mtree.8 (3468) | mtree.8 (6286) |
---|---|
1.\" Copyright (c) 1989, 1990, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 15 unchanged lines hidden (view full) --- 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" | 1.\" Copyright (c) 1989, 1990, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 15 unchanged lines hidden (view full) --- 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" |
32.\" @(#)mtree.8 8.2 (Berkeley) 12/11/93 | 32.\" From: @(#)mtree.8 8.2 (Berkeley) 12/11/93 33.\" $Id$ |
33.\" | 34.\" |
34.Dd December 11, 1993 | 35.Dd February 9, 1995 |
35.Dt MTREE 8 36.Os 37.Sh NAME 38.Nm mtree 39.Nd map a directory hierarchy 40.Sh SYNOPSIS 41.Nm mtree 42.Op Fl cdeinrUux --- 86 unchanged lines hidden (view full) --- 129.Xr cksum 1 130utility. 131.It Cm ignore 132Ignore any file hierarchy below this file. 133.It Cm gid 134The file group as a numeric value. 135.It Cm gname 136The file group as a symbolic name. | 36.Dt MTREE 8 37.Os 38.Sh NAME 39.Nm mtree 40.Nd map a directory hierarchy 41.Sh SYNOPSIS 42.Nm mtree 43.Op Fl cdeinrUux --- 86 unchanged lines hidden (view full) --- 130.Xr cksum 1 131utility. 132.It Cm ignore 133Ignore any file hierarchy below this file. 134.It Cm gid 135The file group as a numeric value. 136.It Cm gname 137The file group as a symbolic name. |
138.It Cm md5digest 139The MD5 message digest of the file. |
|
137.It Cm mode 138The current file's permissions as a numeric (octal) or symbolic 139value. 140.It Cm nlink 141The number of hard links the file is expected to have. 142.It Cm uid 143The file owner as a numeric value. 144.It Cm uname --- 82 unchanged lines hidden (view full) --- 227and 2 if the file hierarchy did not match the specification. 228A status of 2 is converted to a status of 0 if the 229.Fl U 230option is used. 231.Sh EXAMPLES 232To detect system binaries that have been ``trojan horsed'', it is recommended 233that 234.Nm mtree | 140.It Cm mode 141The current file's permissions as a numeric (octal) or symbolic 142value. 143.It Cm nlink 144The number of hard links the file is expected to have. 145.It Cm uid 146The file owner as a numeric value. 147.It Cm uname --- 82 unchanged lines hidden (view full) --- 230and 2 if the file hierarchy did not match the specification. 231A status of 2 is converted to a status of 0 if the 232.Fl U 233option is used. 234.Sh EXAMPLES 235To detect system binaries that have been ``trojan horsed'', it is recommended 236that 237.Nm mtree |
238.Fl K 239.Cm md5digest |
|
235be run on the file systems, and a copy of the results stored on a different 236machine, or, at least, in encrypted form. | 240be run on the file systems, and a copy of the results stored on a different 241machine, or, at least, in encrypted form. |
237The seed for the 238.Fl s 239option should not be an obvious value and the final checksum should not be 240stored on-line under any circumstances! | 242The output file itself should be digested using the 243.Xr md5 1 244utility. |
241Then, periodically, 242.Nm mtree | 245Then, periodically, 246.Nm mtree |
243should be run against the on-line specifications and the final checksum 244compared with the previous value. | 247and 248.Xr md5 1 249should be run against the on-line specifications. |
245While it is possible for the bad guys to change the on-line specifications | 250While it is possible for the bad guys to change the on-line specifications |
246to conform to their modified binaries, it shouldn't be possible for them 247to make it produce the same final checksum value. 248If the final checksum value changes, the off-line copies of the specification 249can be used to detect which of the binaries have actually been modified. | 251to conform to their modified binaries, it is believed to be 252impractical for them to create a modified specification which has 253the same MD5 digest as the original. |
250.Pp 251The 252.Fl d 253and 254.Fl u 255options can be used in combination to create directory hierarchies | 254.Pp 255The 256.Fl d 257and 258.Fl u 259options can be used in combination to create directory hierarchies |
256for distributions and other such things. | 260for distributions and other such things; the files in 261.Pa /etc/mtree 262were used to create almost all diectories in this 263.Tn FreeBSD 264distribution. |
257.Sh FILES 258.Bl -tag -width /etc/mtree -compact 259.It Pa /etc/mtree 260system specification directory 261.El 262.Sh SEE ALSO 263.Xr chmod 1 , 264.Xr chown 1 , 265.Xr chgrp 1 , 266.Xr cksum 1 , | 265.Sh FILES 266.Bl -tag -width /etc/mtree -compact 267.It Pa /etc/mtree 268system specification directory 269.El 270.Sh SEE ALSO 271.Xr chmod 1 , 272.Xr chown 1 , 273.Xr chgrp 1 , 274.Xr cksum 1 , |
275.Xr md5 1 , |
|
267.Xr stat 2 , 268.Xr fts 3 , | 276.Xr stat 2 , 277.Xr fts 3 , |
278.Xr md5 3 |
|
269.Sh HISTORY 270The 271.Nm mtree 272utility appeared in 273.Bx 4.3 Reno . | 279.Sh HISTORY 280The 281.Nm mtree 282utility appeared in 283.Bx 4.3 Reno . |
284The MD5 digest capability was added in 285.Tn FreeBSD 2862.1, in response to the widespread use of programs which can spoof 287.Xr cksum 1 . 288 |
|