integrity(ADM)


integrity -- examine system files against the authentication database

Syntax

/tcb/bin/integrity [ -v ] [ -e ] [ -m ]

Description

integrity traverses the File Control database and compares each entry in turn to the real file in the file system. If the owner, group or permissions are different, an error message is output.

Wildcard entries in the File Control database are handled as follows. For file names, those file names that have /* as the last entry are treated as wild cards. Any file in the directory matches that entry, unless the specific file under consideration has its own (non-wildcard) entry in the database appearing before the wildcard entry. In this case, the file is ignored in the check because it would have been located previously. For owners (groups), if the File Control entry does not explicitly list an owner (group), all owners (groups) match correctly.

The -v option lists all files under consideration, even those that match. The -e option explains why discretionary checks fail and exactly what the discrepancy is.

Normally, (non-wildcard type) files in the File Control database that are missing from the file system are not reported. The -m option will override that default and report such missing files.

Exit values

integrity returns a zero exit status if there are no discrepancies, and 1 if discrepancies are found.

Limitations

Only root can run this utility. fixmog(ADM) can be used to correct problems found by integrity.

Files


/etc/auth/system/files
File Control database

/etc/auth/system/default
System Defaults database

See also

authck(ADM), fixmog(ADM), getprfient(S-osr5), stat(S-osr5)

``Maintaining system security'' in Managing system security

Standards conformance

integrity is not part of any currently supported standard; it is an extension of AT&T System V provided by The Santa Cruz Operation, Inc.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 03 June 2005