RFC 3.3.0 review
DownloadRFC (Remote Filesystem Checker) is a set of scripts that aims to help System-Administrators run a filesystem-checker (like tripwire,
|
|
RFC (Remote Filesystem Checker) is a set of scripts that aims to help System-Administrators run a filesystem-checker (like tripwire, aide and so on...) from a "master-node" to several "slave-nodes" using ssh, scp, sudo and few other common shell commands.
Here are some key features of "RFC":
crate/update FileSystem-Checker's (FSC) database
execute FSC and create a log-report
allow parallel execution, mass-check and mass-upgrade!
support non-interactive operations
use scp/ssh for all connections
use an arbitrary port for ssh/scp connections (may be different for each host!)
send (ONE) email to administrator(s)
rotate logs, databases and other files
support for AFICK, AIDE and INTEGRIT FileSystem-Checkers
check users creation/removal
check group creation/removal
check if someone changes UID, GID or shell
check for group's members or ID changes
check for SUID/SGID on remote host via a separate PERL script
check if remote-host is up before run checks on it (via nmap)
kill the processes that take too long (you can set an arbitrary timeout value)
Requirements:
bash on any (?) posix system
base utils (chown, chmod, adduser, sed, grep...)
a mail program ("mail" itself is great)
nmap on master node
ssh/scp client & ssh-keygen on master-node
ssh/scp server on slave-nodes
sudo on slave-nodes
What's New in This Release:
A new function that replaces the "seq" command, which is not available on all systems. A fix for a small bug that caused a "cp: missing destination file" error. A fix for an error that caused RFC to suggest a bad "sudo" setup.
A new function to check whether a node is alive without the "nmap" requirement.
"/lib" is included in all default configuration files for the filesystem checkers (afick, aide, and integrit).
AFICK has been updated to version 2.8-2.
The documentation reflects the latest changes.
RFC 3.3.0 keywords