Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild

Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>

.gitignore

@@ -0,0 +1,9 @@
+tripwire-2.4.1.2-src.tar.bz2
+/tripwire-2.4.2.2-src.tar.bz2
+/2.4.3.0.tar.gz
+/2.4.3.1.tar.gz
+/2.4.3.2.tar.gz
+/2.4.3.3.tar.gz
+/tripwire-open-source-2.4.3.4.tar.gz
+/tripwire-open-source-2.4.3.5.tar.gz
+/tripwire-open-source-2.4.3.7.tar.gz

License-Issues

@@ -0,0 +1,66 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Update 19 Feb 2004:
+
+The following issues are soon to disappear, since:
+
+	1) There are now cleaner upstream sources to work with (Debian)
+	2) I'm working towards ditching Crypto++ altogether
+
+######
+
+There seems to be some speculation as  to  the  legal  status  of  this
+software.
+
+The problem seems to stem from patents, copyrights and licenses in  the
+Crypto++ distribution, by Wei Dei.
+
+For more information on the exact issues, please refer to the following
+URL:
+
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=153007
+
+The situation with the Fedora release is not as complex however,  since
+many of the questionable components are not included, specifically:
+
+The following are not in the archive, so there is no issue:
+src/cryptlib/idea.cpp
+src/cryptlib/haval.cpp
+src/cryptlib/mars.cpp
+src/cryptlib/serpent.cpp
+src/cryptlib/md5.cpp
+src/cryptlib/md5mac.cpp
+src/cryptlib/cast.cpp
+
+The following are copyrighted, but have no license:
+src/cryptlib/zbits.cpp
+src/cryptlib/ztrees.cpp
+src/cryptlib/zdeflate.cpp
+src/cryptlib/sha.cpp ?
+
+With regards to those last four files, Stephen Zander <gibreel[AT]pobox
+.com> is apparently going to approach Wei Dei with regards clearing  up
+the "no license" issues. However, I  don't  think  this  is  a  "fatal"
+problem at this stage. Hopefully this  will  include  clearing  up  the
+implications of section 2 of src/cryptlib/license.txt, which reads:
+
+"2. Users of the software included in this  compilation  agree  to  use
+their best efforts to provide Wei Dai with any modifications containing
+improvements or extensions  and  hereby  grant  Wei  Dai  a  perpetual,
+royalty-free license to use and distribute such modifications under the
+terms of this license."
+
+I'm no  GPL/OSS  expert,  but  there  are  some  who  believe  this  is
+incompatible with the GPL. Discussions are ongoing, and I will continue
+to update this file in future releases with any news.
+
+Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk>
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.2.3 (GNU/Linux)
+
+iD8DBQFANEDN2XoLj+pGfn8RArdFAJ0edxT3u8DmWJEOpQ7eSFcFd17cXACfVH5I
+PKV00HlQoZBBfbrq8//6pd8=
+=HlLR
+-----END PGP SIGNATURE-----

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: tripwire
-# $Id$
-NAME := tripwire
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON	:= $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attept a checkout
-define checkout-makefile-common
-test -f CVS/Rootx && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

README.Fedora.in

@@ -0,0 +1,70 @@
+Post-Installation Instructions
+
+The Tripwire RPM installs the basic program files needed to run the software. However, this installation does not complete custom configurations that Tripwire 2.4 needs to perform correctly. After you unpack the RPM, you must:
+1. Generate the system-specific cryptographic key files ( @sbindir@/tripwire-setup-keyfiles )
+2. Initialize the Tripwire database file. ( @sbindir@/tripwire --init )
+3. Run the first integrity check. ( @sbindir@/tripwire --check )
+4. Edit the configuration file ( twcfg.txt ) with a text editor, if desired.
+5. Edit the policy file ( twpol.txt ) with a text editor, if desired.
+
+Note: If you plan to modify the policy file, we recommend you do so before running the configuration script. If you modify the policy file after running the configuration script, you must re-run the configuration file before initializing the database file. 
+
+Modifying the Policy File
+You can specify how Tripwire software checks your system in the Tripwire policy file (twpol.txt). A default policy file is included in the Tripwire software installation. We recommend you tailor this policy file to fit your particular system. Tailoring the policy file greatly increases Tripwire software's ability to ensure the integrity of your system. 
+
+Locate the default policy file at  /etc/tripwire/twpol.txt. An example policy file (located at   /usr/share/doc/tripwire-VER#-REL#/policyguide.txt) is included to help you learn the policy language. Read the sample policy file and the comments in the sample policy file to learn the policy language. 
+
+After you modify the policy file, follow the Post-Installation Instructions (run the configuration script). This script signs the modified policy file and renames it to tw.pol. This is the active policy file that runs as part of the Tripwire software. 
+
+Selecting Passphrases
+Tripwire files are signed or encrypted using site or local keys. These keys are protected by passphrases. When selecting passphrases, the following recommendations apply:
+Use at least eight alphanumeric and symbolic characters for each passphrase. The maximum length of a passphrase is 1023 characters. Quotes should not be used as passphrase characters.
+
+Assign a unique passphrase for the site key. The site key passphrase protects the site key, which is used to sign Tripwire software configuration and policy files. Assign a unique passphrase for the local key. The local key signs Tripwire database files. The local key may sign the Tripwire report files also. 
+
+Store the passphrases in a secure location. There is no way to remove encryption from a signed file if you forget your passphrase. If you forget the passphrases, the files are unusable. In that case you must reinitialize the baseline database.
+
+Initializing the Database 
+In Database Initialization mode, Tripwire software builds a database of filesystem objects based on the rules in the policy file. This database serves as the baseline for integrity checks. The syntax for Database Initialization mode is:
+tripwire  --init 
+
+Running an Integrity Check
+The Integrity Check mode compares the current file system objects with their properties recorded in the Tripwire database. Violations are printed to stdout. The report file is saved and can later be accessed by twprint. An email option enables you to send email. The syntax for Integrity Check mode is:
+tripwire --check 
+
+Printing Reports - twprint Print Report Mode
+The twprint --print-report mode prints the contents of a Tripwire report. If you do not specify a report with the --twrfile or -r command-line argument, the default report file specified by the configuration file REPORTFILE variable is used. 
+Example: On a machine named LIGHTHOUSE, the command would be:
+./twprint -m r --twrfile LIGHTHOUSE-19990622-021212.twr
+
+Updating the Database after an Integrity Check
+Database Update mode enables you to update the Tripwire database after an integrity check if you determine that the violations discovered are valid. This update process saves time by enabling you to update the database without having to re-initialize it. It also enables selective updating, which cannot be done through re-initialization. The syntax for Database Update mode is:
+tripwire --update 
+
+Updating the Policy File
+Change the way that Tripwire software scans the system by changing the rules in the policy file. You can  then update the database without a complete re-initialization. This saves a significant amount of time and preserves security by keeping the policy file synchronized with the database it uses.  The syntax for Policy Update mode is:
+tripwire  --update-policy 
+
+Testing email functions
+Test mode tests the software's email notification system, using the settings currently specified in the configuration file. The syntax for Email Test Reporting mode is:
+tripwire  --test 
+
+Tripwire Components
+The policy file begins as a text file containing comments, rules, directives, and variables. These dictate the way Tripwire software checks your system. Each rule in the policy file specifies a system object to be monitored. Rules also describe which changes to the object to report, and which to ignore. 
+
+System objects are the files and directories you wish to monitor. Each object is identified by an object name. A property refers to a single characteristic of an object that Tripwire software can monitor. Directives control conditional processing of sets of rules in a policy file. During installation, the text policy file is encrypted and renamed, and becomes the active policy file. 
+
+The database file is an important component of Tripwire software. When first installed, Tripwire software uses the policy file rules to create the database file. The database file is a baseline "snapshot" of the system in a known secure state. Tripwire software compares this baseline against the current system to determine what changes have occurred. This is an integrity check.
+
+When you perform an integrity check, Tripwire software produces report files. Report files summarize any changes that violated the policy file rules during the integrity check. You can view the report file in a variety of formats, at varying levels of detail.  
+
+The Tripwire configuration file stores system-specific information, such as the location of Tripwire data files. Tripwire software generates some of the configuration file information during installation. The system administrator can change parameters in the configuration file at any time. The configuration file variables POLFILE, DBFILE, REPORTFILE, SITEKEYFILE, and LOCALKEYFILE specify where the policy file, database file, report files, and site and local key files reside. These variables must be defined or the configuration file is invalid. If any of these variables are undefined, an error occurs on execution of Tripwire software and the program exits. 
+
+Tripwire Help
+All Tripwire commands support the help arguments. Example: To get help with Create Configuration File mode, type: ./twadmin --help --create-cfgfile
+
+-?		Display usage and version information
+--help		Display all command modes
+--help all	Display help for all command modes
+--help [mode]	Display help for current command mode
+--version	Display version information

