linux – tripwire应该进入/ proc吗?
发布时间:2020-12-13 16:41:32 所属栏目:Linux 来源:网络整理
导读:使用tripwire初始化数据库时 – 请吐出一堆与/ proc相关的错误: ### Warning: File system error.### Filename: /proc/16982/fd/4### No such file or directory### Continuing...### Warning: File system error.### Filename: /proc/16982/fdinfo/4### No
|
使用tripwire初始化数据库时 – 请吐出一堆与/ proc相关的错误:
### Warning: File system error. ### Filename: /proc/16982/fd/4 ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /proc/16982/fdinfo/4 ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /proc/16982/task/16982/fd/4 ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /proc/16982/task/16982/fdinfo/4 ### No such file or directory ### Continuing... ### Warning: Duplicate object encountered. ### /proc/sys/net/ipv6/neigh 这感觉像是噪音. twpol.txt文件具有以下子句: #
# Critical devices
#
(
rulename = "Devices & Kernel information",severity = $(SIG_HI),)
{
/dev -> $(Device) ;
/proc -> $(Device) ;
}
如果我理解正确的话,会导致tripwire深入关注/ proc的全部内容.它不应该只关心/ proc的静态部分,如驱动程序等,而不是per-pid的东西?它为什么这样发货? 解决方法
我在
LinuxQuestions发现了这篇文章.
修改,以便只检查proc的有趣部分 # /proc -> $(Device) ; /proc/sys -> $(Device) ; /proc/cpuinfo -> $(Device) ; /proc/modules -> $(Device) ; (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |