mirror of https://github.com/tLDP/LDP
116 lines
2.9 KiB
Bash
116 lines
2.9 KiB
Bash
#!/bin/bash
|
|
# file-integrity.sh: Checking whether files in a given directory
|
|
# have been tampered with.
|
|
|
|
E_DIR_NOMATCH=80
|
|
E_BAD_DBFILE=81
|
|
|
|
dbfile=File_record.md5
|
|
# Filename for storing records (database file).
|
|
|
|
|
|
set_up_database ()
|
|
{
|
|
echo ""$directory"" > "$dbfile"
|
|
# Write directory name to first line of file.
|
|
md5sum "$directory"/* >> "$dbfile"
|
|
# Append md5 checksums and filenames.
|
|
}
|
|
|
|
check_database ()
|
|
{
|
|
local n=0
|
|
local filename
|
|
local checksum
|
|
|
|
# ------------------------------------------- #
|
|
# This file check should be unnecessary,
|
|
#+ but better safe than sorry.
|
|
|
|
if [ ! -r "$dbfile" ]
|
|
then
|
|
echo "Unable to read checksum database file!"
|
|
exit $E_BAD_DBFILE
|
|
fi
|
|
# ------------------------------------------- #
|
|
|
|
while read record[n]
|
|
do
|
|
|
|
directory_checked="${record[0]}"
|
|
if [ "$directory_checked" != "$directory" ]
|
|
then
|
|
echo "Directories do not match up!"
|
|
# Tried to use file for a different directory.
|
|
exit $E_DIR_NOMATCH
|
|
fi
|
|
|
|
if [ "$n" -gt 0 ] # Not directory name.
|
|
then
|
|
filename[n]=$( echo ${record[$n]} | awk '{ print $2 }' )
|
|
# md5sum writes records backwards,
|
|
#+ checksum first, then filename.
|
|
checksum[n]=$( md5sum "${filename[n]}" )
|
|
|
|
|
|
if [ "${record[n]}" = "${checksum[n]}" ]
|
|
then
|
|
echo "${filename[n]} unchanged."
|
|
|
|
elif [ "`basename ${filename[n]}`" != "$dbfile" ]
|
|
# Skip over checksum database file,
|
|
#+ as it will change with each invocation of script.
|
|
# ---
|
|
# This unfortunately means that when running
|
|
#+ this script on $PWD, tampering with the
|
|
#+ checksum database file will not be detected.
|
|
# Exercise: Fix this.
|
|
then
|
|
echo "${filename[n]} : CHECKSUM ERROR!"
|
|
# File has been changed since last checked.
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
let "n+=1"
|
|
done <"$dbfile" # Read from checksum database file.
|
|
|
|
}
|
|
|
|
# =================================================== #
|
|
# main ()
|
|
|
|
if [ -z "$1" ]
|
|
then
|
|
directory="$PWD" # If not specified,
|
|
else #+ use current working directory.
|
|
directory="$1"
|
|
fi
|
|
|
|
clear # Clear screen.
|
|
echo " Running file integrity check on $directory"
|
|
echo
|
|
|
|
# ------------------------------------------------------------------ #
|
|
if [ ! -r "$dbfile" ] # Need to create database file?
|
|
then
|
|
echo "Setting up database file, \""$directory"/"$dbfile"\"."; echo
|
|
set_up_database
|
|
fi
|
|
# ------------------------------------------------------------------ #
|
|
|
|
check_database # Do the actual work.
|
|
|
|
echo
|
|
|
|
# You may wish to redirect the stdout of this script to a file,
|
|
#+ especially if the directory checked has many files in it.
|
|
|
|
exit 0
|
|
|
|
# For a much more thorough file integrity check,
|
|
#+ consider the "Tripwire" package,
|
|
#+ http://sourceforge.net/projects/tripwire/.
|