sources

@@ -0,0 +1 @@
+SHA512 (tripwire-open-source-2.4.3.7.tar.gz) = 541138f4a4c3a4227f31de6607503d305f0d893bdd5d24928d619d3a25bb8fe7061a45c041992ace957b976b834b5f4212b5c727eee1cbc76ddb2e2c52aeafbd

tripwire-2.4.2.2-gcc47.patch

@@ -0,0 +1,24 @@
+diff -up tripwire-2.4.2.2-src/src/cryptlib/algebra.h.gcc47 tripwire-2.4.2.2-src/src/cryptlib/algebra.h
+--- tripwire-2.4.2.2-src/src/cryptlib/algebra.h.gcc47	2011-11-21 11:06:56.000000000 -0500
++++ tripwire-2.4.2.2-src/src/cryptlib/algebra.h	2012-03-05 15:17:32.733038609 -0500
+@@ -273,7 +273,7 @@ template <class T> T AbstractEuclideanDo
+ 	Element g[3]={b, a};
+ 	unsigned int i0=0, i1=1, i2=2;
+ 
+-	while (!Equal(g[i1], this->Zero()))
++	while (!this->Equal(g[i1], this->Zero()))
+ 	{
+ 		g[i2] = Mod(g[i0], g[i1]);
+ 		unsigned int t = i0; i0 = i1; i1 = i2; i2 = t;
+diff -up tripwire-2.4.2.2-src/src/twadmin/twadmincl.cpp.gcc47 tripwire-2.4.2.2-src/src/twadmin/twadmincl.cpp
+--- tripwire-2.4.2.2-src/src/twadmin/twadmincl.cpp.gcc47	2012-03-05 15:21:21.811528228 -0500
++++ tripwire-2.4.2.2-src/src/twadmin/twadmincl.cpp	2012-03-05 15:21:29.140447912 -0500
+@@ -35,6 +35,8 @@
+ 
+ #include "stdtwadmin.h"
+ 
++#include <unistd.h>
++
+ #include "twadmincl.h"
+ #include "twadminstrings.h"
+ #include "keygeneration.h"

tripwire-F21-build.patch

@@ -0,0 +1,12 @@
+diff -up tripwire-2.4.2.2-src/src/core/archive.cpp.orig tripwire-2.4.2.2-src/src/core/archive.cpp
+--- tripwire-2.4.2.2-src/src/core/archive.cpp.orig	2011-11-21 08:06:56.000000000 -0800
++++ tripwire-2.4.2.2-src/src/core/archive.cpp	2014-10-16 07:39:44.249052618 -0700
+@@ -883,7 +883,7 @@ void cLockedTemporaryFileArchive::OpenRe
+             strTempFile += _T("twtempXXXXXX");  
+             iFSServices::GetInstance()->MakeTempFilename( strTempFile );
+           }
+-        catch( eFSServices& e)
++        catch( eFSServices& es)
+           {
+             TSTRING errStr = TSS_GetString( cCore, core::STR_BAD_TEMPDIRECTORY );
+             eArchiveOpen e(strTempFile, errStr);

