Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

YAFIC(1)							      YAFIC(1)

NAME
       yafic -- yet another file integrity checker

SYNOPSIS
       yafic [-HVhpvs]	[-C config] [-k keyfile] [-r root] [-c known-database]
	     [-u new-database | -d exist-database ]

       yafic [-Vhv] [-r root] [-t type] -l database

DESCRIPTION
       yafic is Yet Another File Integrity Checker.  yafic  saves  information
       about the state of a filesystem to a database. Later, yafic can be used
       to compare the current state of the filesystem against the saved	 data‐
       base, letting you know of any changed, added, or removed files.

       yafic  reads  a	configuration file (see yafic.conf(5)) which specifies
       how it should examine the filesystem.

       See NOTES below for information on yafic's cryptographic support.

OPTIONS
       The options are as follows:

       -H     Outputs to stderr the SHA-1  hash	 of  new-database.   If	 given
	      twice,  the  SHA-1  hashes of config and known-database are also
	      displayed.

       -V     Display version information.

       -h     Display help summary.

       -p     Expect keyfile to be a public key rather than a private key.

       -v     Increase verbosity. May be given multiple times. More than twice
	      will slow yafic down!

       -s     Show simple output. If given twice, output will be even simpler!
	      (``cvs update'' style)

       -C config
	      Specifies an alternate configuration file	 to  use.  By  default
	      yafic.conf is read from the current directory.

       -k keyfile
	      Specifies	 an RSA/DSA key to use for signing/verification opera‐
	      tions. By default, keyfile is expected to be a private key  (see
	      the -p option above).

       -r root
	      Specifies	 an  alternate	root.  The  default  root is ``/''. If
	      given, all paths specified in yafic.conf are taken  relative  to
	      root.

       -c known-database
	      Checks  the state of the filesystem against known-database.  Any
	      modified or added files are reported. In order for removed files
	      to  be  reported, the -u option must be given as well. If known-
	      database is ``-'', the default yafic.db is assumed.

       -u new-database
	      Examine the current state of the filesystem and save it to  new-
	      database.	 If new-database is is ``-'', then it is assumed to be
	      yafic_new.db.

       -d exist-database
	      Rather than comparing known-database with the filesystem, it  is
	      instead  compared	 with  exist-database.	 The -c option must be
	      given as well. This is  mutually	exclusive  of  the  -u	option
	      above.

       -l database
	      List  entries  in database.  The entries will not be in any spe‐
	      cific order. If the -v option  is	 given,	 in  addition  to  the
	      names,  the various file attributes for each entry are also dis‐
	      played.

       -t type
	      By default, -l will list all entries. The listing can be limited
	      to  certain  types of entries by this option.  type may be a one
	      or more of the following:

	      d	     List directories.

	      f	     List files.

	      l	     List symbolic links.

	      s	     List special files. (i.e. everything else)

       Note that if neither -c, -u or -l options are given,  then  nothing  is
       done  beyond  parsing  the configuration file. Used in conjunction with
       -vv (-v given twice), this can useful for verifying that the configura‐
       tion  file  is  being  parsed  the  way you think it is. (Each entry is
       listed along with the flags for itself as well as its  contents.	 ``-''
       denotes that the entry or its contents are ignored.)

NOTES
       The  -k	and  -p	 options are only available if yafic was compiled with
       crypto support (the default).

       If the -k option is given, then config, known-database (if  given)  and
       exist-database  (if  given)  will  be verified against their respective
       signatures.

       A signature for new-database will be created if and only if -k is given
       and keyfile is a private key.

       keyfile is expected to be an RSA or DSA key. See openssl(1), genrsa(1),
       gendsa(1), and specifically:

	      http://www.openssl.org/docs/HOWTO/keys.txt

       Signatures can be created and verified  independently  of  yafic.   See
       yafic-sign(1) and yafic-check(1).

       Signature  files	 have  the same name as their corresponding files, but
       with the extension .sig.

RETURN VALUES
       yafic exists with one of the following values:

       0      yafic completed successfully.

       1      An error occurred.

       2      There was a problem with the arguments given to yafic.

       3      The verification of a file against its signature failed.

FILES
       yafic.conf
	      Default configuration file.

       yafic.db
	      Default known database.

       yafic_new.db
	      Default updated database.

SEE ALSO
       yafic-sign(1), yafic-check(1),  yafic.conf(5),  openssl(1),  genrsa(1),
       gendsa(1)

			       December 12, 2003		      YAFIC(1)

Vote for polarhome