When i scan my system with tripwire and try to update after with
tripwire --update -Z low
i get the error:
### Error: File could not be opened.
### Filename: /var/lib/tripwire/report/nesystem-20101217-212722.twr
### No such file or directory
### Exiting...
What's the reason?
Best Answer
tripwire --update
requires a particular (usually the most recent) tripwire output file to operate on. When you last rantripwire --check
it will have created a report file; if you want to update from that, find the name of that report file (usually the most recent creation in/var/lib/tripwire/report
) and doIf you're using the most recent tripwire output file,
-Z low
is often not required, and I think it's generally a good idea to omit it: if there have been any further changes since the report was generated, you want to know about them, and resolve them manually.If you must have a fast workaround, you could put something like this in your .bashrc file (assuming you're using bash):
which will run tripwire in update mode on the most recent entry in the reports directory.