Dear all,

I am a student in a computational chemistry lab. I suspect that the root (the system administrator) sometimes sabotage my files but I don't know how to prove it...Could somebody advice on how to catch him?
Some script?

Thanks

Ask the system administrator (politely) - that's the fastest way to do it. If he was doing it, knowing that someone suspects may stop it happening again.

Also, backup your files after each session to a USB key or even via email. When you next login to the PC, use diff to see if they've changed while you were away.

By the way, how exactly are your files changing?

I have 40G of Data and backup them everyday is imposssible....I found some file half erased..or something like that....and last day I found my .cshrc file under the root permission...it means that I was not able to change it myself...I told him and He replied that he didn't know how it could be happened....ridiculos.

I can't explain why .cshrc would have changed to root ownership - it does sound suspicious. Unfortunately anything you do that is left on the box, he can find out about.

You can generate checksums for your data. It's slow (takes a couple of minutes for just over 4GB of data) but the following generates a file containing md5sum output for all of the files under my home directory and logs it to /tmp/md5sum.log. The output for my 4GB is about 65KB so it's easy to take that off the box and keep it to diff against the output next time:
40GB of data may take too long, but if not at least you'll know which files have changed.