Date: Tue, 26 Jul 2005 10:52:25 +1000 From: freebsd-questions@auscert.org.au To: freebsd-questions@freebsd.org Subject: Re: How to create mtree files? Message-ID: <200507260052.j6Q0qPYj020484@app.auscert.org.au> In-Reply-To: Your message of "25 Jul 2005 13:26:10 -0400." <44fyu2n6fh.fsf@be-well.ilk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> freebsd-questions@auscert.org.au writes: > > > I would like to use the mtree utility to confirm no changes have > > occurred to system files since 'make installworld', similar to that > > possible with 'mtree -f /cdrom/5.4-RELEASE/base/base.mtree' on a > > release installation. This would also give the added advantage of > > being able to determine the current buildlevel of an installed > > system, I believe. Is it possible/easy to create new mtree files > > after the buildworld or installworld process? I've looked at the > > Release Engineering docs but it seems more than what I'd like to > > do. I should add that I am running tripwire, but I really want to > > have a quick way to verify which files were part of which installworld. > > "man 8 mtree" has full details. > > "mtree -c -p /" is the start of what you're looking for. Thanks - I misinterpreted what the '-c' flag does, but after running your example it all makes sense now. To wrap this up for me, is mtree the way to maintain a record of at what level a particular build was performed? In other words, using 'uname -a' tells me when the kernel was built, but what best tells me when /usr/bin/telnet was patched and built and against what source? cheers, -- Joel Hatton -- Security Analyst | Hotline: +61 7 3365 4417 AusCERT - Australia's national CERT | Fax: +61 7 3365 7031 The University of Queensland | WWW: www.auscert.org.au Qld 4072 Australia | Email: auscert@auscert.org.au
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507260052.j6Q0qPYj020484>