tripwire-narrowing.patch

@@ -0,0 +1,65 @@
+diff -rup a/tripwire-open-source-2.4.3.0/src/twparser/yyparse.cpp b/tripwire-open-source-2.4.3.0/src/twparser/yyparse.cpp
+--- a/tripwire-open-source-2.4.3.0/src/twparser/yyparse.cpp	2016-04-12 20:18:49.000000000 +0200
++++ b/tripwire-open-source-2.4.3.0/src/twparser/yyparse.cpp	2016-04-23 11:57:38.548102229 +0200
+@@ -176,25 +176,25 @@ yyNamedType yyTokenTypes[] = {
+ #endif
+ static short yydef[] = {
+ 
+-	65535, 65531,    9,   53, 65527,    3, 65523,   10,    7, 65519, 
+-	   5,    4, 65515,   50, 65509,    8, 65505,  -35
++	(short) 65535, (short) 65531,    9,   53, (short) 65527,    3, (short) 65523,   10,    7, (short) 65519, 
++	   5,    4, (short) 65515,   50, (short) 65509,    8, (short) 65505,  -35
+ };
+ static short yyex[] = {
+ 
+-	   0,   52, 65535,    1,  288,   18, 65535,   13,    0,    0, 
+-	65535,    1,  259,   49, 65535,    1,  262,    6, 65535,    1, 
+-	 275,   52,  276,   52, 65535,    1,  276,   51, 65535,    1, 
+-	 264,   52, 65535,    1,  276,   52, 65535,    1
++	   0,   52, (short) 65535,    1,  288,   18, (short) 65535,   13,    0,    0, 
++	(short) 65535,    1,  259,   49, (short) 65535,    1,  262,    6, (short) 65535,    1, 
++	 275,   52,  276,   52, (short) 65535,    1,  276,   51, (short) 65535,    1, 
++	 264,   52, (short) 65535,    1,  276,   52, (short) 65535,    1
+ };
+ static short yyact[] = {
+ 
+-	65499, 65534, 65455, 65490, 65491, 65497, 65498, 65495, 65496, 65489, 
++	(short) 65499, (short) 65534, (short) 65455, (short) 65490, (short) 65491, (short) 65497, (short) 65498, (short) 65495, (short) 65496, (short) 65489, 
+ 	 289,  278,  277,  274,  273,  268,  267,  262,  261,  258, 
+-	65487, 65503, 65490,  267,  266,  261, 65504,  258, 65487, 65490, 
+-	 267,  261, 65505,  272, 65506,  288, 65507,  288, 65461,  262, 
+-	65460,  262, 65459,  262, 65482,  261, 65489,  289, 65511,  284, 
+-	65512,  288, 65522,  257, 65513,  259, 65479,  259, 65514,  258, 
+-	65462,  263, 65470,  275, 65474,  259, 65464,  276, 65463,  264,   -1
++	(short) 65487, (short) 65503, (short) 65490,  267,  266,  261, (short) 65504,  258, (short) 65487, (short) 65490, 
++	 267,  261, (short) 65505,  272, (short) 65506,  288, (short) 65507,  288, (short) 65461,  262, 
++	(short) 65460,  262, (short) 65459,  262, (short) 65482,  261, (short) 65489,  289, (short) 65511,  284, 
++	(short) 65512,  288, (short) 65522,  257, (short) 65513,  259, (short) 65479,  259, (short) 65514,  258, 
++	(short) 65462,  263, (short) 65470,  275, (short) 65474,  259, (short) 65464,  276, (short) 65463,  264,   -1
+ };
+ static short yypact[] = {
+ 
+@@ -206,15 +206,15 @@ static short yypact[] = {
+ };
+ static short yygo[] = {
+ 
+-	65471, 65476, 65477,   13, 65529, 65515, 65509,   21, 65473, 65472, 
+-	65492,   44, 65508, 65478, 65483, 65483, 65483, 65483, 65480, 65483, 
+-	65480, 65481, 65480, 65481, 65465, 65466, 65467, 65484,   40,   39, 
++	(short) 65471, (short) 65476, (short) 65477,   13, (short) 65529, (short) 65515, (short) 65509,   21, (short) 65473, (short) 65472, 
++	(short) 65492,   44, (short) 65508, (short) 65478, (short) 65483, (short) 65483, (short) 65483, (short) 65483, (short) 65480, (short) 65483, 
++	(short) 65480, (short) 65481, (short) 65480, (short) 65481, (short) 65465, (short) 65466, (short) 65467, (short) 65484,   40,   39, 
+ 	  38,   37,   36,   24,   21,   15,   13,   11,    8,    7, 
+-	   2, 65520, 65524, 65527, 65528, 65533,   32,   30,   28,   23, 
+-	65525, 65488, 65510, 65494,   31, 65485, 65486, 65493,   29,   10, 
+-	65468, 65469,   24, 65530, 65526, 65531, 65521, 65517, 65452, 65458, 
+-	  17,   16,   12, 65532, 65457, 65456,    3, 65502, 65501, 65500, 
+-	65454, 65453, 65519, 65523, 65516, 65518, 65475,   -1
++	   2, (short) 65520, (short) 65524, (short) 65527, (short) 65528, (short) 65533,   32,   30,   28,   23, 
++	(short) 65525, (short) 65488, (short) 65510, (short) 65494,   31, (short) 65485, (short) 65486, (short) 65493,   29,   10, 
++	(short) 65468, (short) 65469,   24, (short) 65530, (short) 65526, (short) 65531, (short) 65521, (short) 65517, (short) 65452, (short) 65458, 
++	  17,   16,   12, (short) 65532, (short) 65457, (short) 65456,    3, (short) 65502, (short) 65501, (short) 65500, 
++	(short) 65454, (short) 65453, (short) 65519, (short) 65523, (short) 65516, (short) 65518, (short) 65475,   -1
+ };
+ static short yypgo[] = {
+ 

