bart_manifest - system audit manifest file
The bart(1M) command generates a manifest that describes the contents of a managed host. A manifest consists of a header and entries. Each entry represents a single file. Entries are sorted in ascending order by file name. Any nonstandard file names, such as those that contain embedded newline or tab characters, have the special characters quoted prior to being sorted. See Quoting Syntax.
Lines that begin with ! supply metadata about the manifest. The manifest version line indicates the manifest specification version. The date line shows the date on which the manifest was created, in date(1) form.
Some lines are ignored by the manifest comparison tool. Ignored lines include blank lines, lines that consist only of white space, and comments that begin with #.
In addition to metadata lines, the header contains the format comment block. This comment block lists the attributes reported for each file type.
To see the format of a manifest file, see EXAMPLES.
Each manifest file entry is a single line of one of the following forms, depending on the file type:
fname D size mode acl dirmtime uid gid fname P size mode acl mtime uid gid fname S size mode acl mtime uid gid fname F size mode acl mtime uid gid contents fname L size mode acl lnmtime uid gid dest fname B size mode acl mtime uid gid devnode fname C size mode acl mtime uid gid devnode
The fields of the manifest file entries are described as follows:
fname
type
Possible values for type are as follows:
B
C
D
F
L
P
S
size
mode
acl
uid
gid
dirmtime
lnmtime
mtime
contents
dest
devnode
The rules file supports a quoting syntax for representing nonstandard file names.
When generating a manifest for file names that embeded TAB, SPACE, or NEWLINE characters, the special characters are encoded in their octal forms.
|
Example 1 Sample Manifest File
The following is a sample system manifest file. The file entries are sorted by the encoded versions of the file names to correctly handle special characters.
! Version 1.0 ! Mon Feb 11 10:55:30 2002 # Format: # fname D size mode acl dirmtime uid gid # fname P size mode acl mtime uid gid # fname S size mode acl mtime uid gid # fname F size mode acl mtime uid gid contents # fname L size mode acl lnmtime uid gid dest # fname B size mode acl mtime uid gid devnode # fname C size mode acl mtime uid gid devnode /etc D 3584 40755 user::rwx,group::r-x,mask::r-x,other::r-x, 3c6803d7 0 3 /etc/.login F 524 100644 user::rw-,group::r--,mask::r--,other::r--, 3c165878 0 3 27b53d5c3e844af3306f1f12b330b318 /etc/.pwd.lock F 0 100600 user::rw-,group::---,mask::---,other::---, 3c166121 0 0 d41d8cd98f00b204e9800998ecf8427e /etc/.syslog_door L 20 120777 user::rw-,group::r--,mask:: rwx,other::r--,3c6803d5 0 0 /var/run/syslog_door /etc/autopush L 16 120777 user::r-x,group::r-x,mask::r-x,other::r-x, 3c165863 0 0 ../sbin/autopush /etc/cron.d/FIFO P 0 10600 user::rw-,group::---,mask::---,other::---, 3c6803d5 0 0
date(1), bart(1M), bart_rules(4), attributes(5)
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |