Home Man
Today's Posts

Linux & Unix Commands - Search Man Pages

NetBSD 6.1.5 - man page for veriexecgen (netbsd section 8)

VERIEXECGEN(8)			   BSD System Manager's Manual			   VERIEXECGEN(8)

     veriexecgen -- generate fingerprints for Veriexec

     veriexecgen [-AaDrSTvW] [-d dir] [-o fingerprintdb] [-p prefix] [-t algorithm]
     veriexecgen [-h]

     veriexecgen can be used to create a fingerprint database for use with Veriexec.

     If no command line arguments were specified, veriexecgen will resort to default operation,
     implying -D -o /etc/signatures -t sha256.

     If the output file already exists, veriexecgen will save a backup copy in the same file only
     with a ``.old'' suffix.

     The following options are available:

     -A 	Append to the output file, don't overwrite it.

     -a 	Add fingerprints for non-executable files as well.

     -D 	Search system directories, /bin, /sbin, /usr/bin, /usr/sbin, /lib, /usr/lib,
		/libexec, and /usr/libexec.

     -d dir	Scan for files in dir.	Multiple uses of this flag can specify more than one

     -h 	Display the help screen.

     -o fingerprintdb
		Save the generated fingerprint database to fingerprintdb.

     -p prefix	When storing files in the fingerprint database, store the full pathnames of files
		with the leading ``prefix'' of the filenames removed.

     -r 	Scan recursively.

     -S 	Set the immutable flag on the created signatures file when done writing it.

     -T 	Put a timestamp on the generated file.

     -t algorithm
		Use algorithm for the fingerprints.  Must be one of ``md5'', ``sha1'',
		``sha256'', ``sha384'', ``sha512'', or ``rmd160''.

     -v 	Verbose mode.  Print messages describing what operations are being done.

     -W 	By default, veriexecgen will exit when an error condition is encountered.  This
		option will treat errors such as not being able to follow a symbolic link, not
		being able to find the real path for a directory entry, or not being able to cal-
		culate a hash of an entry as a warning, rather than an error.  If errors are
		treated as warnings, veriexecgen will continue processing.  The default behaviour
		is to treat errors as fatal.


     Fingerprint files in the common system directories using the default hashing algorithm
     ``sha256'' and save to the default fingerprint database in /etc/signatures:

	   # veriexecgen

     Fingerprint files in /etc, appending to the default fingerprint database:

	   # veriexecgen -A -d /etc

     Fingerprint files in /path/to/somewhere using ``rmd160'' as the hashing algorithm, saving to

	   # veriexecgen -d /path/to/somewhere -t rmd160 -o /etc/somewhere.fp

     veriexec(4), veriexec(5), security(7), veriexec(8), veriexecctl(8)

BSD					February 18, 2008				      BSD

All times are GMT -4. The time now is 11:11 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
Show Password