tripwire-setup-keyfiles.in

@@ -0,0 +1,329 @@
+#!/bin/sh
+
+########################################################################
+########################################################################
+##
+## Tripwire(R) 2.3 for LINUX(R) Post-RPM installation script
+##
+## Copyleft information contained in footer
+##
+########################################################################
+########################################################################
+
+##=======================================================
+## Setup
+##=======================================================
+
+# We can assume all the correct tools are in place because the
+# RPM installed, didn't it?
+
+##-------------------------------------------------------
+## Set HOST_NAME variable
+##-------------------------------------------------------
+HOST_NAME='localhost'
+if uname -n > /dev/null 2> /dev/null ; then
+	HOST_NAME=`uname -n`
+fi
+
+##-------------------------------------------------------
+## Program variables - edited by RPM during initial install
+##-------------------------------------------------------
+
+# Site Passphrase variable
+TW_SITE_PASS=""
+
+# Complete path to site key
+SITE_KEY="@sysconfdir@/tripwire/site.key"
+
+# Local Passphrase variable
+TW_LOCAL_PASS=""
+
+# Complete path to local key
+LOCAL_KEY="@sysconfdir@/tripwire/${HOST_NAME}-local.key"
+
+# If clobber==true, overwrite files; if false, do not overwrite files.
+CLOBBER="false"
+
+# If prompt==true, ask for confirmation before continuing with install.
+PROMPT="true"
+
+# Name of twadmin executeable
+TWADMIN="twadmin"
+
+# Path to twadmin executeable
+TWADMPATH=@sbindir@
+
+# Path to configuration directory
+CONF_PATH="@sysconfdir@/tripwire"
+
+# Name of clear text policy file
+TXT_POL=$CONF_PATH/twpol.txt
+
+# Name of clear text configuration file
+TXT_CFG=$CONF_PATH/twcfg.txt
+
+# Name of encrypted configuration file
+CONFIG_FILE=$CONF_PATH/tw.cfg
+
+# Path of the final Tripwire policy file (signed)
+SIGNED_POL=`grep POLFILE $TXT_CFG | sed -e 's/^.*=\(.*\)/\1/'`
+
+
+##=======================================================
+## Create Key Files
+##=======================================================
+
+##-------------------------------------------------------
+## If user has to enter a passphrase, give some
+## advice about what is appropriate.
+##-------------------------------------------------------
+
+if [ -z "$TW_SITE_PASS" ] || [ -z "$TW_LOCAL_PASS" ]; then
+cat << END_OF_TEXT
+
+----------------------------------------------
+The Tripwire site and local passphrases are used to sign a  variety  of
+files, such as the configuration, policy, and database files.
+
+Passphrases should be at least 8 characters in length and contain  both
+letters and numbers.
+
+See the Tripwire manual for more information.
+END_OF_TEXT
+fi
+
+##=======================================================
+## Generate keys.
+##=======================================================
+
+echo
+echo "----------------------------------------------"
+echo "Creating key files..."
+
+##-------------------------------------------------------
+## Site key file.
+##-------------------------------------------------------
+
+# If clobber is true, and prompting is off (unattended operation)
+# and the key file already exists, remove it.  Otherwise twadmin
+# will prompt with an "are you sure?" message.
+
+if [ "$CLOBBER" = "true" ] && [ "$PROMPT" = "false" ] && [ -f "$SITE_KEY" ] ; then
+        rm -f "$SITE_KEY"
+fi
+
+if [ -f "$SITE_KEY" ] && [ "$CLOBBER" = "false" ] ; then
+	echo "The site key file \"$SITE_KEY\""
+	echo 'exists and will not be overwritten.'
+else
+	cmdargs="--generate-keys --site-keyfile \"$SITE_KEY\""
+	if [ -n "$TW_SITE_PASS" ] ; then
+		cmdargs="$cmdargs --site-passphrase \"$TW_SITE_PASS\""
+     	fi
+	eval "\"$TWADMPATH/$TWADMIN\" $cmdargs"
+	if [ $? -ne 0 ] ; then
+		echo "Error: site key generation failed"
+		exit 1
+        else chmod 640 "$SITE_KEY"
+	fi
+fi
+
+##-------------------------------------------------------
+## Local key file.
+##-------------------------------------------------------
+
+# If clobber is true, and prompting is off (unattended operation)
+# and the key file already exists, remove it.  Otherwise twadmin
+# will prompt with an "are you sure?" message.
+
+if [ "$CLOBBER" = "true" ] && [ "$PROMPT" = "false" ] && [ -f "$LOCAL_KEY" ] ; then
+        rm -f "$LOCAL_KEY"
+fi
+
+if [ -f "$LOCAL_KEY" ] && [ "$CLOBBER" = "false" ] ; then
+	echo "The local key file \"$LOCAL_KEY\""
+	echo 'exists and will not be overwritten.'
+else
+	cmdargs="--generate-keys --local-keyfile \"$LOCAL_KEY\""
+	if [ -n "$TW_LOCAL_PASS" ] ; then
+		cmdargs="$cmdargs --local-passphrase \"$TW_LOCAL_PASS\""
+        fi
+	eval "\"$TWADMPATH/$TWADMIN\" $cmdargs"
+	if [ $? -ne 0 ] ; then
+		echo "Error: local key generation failed"
+		exit 1
+        else chmod 640 "$LOCAL_KEY"
+	fi
+fi
+
+##=======================================================
+## Sign the Configuration File
+##=======================================================
+
+echo
+echo "----------------------------------------------"
+echo "Signing configuration file..."
+
+##-------------------------------------------------------
+## If noclobber, then backup any existing config file.
+##-------------------------------------------------------
+
+if [ "$CLOBBER" = "false" ] && [ -s "$CONFIG_FILE" ] ; then
+	backup="${CONFIG_FILE}.$$.bak"
+	echo "Backing up $CONFIG_FILE"
+	echo "        to $backup"
+	`mv "$CONFIG_FILE" "$backup"`
+	if [ $? -ne 0 ] ; then
+		echo "Error: backup of configuration file failed."
+		exit 1
+	fi
+fi
+
+##-------------------------------------------------------
+## Build command line.
+##-------------------------------------------------------
+
+cmdargs="--create-cfgfile"
+cmdargs="$cmdargs --cfgfile \"$CONFIG_FILE\""
+cmdargs="$cmdargs --site-keyfile \"$SITE_KEY\""
+if [ -n "$TW_SITE_PASS" ] ; then
+	cmdargs="$cmdargs --site-passphrase \"$TW_SITE_PASS\""
+fi
+
+##-------------------------------------------------------
+## Sign the file.
+##-------------------------------------------------------
+
+eval "\"$TWADMPATH/$TWADMIN\" $cmdargs \"$TXT_CFG\""
+if [ $? -ne 0 ] ; then
+	echo "Error: signing of configuration file failed."
+	exit 1
+fi
+
+# Set the rights properly
+chmod 640 "$CONFIG_FILE"
+
+##-------------------------------------------------------
+## We keep the cleartext version around.
+##-------------------------------------------------------
+
+cat << END_OF_TEXT
+
+A clear-text version of the Tripwire configuration file:
+$TXT_CFG
+has been preserved for your inspection.  It  is  recommended  that  you
+move this file to a secure location and/or encrypt it in place (using a
+tool such as GPG, for example) after you have examined it.
+
+END_OF_TEXT
+
+##=======================================================
+## Sign tripwire policy file.
+##=======================================================
+
+echo
+echo "----------------------------------------------"
+echo "Signing policy file..."
+
+##-------------------------------------------------------
+## If noclobber, then backup any existing policy file.
+##-------------------------------------------------------
+
+if [ "$CLOBBER" = "false" ] && [ -s "$POLICY_FILE" ] ; then
+	backup="${POLICY_FILE}.$$.bak"
+	echo "Backing up $POLICY_FILE"
+	echo "        to $backup"
+	mv "$POLICY_FILE" "$backup"
+	if [ $? -ne 0 ] ; then
+		echo "Error: backup of policy file failed."
+		exit 1
+	fi
+fi
+
+##-------------------------------------------------------
+## Build command line.
+##-------------------------------------------------------
+
+cmdargs="--create-polfile"
+cmdargs="$cmdargs --cfgfile \"$CONFIG_FILE\""
+cmdargs="$cmdargs --site-keyfile \"$SITE_KEY\""
+if [ -n "$TW_SITE_PASS" ] ; then
+	cmdargs="$cmdargs --site-passphrase \"$TW_SITE_PASS\""
+fi
+
+##-------------------------------------------------------
+## Sign the file.
+##-------------------------------------------------------
+
+eval "\"$TWADMPATH/$TWADMIN\" $cmdargs \"$TXT_POL\""
+if [ $? -ne 0 ] ; then
+	echo "Error: signing of policy file failed."
+	exit 1
+fi
+
+# Set the proper rights on the newly signed policy file.
+chmod 0640 "$SIGNED_POL"
+
+##-------------------------------------------------------
+## We keep the cleartext version around.
+##-------------------------------------------------------
+
+cat << END_OF_TEXT
+
+A clear-text version of the Tripwire policy file:
+$TXT_POL
+has been preserved for  your  inspection.  This  implements  a  minimal
+policy, intended only to test  essential  Tripwire  functionality.  You
+should edit the policy file to  describe  your  system,  and  then  use
+twadmin to generate a new signed copy of the Tripwire policy.
+
+Once you have a satisfactory Tripwire policy file, you should move  the
+clear-text version to a secure location  and/or  encrypt  it  in  place
+(using a tool such as GPG, for example).
+
+Now run "tripwire --init" to enter Database Initialization  Mode.  This
+reads the policy file, generates a database based on its contents,  and
+then cryptographically signs the resulting  database.  Options  can  be
+entered on the command line to specify which policy, configuration, and
+key files are used  to  create  the  database.  The  filename  for  the
+database can be specified as well. If no  options  are  specified,  the
+default values from the current configuration file are used.
+
+END_OF_TEXT
+
+exit 0
+
+########################################################################
+########################################################################
+#
+#                        TRIPWIRE GPL NOTICES
+#
+# The developer of the original code and/or files is Tripwire, Inc.
+# Portions created by Tripwire, Inc. are copyright 2000 Tripwire, Inc.
+# Tripwire is a registered trademark of Tripwire, Inc.  All rights reserved.
+#
+# This program is free software.  The contents of this file are subject to
+# the terms of the GNU General Public License as published by the Free
+# Software Foundation; either version 2 of the License, or (at your option)
+# any later version.  You may redistribute it and/or modify it only in
+# compliance with the GNU General Public License.
+#
+# This program is distributed in the hope that it will be useful.  However,
+# this program is distributed "AS-IS" WITHOUT ANY WARRANTY; INCLUDING THE
+# IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+# Please see the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+# Nothing in the GNU General Public License or any other license to use the
+# code or files shall permit you to use Tripwire's trademarks,
+# service marks, or other intellectual property without Tripwire's
+# prior written consent.
+#
+# If you have any questions, please contact Tripwire, Inc. at either
+# info@tripwire.org or www.tripwire.org.
+#
+########################################################################
+########################################################################

