| 1 | .\" Copyright (c) 2008, Christopher Cowart and contributors |
|---|
| 2 | .\" All rights reserved. |
|---|
| 3 | .\" |
|---|
| 4 | .\" Redistribution and use in source and binary forms, with or without |
|---|
| 5 | .\" modification, are permitted provided that the following conditions |
|---|
| 6 | .\" are met: |
|---|
| 7 | .\" * Redistributions of source code must retain the above copyright |
|---|
| 8 | .\" notice, this list of conditions and the following disclaimer. |
|---|
| 9 | .\" * Redistributions in binary form must reproduce the above copyright |
|---|
| 10 | .\" notice, this list of conditions and the following disclaimer in the |
|---|
| 11 | .\" documentation and/or other materials provided with the distribution. |
|---|
| 12 | .\" |
|---|
| 13 | .\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
|---|
| 14 | .\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
|---|
| 15 | .\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
|---|
| 16 | .\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
|---|
| 17 | .\" OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|---|
| 18 | .\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED |
|---|
| 19 | .\" TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR |
|---|
| 20 | .\" PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF |
|---|
| 21 | .\" LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
|---|
| 22 | .\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
|---|
| 23 | .\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|---|
| 24 | .\" |
|---|
| 25 | .\" $Id$ |
|---|
| 26 | .\" |
|---|
| 27 | .Dd May 06, 2009 |
|---|
| 28 | .Dt CONFAUDIT 8 |
|---|
| 29 | .Os |
|---|
| 30 | .Sh NAME |
|---|
| 31 | .Nm confaudit |
|---|
| 32 | .Nd configuration auditor |
|---|
| 33 | .Sh SYNOPSIS |
|---|
| 34 | .Nm |
|---|
| 35 | .Op Fl s |
|---|
| 36 | .Op Fl q |
|---|
| 37 | .Op Fl d |
|---|
| 38 | .Nm |
|---|
| 39 | .Fl h |
|---|
| 40 | .Sh DESCRIPTION |
|---|
| 41 | The |
|---|
| 42 | .Nm |
|---|
| 43 | utility is designed to report differences between the |
|---|
| 44 | .Xr confman 8 |
|---|
| 45 | repository and the live filesystem. While its behavior is very similar to |
|---|
| 46 | .Cm confman audit , |
|---|
| 47 | .Nm |
|---|
| 48 | is intended to be invoked via |
|---|
| 49 | .Xr cron 8 . |
|---|
| 50 | .Pp |
|---|
| 51 | The |
|---|
| 52 | .Fl s |
|---|
| 53 | option will cause |
|---|
| 54 | .Nm |
|---|
| 55 | to run in sleep mode. In this mode, |
|---|
| 56 | .Nm |
|---|
| 57 | will sleep for CONF_AUDIT_SLEEP seconds before executing. This can be used to |
|---|
| 58 | stagger the execution of |
|---|
| 59 | .Nm |
|---|
| 60 | across multiple managed hosts. |
|---|
| 61 | .Pp |
|---|
| 62 | When invoked with |
|---|
| 63 | .Fl q , |
|---|
| 64 | .Nm |
|---|
| 65 | will report only whether files differ and not the actual differences (See |
|---|
| 66 | .Xr diff 1) . |
|---|
| 67 | .Pp |
|---|
| 68 | The |
|---|
| 69 | .Fl d |
|---|
| 70 | option can be used to print additional debugging information. |
|---|
| 71 | .Pp |
|---|
| 72 | When launched with |
|---|
| 73 | .Fl h , |
|---|
| 74 | .Nm |
|---|
| 75 | will display the usage statement and exit. |
|---|
| 76 | .Pp |
|---|
| 77 | .Nm |
|---|
| 78 | uses the export file that is generated by |
|---|
| 79 | .Xr confexport 8 , |
|---|
| 80 | and as such, requires that CONF_EXPORT_URI be defined in |
|---|
| 81 | .Xr confman.conf 5 . |
|---|
| 82 | .Sh SECURITY CONSIDERATIONS |
|---|
| 83 | This functionality can provide insight into whether a System Administrator |
|---|
| 84 | has been lazy about using |
|---|
| 85 | .Cm confman |
|---|
| 86 | for revision control. It could also be run as part of your daily security |
|---|
| 87 | runs to possibly identify an unauthorized presence on the host. However, |
|---|
| 88 | as the utility and snapshot are all stored on local disk, it is not meant as a |
|---|
| 89 | replacement for a proper IDS. |
|---|
| 90 | .Sh SEE ALSO |
|---|
| 91 | .Xr confman 8 , |
|---|
| 92 | .Xr confexport 8 , |
|---|
| 93 | .Xr confman.conf 5 , |
|---|
| 94 | .Xr cron 8 , |
|---|
| 95 | .Xr diff 1 |
|---|
| 96 | .Sh AUTHORS |
|---|
| 97 | .An Chris Cowart Aq ccowart@timesinks.net |
|---|
