[CentOS] tripwire / .xauth$$$$ problem on Centos5
Jake Grimmett
jake.grimmett at nimr.mrc.ac.ukThu Jul 5 13:28:28 UTC 2007
- Previous message: [CentOS] kernel-module-drbd <=> kernel-2.6.9-55.0.2
- Next message: [CentOS] Postfix and mysql
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dear All, I'm using Centos5 to run a firewall, and as part of the intrusion detection apparatus, I use tripwire (tripwire-2.4.1.1-1.fc6.x86_64.rpm - as made for fedora core 6, and then tweaked with my own twpol.txt). My problem, is that when I su to root, a .xauth file is created with a random tail name - i.e. /root/.xauthyN4aHS or /root/.xauth1sGdFh and this causes tripwire to trigger. I can stop sshd from X forwarding to prevent .xauth files, but that's a really bad solution. And I can't see any mention of being able to use wildcards in the the tripwire policy file. Potential solutions are: 1) force the .xauth$$$$ file to live in a directory below root, as I can tell tripwire to ignore this path. 2) stop the .xauth files having a random name However I can't get a grip on how to control the creation of the .xauth file: I've tried adding XAUTHORITY=/root/xauth/xauth to /root/bashrc and this does not work, so any ideas are welcome! Many thanks, Jake -- Dr J. Grimmett Computer Systems Manager Division of Molecular Structure National Institute for Medical Research The Ridgeway Mill Hill London, NW7 1AA
- Previous message: [CentOS] kernel-module-drbd <=> kernel-2.6.9-55.0.2
- Next message: [CentOS] Postfix and mysql
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list