tripwire-siggen-man8.patch

@@ -0,0 +1,47 @@
+diff -Nur tripwire-2.3.1-2/man/man8/siggen.8 tripwire-2.3.1-2.new/man/man8/siggen.8
+--- tripwire-2.3.1-2/man/man8/siggen.8	2001-03-04 00:30:29.000000000 +0000
++++ tripwire-2.3.1-2.new/man/man8/siggen.8	2004-02-19 01:18:43.000000000 +0000
+@@ -2,28 +2,25 @@
+ .\" Do not move or remove previous line.
+ .\" Used by some man commands to know that tbl should be used.
+ .nh
+-.TH SIGGEN 8 "1 July 2000"
++.TH SIGGEN 8 "19 Feb 2004"
+ .SH NAME
+ siggen \- signature gathering routine for Tripwire
+ .SH SYNOPSIS
+ .B siggen
+-.RI "[ " "options..." " ]"
+-.IR file1 " [ " "file2..." " ] "
+-
+-.I Options:
+-.RS +0.5i
+-.TS
+-;
+-lbw(0.8i) lb.
+--t	--terse
+--h	--hexadecimal
+--a	--all
+--C	--CRC32
+--M	--MD5
+--S	--SHA
+--H	--HAVAL
+-.TE
+-.RE
++[
++.BR -t | --terse
++] [
++.BR -h | --hexadecimal
++] [
++.BR -a | --all
++] [
++.BR -C | --CRC32
++] [
++.BR -S | --SHA
++] [
++.BR -h | --HAVAL
++]
++.IR file1 ,,,
+ .SH DESCRIPTION
+ .PP
+ \fBsiggen\fP is a utility that displays the hash function values 

tripwire.cron.in

@@ -0,0 +1,13 @@
+#!/bin/sh
+HOST_NAME=`uname -n`
+if [ ! -e @vardir@/lib/tripwire/${HOST_NAME}.twd ] ; then
+	echo "****    Error: Tripwire database for ${HOST_NAME} not found.    ****"
+	echo "**** Run \"@sysconfdir@/tripwire/twinstall.sh\" and/or \"tripwire --init\". ****"
+elif [ -f @sysconfdir@/tripwire/tw.cfg ]; then
+	# if GLOBALEMAIL is configured, use it rather than cron mail
+	if [ -n "`@sbindir@/twadmin -m f | sed -n 's/^GLOBALEMAIL\W*=//p'`" ]; then
+		@sbindir@/tripwire --check --email-report --silent --no-tty-output
+	else
+		@sbindir@/tripwire --check
+	fi
+fi

