mtree.8 (141846) | mtree.8 (144295) |
---|---|
1.\" Copyright (c) 1989, 1990, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 12 unchanged lines hidden (view full) --- 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" From: @(#)mtree.8 8.2 (Berkeley) 12/11/93 | 1.\" Copyright (c) 1989, 1990, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 12 unchanged lines hidden (view full) --- 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" From: @(#)mtree.8 8.2 (Berkeley) 12/11/93 |
29.\" $FreeBSD: head/usr.sbin/mtree/mtree.8 141846 2005-02-13 22:25:33Z ru $ | 29.\" $FreeBSD: head/usr.sbin/mtree/mtree.8 144295 2005-03-29 11:44:17Z tobez $ |
30.\" 31.Dd January 11, 2004 32.Dt MTREE 8 33.Os 34.Sh NAME 35.Nm mtree 36.Nd map a directory hierarchy 37.Sh SYNOPSIS --- 161 unchanged lines hidden (view full) --- 199.It Cm md5digest 200The MD5 message digest of the file. 201.It Cm sha1digest 202The 203.Tn FIPS 204160-1 205.Pq Dq Tn SHA-1 206message digest of the file. | 30.\" 31.Dd January 11, 2004 32.Dt MTREE 8 33.Os 34.Sh NAME 35.Nm mtree 36.Nd map a directory hierarchy 37.Sh SYNOPSIS --- 161 unchanged lines hidden (view full) --- 199.It Cm md5digest 200The MD5 message digest of the file. 201.It Cm sha1digest 202The 203.Tn FIPS 204160-1 205.Pq Dq Tn SHA-1 206message digest of the file. |
207.It Cm sha256digest 208The 209.Tn FIPS 210180-2 211.Pq Dq Tn SHA-256 212message digest of the file. |
|
207.It Cm ripemd160digest 208The 209.Tn RIPEMD160 210message digest of the file. 211.It Cm mode 212The current file's permissions as a numeric (octal) or symbolic 213value. 214.It Cm nlink --- 97 unchanged lines hidden (view full) --- 312.El 313.Sh EXIT STATUS 314.Ex -std 315.Sh EXAMPLES 316To detect system binaries that have been ``trojan horsed'', it is recommended 317that 318.Nm 319.Fl K | 213.It Cm ripemd160digest 214The 215.Tn RIPEMD160 216message digest of the file. 217.It Cm mode 218The current file's permissions as a numeric (octal) or symbolic 219value. 220.It Cm nlink --- 97 unchanged lines hidden (view full) --- 318.El 319.Sh EXIT STATUS 320.Ex -std 321.Sh EXAMPLES 322To detect system binaries that have been ``trojan horsed'', it is recommended 323that 324.Nm 325.Fl K |
320.Cm sha1digest | 326.Cm sha256digest |
321be run on the file systems, and a copy of the results stored on a different 322machine, or, at least, in encrypted form. 323The output file itself should be digested using the | 327be run on the file systems, and a copy of the results stored on a different 328machine, or, at least, in encrypted form. 329The output file itself should be digested using the |
324.Xr md5 1 | 330.Xr sha256 1 |
325utility. 326Then, periodically, 327.Nm 328and | 331utility. 332Then, periodically, 333.Nm 334and |
329.Xr md5 1 | 335.Xr sha256 1 |
330should be run against the on-line specifications. 331While it is possible for the bad guys to change the on-line specifications 332to conform to their modified binaries, it is believed to be 333impractical for them to create a modified specification which has | 336should be run against the on-line specifications. 337While it is possible for the bad guys to change the on-line specifications 338to conform to their modified binaries, it is believed to be 339impractical for them to create a modified specification which has |
334the same MD5 digest as the original. | 340the same SHA-256 digest as the original. |
335.Pp 336The 337.Fl d 338and 339.Fl u 340options can be used in combination to create directory hierarchies 341for distributions and other such things; the files in 342.Pa /etc/mtree --- 24 unchanged lines hidden (view full) --- 367The 368.Tn SHA-1 369and 370.Tn RIPEMD160 371digests were added in 372.Fx 4.0 , 373as new attacks have demonstrated weaknesses in 374.Tn MD5 . | 341.Pp 342The 343.Fl d 344and 345.Fl u 346options can be used in combination to create directory hierarchies 347for distributions and other such things; the files in 348.Pa /etc/mtree --- 24 unchanged lines hidden (view full) --- 373The 374.Tn SHA-1 375and 376.Tn RIPEMD160 377digests were added in 378.Fx 4.0 , 379as new attacks have demonstrated weaknesses in 380.Tn MD5 . |
381The 382.Tn SHA-256 383digest was added in 384.Fx 6.0 . |
|
375Support for file flags was added in 376.Fx 4.0 , 377and mostly comes from 378.Nx . | 385Support for file flags was added in 386.Fx 4.0 , 387and mostly comes from 388.Nx . |