Linux Security Cookbook

1.13.1 Problem

You want to add some, but not all, files in a given directory to the Tripwire database.

1.13.2 Solution

Mark a directory hierarchy for inclusion:

/etc -> rule

Immediately after, mark some files to be excluded:

!/etc/not.me !/etc/not.me.either

You can exclude a subdirectory too:

!/etc/dirname

1.13.3 Discussion

The exclamation mark (!) prevents the given file or subdirectory from being added to Tripwire's database.

1.13.4 See Also

The Tripwire manual has detailed documentation on the policy file format.
Related

Категории