tripwire.spec

@@ -0,0 +1,480 @@
+%define		path_to_vi /bin/vi
+%define		path_to_sendmail /usr/sbin/sendmail
+
+Name:		tripwire
+Version:	2.4.3.7
+Release:	20%{?dist}
+Summary:	IDS (Intrusion Detection System)
+
+License:	GPL-2.0-or-later
+Source0:	https://github.com/Tripwire/%{name}-open-source/releases/download/%{version}/%{name}-open-source-%{version}.tar.gz
+Source1:	tripwire.cron.in
+Source3:	tripwire.gif
+Source4:	twcfg.txt.in
+Source5:	tripwire-setup-keyfiles.in
+Source6:	twpol.txt.in
+Source7:	README.Fedora.in
+Source9:	License-Issues
+URL:		https://github.com/Tripwire/%{name}-open-source/
+
+BuildRequires: make
+BuildRequires:  gcc
+BuildRequires:  gcc-c++
+BuildRequires:	openssl-devel
+Requires(post):	sed
+
+
+%description
+Tripwire is a very valuable security tool for Linux systems, if  it  is
+installed to a clean system. Tripwire should be installed  right  after
+the OS installation, and before you have connected  your  system  to  a
+network (i.e., before any possibility exists that someone  could  alter
+files on your system).
+
+When Tripwire is initially set up, it creates a database  that  records
+certain file information. Then when it is run, it compares a designated
+set of files and directories to the information stored in the database.
+Added or deleted files are flagged and reported, as are any files  that
+have changed from their previously recorded state in the database. When
+Tripwire is run against system files  on  a  regular  basis,  any  file
+changes will be spotted when Tripwire is run. Tripwire will report  the
+changes, which will give system administrators a clue that they need to
+enact damage control measures immediately if certain  files  have  been
+altered.
+
+%prep
+%setup -q -n %{name}-open-source-%{version}
+%{__cp} -p %{SOURCE3} .
+
+%build
+export CXXFLAGS="-std=c++14 $RPM_OPT_FLAGS"
+%configure --sysconfdir=%{_sysconfdir}/tripwire \
+           path_to_vi=%{path_to_vi} \
+           path_to_sendmail=%{path_to_sendmail}
+
+%{__make} %{?_smp_mflags}
+
+%install
+%{__rm} -fr %{buildroot}
+
+# Install the binaries.
+%{__mkdir_p} %{buildroot}%{_sbindir}
+%{__install} -p -m755 bin/siggen %{buildroot}%{_sbindir}
+%{__install} -p -m755 bin/tripwire %{buildroot}%{_sbindir}
+%{__install} -p -m755 bin/twadmin %{buildroot}%{_sbindir}
+%{__install} -p -m755 bin/twprint %{buildroot}%{_sbindir}
+
+# Install the man pages.
+%{__mkdir_p} %{buildroot}%{_mandir}/{man4,man5,man8}
+%{__install} -p -m644 man/man4/*.4 %{buildroot}%{_mandir}/man4/
+%{__install} -p -m644 man/man5/*.5 %{buildroot}%{_mandir}/man5/
+%{__install} -p -m644 man/man8/*.8 %{buildroot}%{_mandir}/man8/
+
+# Create configuration files from templates.
+%{__rm} -fr _tmpcfg
+%{__mkdir} _tmpcfg
+for infile in %{SOURCE1} %{SOURCE4} %{SOURCE5} %{SOURCE6} %{SOURCE7} ; do
+	outfile=${infile##/*/}
+	outfile=${outfile%.*n}
+	cat ${infile} |\
+	%{__sed} -e 's|@path_to_vi@|%{path_to_vi}|g' |\
+	%{__sed} -e 's|@path_to_sendmail@|%{path_to_sendmail}|g' |\
+	%{__sed} -e 's|@sysconfdir@|%{_sysconfdir}|g' |\
+	%{__sed} -e 's|@sbindir@|%{_sbindir}|g' |\
+	%{__sed} -e 's|@vardir@|%{_var}|g' >\
+	_tmpcfg/${outfile}
+done
+%{__mv} _tmpcfg/{tripwire-setup-keyfiles,README.Fedora} .
+
+# Create the reports directory.
+%{__install} -d -m700 %{buildroot}%{_var}/lib/tripwire/report
+
+# Install the cron job.
+%{__install} -d -m755 %{buildroot}%{_sysconfdir}/cron.daily
+%{__install} -p -m755 _tmpcfg/tripwire.cron \
+	%{buildroot}%{_sysconfdir}/cron.daily/tripwire-check
+%{__rm} _tmpcfg/tripwire.cron
+
+# Install configuration files.
+%{__mkdir_p} %{buildroot}%{_sysconfdir}/tripwire
+for file in _tmpcfg/* ; do
+	%{__install} -p -m644 ${file} %{buildroot}%{_sysconfdir}/tripwire
+done
+
+# Install the keyfile setup script
+%{__install} -p -m755 tripwire-setup-keyfiles %{buildroot}%{_sbindir}
+
+# Fix permissions on documentation files.
+%{__cp} -p %{SOURCE9} .
+%{__chmod} 644 \
+	ChangeLog COMMERCIAL COPYING TRADEMARK tripwire.gif \
+	README.Fedora policy/policyguide.txt License-Issues
+
+
+%post
+# Set the real hostname in twpol.txt
+%{__sed} -i -e "s|localhost|$HOSTNAME|g" %{_sysconfdir}/tripwire/twpol.txt
+
+
+%files
+%doc ChangeLog COMMERCIAL COPYING TRADEMARK tripwire.gif
+%doc README.Fedora policy/policyguide.txt License-Issues
+%attr(0700,root,root) %dir %{_sysconfdir}/tripwire
+%config(noreplace) %{_sysconfdir}/tripwire/twcfg.txt
+%config(noreplace) %{_sysconfdir}/tripwire/twpol.txt
+%attr(0755,root,root) %{_sysconfdir}/cron.daily/tripwire-check
+%attr(0700,root,root) %dir %{_var}/lib/tripwire
+%attr(0700,root,root) %dir %{_var}/lib/tripwire/report
+%{_mandir}/*/*
+%attr(0755,root,root) %{_sbindir}/*
+
+
+%changelog
+* Fri Jul 25 2025 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-20
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
+
+* Sun Jan 19 2025 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-19
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
+
+* Sat Jul 20 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-18
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+
+* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-17
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Sat Nov 04 2023 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.7-16
+- migrated to SPDX license
+
+* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-14
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 2.4.3.7-11
+- Rebuilt with OpenSSL 3.0.0
+
+* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Tue Aug 18 2020 Jeff Law <law@redhat.com> - 2.4.3.7-8
+- Force C++14 as this code is not C++17 ready
