strong password. I am not happy though. I want to increase security. I've been thinking about installing some basic tripwire rig, like say, send myself an email every time I (or anyone) log in. My questions:
- What kind of data would be useful to be sent in that email? Anything else besides "user so-and-so logged in at {date and time}"?
- How would I achieve that? Is it enough to include it in .tcshrc (because my shell is tcsh)? Should I add it to other shells as well (.bashrc, .csh etc.) even though nobody uses the other shells? Is it better placed in some other file, like .login? What is the optimal place?
- Would that be enough? Can I make that whole idea more secure in any way?
If I execute the following command: cp -R /myfiles /mydestination
If myfiles contains several sub-directories and files, in what order will they be copied? For example, directories might be named 0123a, 9993c, myfolder, xfolder.
They are not copied in alphabetical order OR in date order OR in the order they appear when using a standard ls command as far as I can tell, so what actually does determine the order?
Edit: I am trying to determine the order that the cp command uses in order to determine how far along my copy command made it before it stopped. For example, I was hoping to be able to determine it copied 3 of the 4 directories successfully.
I have a directory tree with lots of folders. I need to gather all files of same type, say .txt, and place them in a different folder all by themselves.
I know I can use the mv command, but it won't let me go through all the subdirectories of my folder, just the current one. How can I search through all subdirectories for all .txts or whatever and move them to a folder of my choosing?
I am trying to copy the files from my WHS disk to my Ubuntu Server disk. I have the windows disk mounted at /media/WINDOWS and I want to transfer to /storage so I ran;Code:sudo cp -r /media/WINDOWS /storageIt takes about 4-5 seconds and is complete, but there is about 500 GB worth of data there so I know it didn't really copy everything over. When I look at the files in console it shows them, but when I look at the /storage through SAMBA on my Windows machine, it only shows the directories.?
This is the second time it happens : I have some files/directories that have disappeared.The first time was:
- /home/$USER/.vimrc - /home/$USER/.thunderbird
And now, it's my folder:
/home/$USER/document
which was more important. Is there any known issue about that ? I have sometimes a file system scan when I startup my computer. Is there a relationship by any chance ?
