I have just installed Tripwire on a freshly installed Debian 7.0.0.
For installation I ran
Code:
sudo apt-get install tripwire
I then did
Code:
sudo tripwire --init
I then edited tripwire --init and commented out all the files that had generated a
Code:
### Warning: File system error.
### Filename: /whatever
### No such file or directory
message. I then ran
Code:
sudo tripwire --update-policy --secure-mode low /etc/tripwire/twpol.txt
and got a bunch of error messages like this
Code:
### Warning: Policy Update Removed Object.
### An object has been removed since the database was last updated.
### Object name: /proc/547/net/dev_snmp6
### Continuing...
### Warning: Policy Update Removed Object.
### An object has been removed since the database was last updated.
### Object name: /proc/547/net/dev_snmp6/eth0
### Continuing...
### Warning: Policy Update Removed Object.
### An object has been removed since the database was last updated.
### Object name: /proc/547/net/dev_snmp6/lo
### Continuing...
### Warning: Policy Update Removed Object.
### An object has been removed since the database was last updated.
### Object name: /proc/547/net/snmp6
### Continuing...
### Warning: Policy Update Removed Object.
### An object has been removed since the database was last updated.
### Object name: /proc/547/net/sockstat6
### Continuing...
These files had gererated
Code:
### Warning: File system error.
### Filename: /whatever
### No such file or directory
errors when I ran the --init operation.
Are these messages something I should be concerned about?
Thanks,
Peter.