From owner-freebsd-chat  Fri Sep 15 16:14:53 2000
Delivered-To: freebsd-chat@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
	by hub.freebsd.org (Postfix) with ESMTP id 1743F37B43C
	for <freebsd-chat@freebsd.org>; Fri, 15 Sep 2000 16:14:52 -0700 (PDT)
Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Fri, 15 Sep 2000 16:13:40 -0700
Received: (from cjc@localhost)
	by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id e8FNEZ297435;
	Fri, 15 Sep 2000 16:14:35 -0700 (PDT)
	(envelope-from cjc)
Date: Fri, 15 Sep 2000 16:14:30 -0700
From: "Crist J . Clark" <cjclark@reflexnet.net>
To: "Jason C. Wells" <jcwells@nwlink.com>
Cc: freebsd-chat@FreeBSD.ORG
Subject: Re: Tripwire vs. Mtree
Message-ID: <20000915161430.A97377@149.211.6.64.reflexcom.com>
Reply-To: cjclark@alum.mit.edu
References: <20000915133313.A58409@freefall.freebsd.org> <Pine.SOL.3.96.1000915140027.13921A-100000@utah>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <Pine.SOL.3.96.1000915140027.13921A-100000@utah>; from jcwells@nwlink.com on Fri, Sep 15, 2000 at 02:06:03PM -0700
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, Sep 15, 2000 at 02:06:03PM -0700, Jason C. Wells wrote:
> On Fri, 15 Sep 2000, Kris Kennaway wrote:
> 
> > Well, thats not a fundamental problem - you can trivially link mtree
> > statically.  Basically, I think mtree can do everything tripwire can,
> > but it's a raw tool, not a ready-to-use product and you will have to do
> > a bit of scripting to use it like that. 
> 
> I have never implemented any type of integrity checking.  I know mtree
> runs on installworld but thats about it.
> 
> I think I am going to give it a go with the native tool.  I do recall the
> database format as being rather terse.  Perhaps user issues will steer me
> toward tripwire.

From a quick review of the mtree(8) manpage and from experience with
tripwire, I see just a few capabilities that tripwire has that mtree
does not. mtree does not seem to have the capability to check inode
number. mtree only can check modification time. There is no facility
to check creation time or access time.

But to be honest, I never realized mtree was as powerful as it is. The
fact that the file specification info is quite human readable would
make doing detailed modifications easy, and that can be awkward in the
tripwire configuration file. However, scripting to build the basis of
a specification file for mtree that will not be extremely labor
intensive to tweek is a non-trivial job.
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message