Tripwire on Ubuntu 6.06

Quick instructions to getting Tripwire installed and running on Ubuntu 6.06 LTS (Dapper Drake). For more detailed instructions check out this site.

1. Install Tripwire. Say Yes to everything, and create some passwords.

% sudo apt-get install tripwire
% sudo tripwire -m i

2. Fix the policy. I was getting many errors that looked like:

### Warning: File system error.
### Filename: /root/.Xauthority
### No such file or directory

I removed the non-existent files from the policy file with the following commands:

% sudo cp /etc/tripwire/twpol.txt /etc/tripwire/twpol.txt.bak
% sudo vim /etc/tripwire/twpol.txt
% sudo tripwire --update-policy -Z low /etc/tripwire/twpol.txt

Later, when you need to update the database, such as after running updates (adjust the date and number from then end of the file, or sometimes you can just drop the whole -r flag):

% sudo tripwire -m u -r /var/lib/tripwire/report/closetbox64-20071223-133927.twr

By default, Tripwire will be set to email whenever it sees changes. To quickly check the status, run:

% sudo tripwire --check