In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
How to use the detection method of MD5 and shell script to realize the file integrity test of linux system. In view of this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible method.
Today, I found a shell script that can check the integrity of system files. I tried it myself and introduced it to you.
System: centos 5.x
The script without Chinese is as follows:
Click (here) to collapse or open
#! / bin/bash
Shopt-s-o nounset
Date=$ (date +'% Y% m% d% H% M% S')
Dirs= "/ bin / sbin / usr/bin / usr/sbin / lib / usr/local/sbin / usr/local/bin / usr/local/lib"
TMP_file=$ (mktemp / tmp/check.XXXXXX)
FP= "/ root/fp.$Date.chksum"
Checker= "/ usr/bin/md5sum"
Find= "/ usr/bin/find"
Scan_file () {
Local f
For f in $Dirs
Do
$Find $f-type f > > $TMP_file
Done
}
Cr_checksum_list () {
Local f
If [- f $TMP_file]; then
For f in $(cat $TMP_file)
Do
$Checker $f > > $FP
Done
Fi
}
RmTMP () {
[- f $TMP_file] & & rm-rf $TMP_file
}
Scan_file
Cr_checksum_list
RmTMP
After execution, you just get a text, and now officially test it.
Script execution:
[root@node3 ~] # sh my_filecheck.sh
To verify:
Md5sum-c fp.20141205160628.chksum
If all OK, the word OK will be displayed. If there is a problem, the corresponding error will be reported, as follows:
[root@node3 ~] # md5sum-c fp.20141205160628.chksum | grep-v "OK"
Md5sum: / usr/bin/chattr: No such file or directory
/ usr/bin/chattr: FAILED open or read
Md5sum: WARNING: 1 of 8267 listed files could not be read
I rewrote the script myself, adding verification statements and output error reports, and the end shows:
/ usr/local/bin/dbhome: OK
/ usr/local/bin/oraenv: OK
2018011017 echo error
2018011017 finsh
Between 2018011017 echo error and 2018011017 finsh, an error is displayed. If there is no content, there is no error.
To use a directory, you need to create it in advance
Mkdir / root/scripts/log bin tmp
The complete script is as follows (the time is changed to accurate to hours):
#! / bin/bash
Source / etc/profile
Shopt-s-o nounset
Date=$ (date +'% Y% m% d% H')
Dirs= "/ bin / sbin / usr/bin / usr/sbin / lib / usr/local/sbin / usr/local/bin / usr/local/lib"
TMP_file=$ (mktemp / tmp/check.XXXXXX)
FP= "/ root/fp.$Date.chksum"
Checker= "/ usr/bin/md5sum"
Find= "/ usr/bin/find"
Scan_file () {
Local f
For f in $Dirs
Do
$Find $f-type f > > $TMP_file
Done
}
Cr_checksum_list () {
Local f
If [- f $TMP_file]; then
For f in $(cat $TMP_file)
Do
$Checker $f > > $FP
Done
Fi
}
RmTMP () {
[- f $TMP_file] & & rm-rf $TMP_file
}
Scan_file
Cr_checksum_list
RmTMP
Date=$ (date +'% Y% m% d% H')
FP= "/ root/fp.$Date.chksum"
Md5sum-c $FP > / root/scripts/log/$Date.log
Echo $Date "echo error" > > / root/scripts/log/$Date.log
Md5sum-c $FP | grep-v "OK" > > / root/scripts/log/$Date.log
Echo $Date "finsh" > > / root/scripts/log/$Date.log
Do not look at the following:
The code is explained as follows:
Cat my_filecheck.sh
#! / bin/bash
#
# variables must be declared before they can be used
Shopt-s-o nounset
