Hi *, I've packaged Tiger for Fedora Extras, and it is available for review in bug 165311. Tiger is a set of bash scripts to run automatic security audits and intrusion detection on Unix systems. The project was abandoned since mid-90's, and has been resurrected by one of the main Debian security developers (Javier Fernández-Sanguino), and further improved. It proved very useful many times on the Debian servers I manage, and I'm pretty sure it could be as useful on Fedora. Since Tiger is very system-specific, it needs customization to integrate it into Fedora. Right now, I've only ported Javier's fixes and adaptations for Debian (which is a quite large patch, I've splitted and cleaned it). I'd like to make sure it works as this, and I'll add more Fedora-specific checks afterwards (such as "yum check-update", "rpm -V", and maybe even SELinux checks, there's much to do) I'm looking for people to help fine-tune the default configuration. So here are the best ways you can help review Tiger if you want to: - Check for packaging errors, as usual - Install it, tweak /etc/tiger/tigerrc a little, run "tiger" and tell me if you have error messages. - Tell me what false-positive alerts you get in the previous command so I can add them to /etc/tiger/tiger.ignore - Look into /etc/tiger/tiger.ignore and tell me if you think I've ignored something valid - Please review my one-liner patch for a C program not compiling with gcc4, as I really don't know C... - Tell me where Tiger could be better integrated into Fedora When you run "tiger", all checks enabled in /etc/tiger/tigerrc are run. But there is also an automatic testing system, where the scripts are run at different times according to /etc/tiger/cronrc. If you can, please run each script in this crontab and tell me which false-positive you get. One of Tiger's best features is to report only what's changed since the last run (configurable in /etc/tiger/tigerrc), but it does not mean we should not get rid of false-positives in the first place. Of course, if you don't feel like checking all this, just do what you're interested in (packaging, coding errors, further integration, ...). Any bit will help. Thanks Aurélien -- http://aurelien.bompard.org ~~~~ Jabber : abompard@xxxxxxxxx If one keeps trying, one successes eventually. Therefore, the more one fails, the closer one is to success. -- Shadok moto. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-devel-list
