Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages

Manual Reference Pages  -  YAFIC (1)


yafic -- yet another file integrity checker


Return Values
See Also


yafic [-HVhpvs] [-C config] [-k keyfile] [-r root] [-c known-database] [-u new-database |-d exist-database ]
yafic [-Vhv] [-r root] [-t type] -l database


yafic is Yet Another File Integrity Checker. yafic saves information about the state of a filesystem to a database. Later, yafic can be used to compare the current state of the filesystem against the saved database, letting you know of any changed, added, or removed files.

yafic reads a configuration file (see yafic.conf(5)) which specifies how it should examine the filesystem.

See NOTES below for information on yafic’s cryptographic support.


The options are as follows:
-H Outputs to stderr the SHA-1 hash of new-database. If given twice, the SHA-1 hashes of config and known-database are also displayed.
-V Display version information.
-h Display help summary.
-p Expect keyfile to be a public key rather than a private key.
-v Increase verbosity. May be given multiple times. More than twice will slow yafic down!
-s Show simple output. If given twice, output will be even simpler! (‘‘cvs update’’ style)
-C config
  Specifies an alternate configuration file to use. By default yafic.conf is read from the current directory.
-k keyfile
  Specifies an RSA/DSA key to use for signing/verification operations. By default, keyfile is expected to be a private key (see the -p option above).
-r root
  Specifies an alternate root. The default root is ‘‘/’’. If given, all paths specified in yafic.conf are taken relative to root.
-c known-database
  Checks the state of the filesystem against known-database. Any modified or added files are reported. In order for removed files to be reported, the -u option must be given as well. If known-database is ‘‘-’’, the default yafic.db is assumed.
-u new-database
  Examine the current state of the filesystem and save it to new-database. If new-database is is ‘‘-’’, then it is assumed to be yafic_new.db.
-d exist-database
  Rather than comparing known-database with the filesystem, it is instead compared with exist-database. The -c option must be given as well. This is mutually exclusive of the -u option above.
-l database
  List entries in database. The entries will not be in any specific order. If the -v option is given, in addition to the names, the various file attributes for each entry are also displayed.
-t type
  By default, -l will list all entries. The listing can be limited to certain types of entries by this option. type may be a one or more of the following:
d List directories.
f List files.
l List symbolic links.
s List special files. (i.e. everything else)
Note that if neither -c, -u or -l options are given, then nothing is done beyond parsing the configuration file. Used in conjunction with -vv (-v given twice), this can useful for verifying that the configuration file is being parsed the way you think it is. (Each entry is listed along with the flags for itself as well as its contents. ‘‘-’’ denotes that the entry or its contents are ignored.)


The -k and -p options are only available if yafic was compiled with crypto support (the default).

If the -k option is given, then config, known-database (if given) and exist-database (if given) will be verified against their respective signatures.

A signature for new-database will be created if and only if -k is given and keyfile is a private key.

keyfile is expected to be an RSA or DSA key. See openssl(1), genrsa(1), gendsa(1), and specifically:

Signatures can be created and verified independently of yafic. See yafic-sign(1) and yafic-check(1).

Signature files have the same name as their corresponding files, but with the extension .sig.


yafic exists with one of the following values:
0 yafic completed successfully.
1 An error occurred.
2 There was a problem with the arguments given to yafic.
3 The verification of a file against its signature failed.


  Default configuration file.
  Default known database.
  Default updated database.


yafic-sign(1), yafic-check(1), yafic.conf(5), openssl(1), genrsa(1), gendsa(1)
Search for    or go to Top of page |  Section 1 |  Main Index

--> YAFIC (1) December 12, 2003

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.