# Declaration
# date of establishment
Date=$ (date +'% Y% m% d% H% M% S')
# add the directory to the audit #
Dirs= "/ bin / sbin / usr/bin / usr/sbin / lib / usr/local/sbin / usr/local/bin / usr/local/lib"
# temporary files #
TMP_file=$ (mktemp / tmp/check.XXXXXX)
# File checksum Storage File
FP= "/ root/fp.$Date.chksum"
# which checksum tool to use
Checker= "/ usr/bin/md5sum"
Find= "/ usr/bin/find"
# function area #
Scan_file () {
Local f
For f in $Dirs
Do
$Find $f-type f > > $TMP_file
Done
}
# read files and establish checksum values for each file
Cr_checksum_list () {
Local f
If [- f $TMP_file]; then
For f in $(cat $TMP_file)
Do
$Checker $f > > $FP
Done
Fi
}
RmTMP () {
[- f $TMP_file] & & rm-rf $TMP_file
}
# main program area
# scan list
Scan_file
# create the checksum value of the file
Cr_checksum_list
# cleaning up temporary files
RmTMP
Execute the script:
. / my_filecheck.sh
To verify:
Md5sum-c fp.20141205160628.chksum
It is as follows:
Md5sum-c fp.20141209202544.chksum
/ bin/gawk: OK
/ bin/igawk: OK
/ bin/ln: OK
/ bin/loadkeys: OK
/ bin/gzip: OK
/ bin/mkdir: OK
/ bin/date: OK
/ bin/cat: OK
/ bin/mountpoint: OK
/ bin/taskset: OK
/ bin/umount: OK
/ bin/mount: OK
/ bin/doexec: OK
/ bin/kill: OK
/ bin/sync: OK
/ bin/unicode_start: OK
/ bin/usleep: OK
/ bin/mknod: OK
/ bin/setserial: OK
/ bin/cp: OK
/ bin/mktemp: OK
/ bin/setfont: OK
/ bin/unicode_stop: OK
.
/ lib/modules/2.6.18-194.el5PAE/kernel/crypto/cast5.ko: OK
/ lib/modules/2.6.18-194.el5PAE/kernel/crypto/crypto_blkcipher.ko: OK
/ lib/modules/2.6.18-194.el5PAE/kernel/crypto/twofish.ko: OK
/ lib/modules/2.6.18-194.el5PAE/kernel/crypto/authenc.ko: OK
/ lib/modules/2.6.18-194.el5PAE/kernel/crypto/cbc.ko: OK
/ lib/modules/2.6.18-194.el5PAE/kernel/crypto/crypto_hash.ko: OK
/ lib/modules/2.6.18-194.el5PAE/kernel/crypto/seqiv.ko: OK
/ lib/libproc-3.2.7.so: OK
/ lib/libacl.so.1.1.0: OK
/ lib/libauparse.so.0.0.0: OK
/ lib/libdmraid.so.1.0.0.rc13-17: OK
/ lib/libvolume_id.so.0.66.0: OK
/ lib/libgobject-2.0.so.0.1200.3: OK
/ lib/libnss_compat-2.5.so: OK
/ lib/rtkaio/i686/nosegneg/librtkaio-2.5.so: OK
/ lib/rtkaio/librtkaio-2.5.so: OK
/ lib/libdmraid-events-isw.so.1.0.0.rc13: OK
/ lib/libdevmapper-event-lvm2snapshot.so.2.02: OK
/ lib/libblkid.so.1.0: OK
/ lib/libdb-4.3.so: OK
/ lib/libSegFault.so: OK
/ lib/libiw.so.28: OK
/ lib/libdmraid-events-isw.so.1.0.0.rc13-17: OK
You can see a lot of OK.
If you only want to see errors, you can use the following command:
The code is as follows:
Md5sum-c fp.20141209202544.chksum | grep-v "OK"
There is nothing wrong with my system, so there is no way to give you the results.
On how to use MD5 detection methods and shell scripts to achieve linux system file integrity testing questions are shared here, I hope the above content can be of some help to you, if you still have a lot of doubts have not been solved, you can follow the industry information channel for more related knowledge.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.