GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
YAFIC(1) FreeBSD General Commands Manual YAFIC(1)

yafic -- yet another file integrity checker

yafic
[-HVhpvs] [-C config] [-k keyfile] [-r root] [-c known-database] [-u new-database | -d exist-database ]
yafic
[-Vhv] [-r root] [-t type] -l database

yafic is Yet Another File Integrity Checker. yafic saves information about the state of a filesystem to a database. Later, yafic can be used to compare the current state of the filesystem against the saved database, letting you know of any changed, added, or removed files.

yafic reads a configuration file (see yafic.conf(5)) which specifies how it should examine the filesystem.

See NOTES below for information on yafic's cryptographic support.

The options are as follows:
-H
Outputs to stderr the SHA-1 hash of new-database. If given twice, the SHA-1 hashes of config and known-database are also displayed.
-V
Display version information.
-h
Display help summary.
-p
Expect keyfile to be a public key rather than a private key.
-v
Increase verbosity. May be given multiple times. More than twice will slow yafic down!
-s
Show simple output. If given twice, output will be even simpler! (``cvs update'' style)

-C config

Specifies an alternate configuration file to use. By default yafic.conf is read from the current directory.

-k keyfile

Specifies an RSA/DSA key to use for signing/verification operations. By default, keyfile is expected to be a private key (see the -p option above).

-r root

Specifies an alternate root. The default root is ``/''. If given, all paths specified in yafic.conf are taken relative to root.

-c known-database

Checks the state of the filesystem against known-database. Any modified or added files are reported. In order for removed files to be reported, the -u option must be given as well. If known-database is ``-'', the default yafic.db is assumed.

-u new-database

Examine the current state of the filesystem and save it to new-database. If new-database is is ``-'', then it is assumed to be yafic_new.db.

-d exist-database

Rather than comparing known-database with the filesystem, it is instead compared with exist-database. The -c option must be given as well. This is mutually exclusive of the -u option above.

-l database

List entries in database. The entries will not be in any specific order. If the -v option is given, in addition to the names, the various file attributes for each entry are also displayed.

-t type

By default, -l will list all entries. The listing can be limited to certain types of entries by this option. type may be a one or more of the following:
d
List directories.
f
List files.
l
List symbolic links.
s
List special files. (i.e. everything else)

Note that if neither -c, -u or -l options are given, then nothing is done beyond parsing the configuration file. Used in conjunction with -vv (-v given twice), this can useful for verifying that the configuration file is being parsed the way you think it is. (Each entry is listed along with the flags for itself as well as its contents. ``-'' denotes that the entry or its contents are ignored.)

The -k and -p options are only available if yafic was compiled with crypto support (the default).

If the -k option is given, then config, known-database (if given) and exist-database (if given) will be verified against their respective signatures.

A signature for new-database will be created if and only if -k is given and keyfile is a private key.

keyfile is expected to be an RSA or DSA key. See openssl(1), genrsa(1), gendsa(1), and specifically:

http://www.openssl.org/docs/HOWTO/keys.txt

Signatures can be created and verified independently of yafic. See yafic-sign(1) and yafic-check(1).

Signature files have the same name as their corresponding files, but with the extension .sig.

yafic exists with one of the following values:
0
yafic completed successfully.
1
An error occurred.
2
There was a problem with the arguments given to yafic.
3
The verification of a file against its signature failed.

yafic.conf
Default configuration file.
yafic.db
Default known database.
yafic_new.db
Default updated database.

yafic-sign(1), yafic-check(1), yafic.conf(5), openssl(1), genrsa(1), gendsa(1)
December 12, 2003

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.