#29 LOOSEDIRECTORYCHECKING ignored by policy update

open
nobody
None
5
2004-08-05
2004-08-05
Michael Jastram
No

When LOOSEDIRECTORYCHECKING is set to true in the
tripwire configuration, a policy update may fail, even
if the database seems to be up to date

To reproduce: (1) set LOOSEDIRECTORYCHECKING to true
and update the configuration with twadmin -mF. (2)
change a file that is monitored by tripwire. (3)
Update the database with tripwire -m c -I, and make
sure that all changes are accepted. Note that the
parent directory of the changed file is not listed. (4)
Try to update the policy with tripwire -m p. The
system will complain with a message similar to the
following one:

### Object name: Conflicting properties for object /etc
### > Modify Time
### > Change Time

Setting LOOSEDIRECTORYCHECKING to false and updating
the database will solve this problem.

Discussion