Hello,
I am having a nightmare with Tripwire on Linux..... I cannot get it to ignore the /proc filesystem, which I want to completely ignore for now
Has anyone here successfully configured Tripwire on Linux and completed ignored the /proc filesystem ?
If so, please reply and tell me how you did it.
Thanks.
Sample junk I want to get rid of .... !! I get tons of these each time I run any update to the database, the config file, run a check, etc. I don't want them at all!
### Continuing...
### Warning: File system error.
### Filename: /proc/3487/task/4589/fdinfo/1879
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /proc/3487/task/4592/fd/1631
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /proc/3487/task/4592/fd/1647
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /proc/3487/task/4592/fd/1830
### No such file or directory
### Continuing...
### Warning: File system error.
### Filename: /proc/3487/task/4592/fd/1855
### No such file or directory
The above is a small sample of the hundreds of /proc errors I get with tripwire.... !
---------- Post updated at 21:04 ---------- Previous update was at 20:10 ----------
Well, I solved it. 
The problem was that I added a directory to the tripwire that had a very huge file in the path I forgot about. Rebuilding the tripwire policy database failed when it ran into that huge file but the end of the process said "Success!' so it was confusing.
When I removed that object from the tripwire configuration, I could rebuild the tripwire policy database and then the /proc configuration worked.
So, I am making progress on this project .
---------- Post updated at 23:18 ---------- Previous update was at 21:04 ----------
Project completed