Re: [Integrit-users] config
Brought to you by:
ecashin
Menu
▾
▴
Re: [Integrit-users] config
|
From: Ed L C. <ec...@te...> - 2001-08-30 00:07:56
|
matt <ma...@ci...> writes: > Hello again list, > > I have finally got integrit to do what I want. Can anyone tell me a > better way to check all files below /bin and /etc inclusive? > > --start-config-- > root=/ > current=/root/integrit/current.db > known=/root/integrit/known.db > > /bin > ! /boot > ! /dev > /etc > ! /home > ! /install > ! /lib > ! /lost+found > ! /mnt > ! /proc > ! /root > ! /sbin > ! /tmp > ! /usr > ! /var > --end-config-- Looks good to me. (As long as that known database is not writable from the localhost.) Another option is to do use two different configuration files: # integrit-bin.conf root=/bin ... and another file: # integrit-etc.conf root=/etc Then you can launch integrit twice, either sequentially or in parallel, depending on your setup. e.g., If /bin and /etc are on different devices, this could be a win because total execution time is less. -- --Ed Cashin PGP public key: ec...@te... http://www.terry.uga.edu/~ecashin/pgp/ |