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Sat Jul 21 2018 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.7-3
+- Fix https://bugzilla.redhat.com/show_bug.cgi?id=1606572
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.7-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Thu Apr 19 2018 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.7-1
+- update to 2.4.3.7
+
+* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.5-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Wed Oct 04 2017 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.6-1
+- update to 2.4.3.6
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.5-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Thu Apr 06 2017 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.5-1
+- update to 2.4.3.5
+
+* Fri Mar 10 2017 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.4-1
+- update to 2.4.3.4
+- Fix https://bugzilla.redhat.com/show_bug.cgi?id=1429542
+- Fix https://bugzilla.redhat.com/show_bug.cgi?id=1435181
+
+* Sat Mar 04 2017 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.3-1
+- update to 2.4.3.3
+
+* Tue Feb 14 2017 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.2-3
+- Fix #1421468 by removing defattr macro in files section
+- Remove executable permission on 2 cpp files.
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Thu Feb 02 2017 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.2-1
+- update to 2.4.3.2
+- Remove personal config.guess
+- Fix https://bugzilla.redhat.com/show_bug.cgi?id=830999 
+
+* Sat Apr 23 2016 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.1-1
+- update to 2.4.3.1
+
+* Sat Apr 16 2016 Didier Fabert <didier.fabert@gmail.com> - 2.4.3.0-1
+- update to 2.4.3.0
+- switch upstream from sourceforge to github (official sources)
+- Patch to avoid narrowing errors
+
+* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.2.2-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2.2-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 2.4.2.2-8
+- Rebuilt for GCC 5 C++11 ABI change
+
+* Tue Sep 16 2014 Moez Roy <moez.roy@gmail.com> - 2.4.2.2-7
+- F21 build patch as suggested by Michael Schwendt on devel mailing list
+
+
+* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2.2-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Mon Mar  5 2012 Tom Callaway <spot@fedoraproject.org> - 2.4.2.2-1
+- update to 2.4.2.2
+
+* Tue Feb 28 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.1.2-14
+- Rebuilt for c++ ABI breakage
+
+* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.1.2-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.1.2-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 2.4.1.2-11
+- rebuilt with new openssl
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.1.2-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Tue Apr 7 2009 Steven M. Parrish <tuxbrewr@fedoraproject.org> - 2.4.1.2-9
+- Added support for /usr/lib64 & /usr/local/lib64
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.1.2-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 2.4.1.2-7
+- rebuild with new openssl
+
+* Mon Sep  8 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 2.4.1.2-6
+- fix license tag
+
+* Mon Feb 11 2008 Brandon Holbrook <fedora at theholbrooks.org> 2.4.1.2-5
+- Rebuild for gcc-4.3
+
+* Fri Dec 07 2007 Release Engineering <rel-eng at fedoraproject dot org> - 2.4.1.2-4
+- Rebuild for deps
+
+* Wed Aug 29 2007 Brandon Holbrook <fedora at theholbrooks.org> 2.4.1.2-3
+- Pull in a new config.guess to properly detect ppc64 archs
+
+* Wed Aug 29 2007 Brandon Holbrook <fedora at theholbrooks.org> 2.4.1.2-2
+- Upgrade to 2.4.1.2
+
+* Wed Feb 28 2007 Brandon Holbrook <fedora at theholbrooks.org> 2.4.1.1-1
+- Upgrade to upstream 2.4.1.1 (obsoletes gcc4 patch)
+- Merge quickstart.txt into README.Fedora and fix doc bug (#161764)
+
+* Thu Dec 21 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-4
+- Don't print anything at install time
+
+* Tue Dec 19 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-3
+- Changed defattr to 644,755
+- removed BR: autoconf
+- Inform users about README.Fedora instead of spamming the install
+  with catting the whole file
+
+* Wed Nov 15 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-2
+- chmod'ed /etc/tripwire to 0700
+- Added sed to Requires(post)
+
+* Tue Aug 22 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-1.4
+- Include COMMERCIAL file from upstream
+- Print README.RPM on initial install
+- Added _smp_mflags to make
+- Removed ExclusiveArch: ix86
+- Replaced 2.3 with 2.4 in tripwire.txt
+
+* Tue Aug 22 2006 Brandon Holbrook <fedora at theholbrooks.org> 2.4.0.1-1.2
+- Updated to 2.4.0.1
+
+* Thu Apr  7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
+- rebuilt
+
+* Tue Jun 15 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-20.fdr.1
+- Revision bump to supersede Fedora Legacy
+- Fixed a bogus entry in twpol.txt.in (modeprobe.conf -> modprobe.conf)
+
+* Thu Jun 10 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.9
+- Applied Paul Herman's patch to fix a format string vulnerability in
+ pipedmailmessage.cpp
+
+* Sun Feb 29 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.8
+- Default policy overhaul
+- Spec cleanup
+
+* Sun Feb 22 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.7
+- Moved documentation data out of package description
+
+* Sat Feb 21 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.6
+- Removed explicit Buildrequires gcc-c++
+
+* Fri Feb 20 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.5
+- Finally moved twinstall.sh from the sysconfdir to the sbindir, since
+  it is not a configuration file. Fixes Red Hat bug #61855
