If you run an integrity check, and violations that occurred are not
actually security breaches, the Tripwire database needs to be updated
so these are not reported as violations in the future.
To update the Tripwire database, you must specify the report you wish to
use to update the database. Run the following command:
/usr/sbin/tripwire --update --twrfile /var/lib/tripwire/report/[name].twr
where [name] is the name of the desired report.
Tripwire will then display the report in "vi," allowing you to deselect
any files that you would like to exclude from the updated database.
When your selections are complete, type :wq in "command" mode, and
enter the local passphrase.
The database will now be updated, and will no longer list the changes as integrity violations.
For more information, see RedHat.com Documentation
Back to Tripwire Documentation Home
Back to System Administrators' Information
