bash script question
I have written a script to compare a file containing the md5sums of all files in a directory. I would like to compare this file with a master file of the same type to monitor that these files are not changed.
There will be many authorised changes made via scripting and a new master file will be created after each authorised change. Using tripwire it just goes batty - hence the need for a script (before anyone asks :-) Anyway - it's bailing at the if statement, what it's supposed to do is check whether if a is = to b then quit else run ... Here's the script - thanks for any help. #!/bin/bash # create md5 list and compare to master list # list files that have been changed (if any) and mail admins # ########################## # Set variables #########################1# master="/tmp/master" compare="/tmp/compare" changed="/tmp/changed" notify="/tmp/notify" EMAILLIST="user@domain" ############################# #Path to programs ############################# diff="/usr/bin/diff" mail="/bin/mail" cat="/bin/cat" ############################################################ #create compare file find /home/test/list/ -type f -exec md5sum \{\} \; >/tmp/compare #compare the two md5 files if [ "a${master}" != "a${compare}" ]; then exit 1 else #diff the files and create changed file diff $master $compare > /tmp/changed # echo "^MFiles that have been changed:" >$notify echo "^M" >>$notify cat $changed |awk ' { print $3 }' >> $notify mail -s "Unauthorized Website Change" ${EMAILLIST} < $notify #clean up files #rm $compare $changed $notify fi |
fixed it - here is the working script for anyone who is curious
(btw - the ^M is a line break created by ctrl-v ctrl-M) #!/bin/bash # create md5 list and compare to master list # list files that have been changed (if any) and mail admins # ######################### # Set variables ######################### master="/tmp/master" compare="/tmp/compare" changed="/tmp/changed" notify="/tmp/notify" EMAILLIST="user@domain.com" ######################### #create compare file # find /home/user/test/ -type f -exec md5sum \{\} \; >/tmp/compare #compare the two md5 files if [ "a${master}" = "a${compare}" ]; then echo "Files Are the same." exit 0 fi #diff the files and create changed file diff $master $compare > $changed # echo "^MFiles that have been changed:" >$notify echo "^M" >>$notify cat $changed |awk ' { print $3 }' >> $notify #strips md5sum and lists only the files mail -s "Unauthorized Change" ${EMAILLIST} < $notify #clean up files rm $compare $changed $notify |
Re: bash script question
hmmm... never mind. you fixed it while i was responding....
|
I don't believe you can compare files that way. You should
probably diff them then check the return value of diff to see if they are different and mail yourself the results if they are. diff $master $compare > /tmp/changed if [ ! $? -eq 0 ]; then #mail yourself the diffs fi Also you probably want to change the /tmp/changed file to a randomly generated name otherwise you'll be very vulnerable to a link attack. Initialize it with something like compare=changed`dd if=/dev/random bs=1 count=10 2>/dev/null | md5sum | cut -f1 -d" '` That'll give you a nice unpredictable name, that's just off the top of my head there's probably a simpler way to do it but you probably get the idea. |
good points LogicG8
thanks. |
//moderator.note: moved to Linux - Programming, not a security issue.
|
All times are GMT -5. The time now is 12:40 AM. |