israel.garcia@cimex.com.cu wrote:
<SNIP>I mean, How do I know if some of my users changed the original permissions of any of my files? I mean, How do I know if my files have the correct (original)permissions?
I'd like, if it's possible, some kind of report daily by email or in some log file with this information...?
Tripwire do that? </SNIP>
Sounds like you're looking something akin to a Host-based Intrusion Detection System.
Try AIDE: http://www.cs.tut.fi/~rammer/aide.html
This tool can check for changed permissions and/or contents as well. It's pretty easy to set up. The sourcecode is a bit hairy though.
Or, if you want something more advanced, go with Samhain: http://la-samhna.de/samhain/
The last time I tried to use Tripwire on RHEL it wouldn't compile. My understanding is that open source development on that tool stopped.
Hope this helps,
Shawn M. Jones