Recipe 1.2 Displaying the Policy and Configuration

1.2.1 Problem

You want to view Tripwire's policy or configuration, but they are stored in non-human-readable, binary files, or they are missing.

1.2.2 Solution

Generate the active configuration file:

# cd /etc/tripwire
# twadmin --print-cfgfile > twcfg.txt

Generate the active policy file:

# cd /etc/tripwire
# twadmin --print-polfile > twpol.txt

1.2.3 Discussion

Tripwire's active configuration file tw.cfg and policy file tw.pol are encrypted and signed and therefore non-human-readable. To view them, you must first convert them to plaintext.

Tripwire's documentation advises you to delete the plaintext versions of the configuration and policy after re-signing them. If your plaintext files were missing to start with, this is probably why.

Although you can redirect the output of twadmin to any files you like, remember that requires the plaintext policy and configuration files to have the names we used, twcfg.txt and twpol.txt. [Recipe 1.1]

1.2.4 See Also


    Chapter 9. Testing and Monitoring