+- Renamed twinstall.sh to tripwire-setup-keyfiles, since  the  name  is
+  misleading. It is setting up keyfiles, not installing an  application
+- Minor correction to twinstall.sh (now tripwire-setup-keyfiles), which
+  made an incorrect reference to the site key rather than the local key
+- Long overdue default policy update
+- Added explicit Buildrequires gcc-c++, to satisfy mach
+
+* Thu Feb 19 2004 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.4
+- Fixed siggen.8 man page, broken command synopsis syntax. Submitted by
+  doclifter
+- Set real hostname in post, so  Tripwire  works  first  time,  without
+  editing twpol.txt
+- More accurate package summary
+- Spec cleanup
+
+* Fri Nov 28 2003 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.3
+- Thanks to Michael Schwendt for really cleaning up the Spec file
+- The remaining parts of the  original  tripwire-2.3.1-gcc3.patch  have
+  now been implemented
+- Debuginfo fully builds now
+
+* Thu Nov 27 2003 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.2
+- Removed version specific grep dependency, since grep >= 2.3 is common
+- Added openssl-devel and autoconf to build dependencies
+- The tripwire-jbj.patch is now confirmed merged with tw-20030919.patch
+- Added RPM optimisation flags option, disabled  by  default  since  it
+  breaks the code
+- Fixed file permissions of packaged files
+
+* Wed Nov 26 2003 Keith G. Robertson-Turner <tripwire-devel[AT]genesis-x.nildram.co.uk> 0:2.3.1-18.fdr.1
+- Implemented Paul Herman's tw-20030919.patch
+- Removed the fhs gcc3 and jbj patches, which are now  broken/obsoleted
+  by the above
+- Both the mkstemp and rfc822 patches are still implemented
+- Build uses autoconf for now
+- Spec file given complete overhaul for stricter compliance. More to do
+
+* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
+- rebuilt
+
+* Sat Nov 16 2002 Jeff Johnson <jbj@redhat.com> 2.3.1-16
+- rebuild from cvs.
+- comment out debug messages to achieve compilation.
+- include policyguide.txt (#72259).
+- use mkstemp, not mktemp.
+
+* Fri Aug 02 2002 Mike A. Harris <mharris@redhat.com> 2.3.1-14
+- Modified default sample twpol file to remove bogus warnings (#70502)
+
+* Fri Jun 21 2002 Tim Powers <timp@redhat.com> 2.3.1-13
+- automated rebuild
+
+* Sun May 26 2002 Tim Powers <timp@redhat.com> 2.3.1-12
+- automated rebuild
+
+* Wed May 22 2002 Mike A. Harris <mharris@redhat.com> 2.3.1-11
+- Rebuilt in new build environment with gcc 3.1
+
+* Tue Feb 26 2002 Mike A. Harris <mharris@redhat.com> 2.3.1-9
+- Conditionalized gcc3 patch
+- Added back the ExclusiveArch that is required but disappeared somewhere along
+  the line.
+- Rebuild in new build environment
+
+* Thu Jan 31 2002 Mike A. Harris <mharris@redhat.com> 2.3.1-7
+- Bump release and rebuild in new environment.
+- (Elliot Lee) Add patch to make it build with gcc3.
+
+* Thu Aug  9 2001 Nalin Dahyabhai <nalin@redhat.com> 2.3.1-5
+- define USE_FHS when USES_FHS is defined, so that the database winds up
+  in the right directory (#51332)
+- update default twpol file to include files recently-added to the full
+  installation tree
+
+* Tue Jul 17 2001 Mike A. Harris <mharris@redhat.com> 2.3.1-4
+- Applied bugfix for (#47276) to make tripwire email RFC822 compliant, using
+  patch in bugreport from Michael Schwendt <mschwendt@yahoo.com>
+
+* Tue Jul 10 2001 Mike A. Harris <mharris@redhat.com> 2.3.1-3
+- Made package own dir /var/lib/tripwire
+
+* Mon Jun 25 2001 Nalin Dahyabhai <nalin@redhat.com>
+- update to 2.3.1-2
+
+* Thu Mar  1 2001 Bill Nottingham <notting@redhat.com>
+- rebuild, fix defattr. Weird.
+
+* Tue Feb 27 2001 Nalin Dahyabhai <nalin@redhat.com>
+- refresh from upstream
+- modify the default policy to match the current tree more closely (#28744)
+- make the text files 0644, not 0755
+- defattr for the sake of the docs
+
+* Wed Sep 20 2000 Nalin Dahyabhai <nalin@redhat.com>
+- change exclusivearch: i386 to exclusivearch: %%{ix86} (#17759)
+
+* Wed Aug 23 2000 Than Ngo <than@redhat.com>
+- remove copyleft information in specfile (Bug #16765)
+
+* Tue Aug 22 2000 Nalin Dahyabhai <nalin@redhat.com>
+- remove duplicate source files
+- sync up description with specspo
+
+* Fri Aug 4 2000 Than Ngo <than@redhat.de>
+- remove Vendor and Distribution from specfile (Bug #15246)
+
+* Fri Aug 4 2000 Than Ngo <than@redhat.de>
+- starts tripwire --check if it was configured before. (Bug #15384)
+
+* Fri Aug 4 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix sense of checking for the database's existence in the cron job
+- actually include twinstall.sh, twcfg.txt, twpol.txt
+
+* Thu Aug 3 2000 Than Ngo <than@redhat.de>
+- permission fix (bug #15246)
+
+* Mon Jul 31 2000 Nalin Dahyabhai <nalin@redhat.com>
+- add quickstart docs (Ed)
+- tweak description text (Ed)
+
+* Thu Jul 20 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update .spec file to follow RPM conventions
+- add tripwire --check to cron.daily
+

twcfg.txt.in

@@ -0,0 +1,15 @@
+ROOT                   =@sbindir@
+POLFILE                =@sysconfdir@/tripwire/tw.pol
+DBFILE                 =@vardir@/lib/tripwire/$(HOSTNAME).twd
+REPORTFILE             =@vardir@/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr
+SITEKEYFILE            =@sysconfdir@/tripwire/site.key
+LOCALKEYFILE           =@sysconfdir@/tripwire/$(HOSTNAME)-local.key
+EDITOR                 =@path_to_vi@
+LATEPROMPTING          =false
+LOOSEDIRECTORYCHECKING =false
+MAILNOVIOLATIONS       =true
+EMAILREPORTLEVEL       =3
+REPORTLEVEL            =3
+MAILMETHOD             =SENDMAIL
+SYSLOGREPORTING        =false
+MAILPROGRAM            =@path_to_sendmail@ -oi -t