apk-audit.8.scd 1.87 KB
Newer Older
Drew DeVault's avatar
Drew DeVault committed
1 2 3 4 5 6 7 8 9 10 11 12
apk-audit(8)

# NAME

apk audit - audit directories for changes

# SYNOPSIS

*apk audit* [<_options_>...] _directories_...

# DESCRIPTION

13 14 15 16 17 18 19 20 21 22 23
*apk audit* audits the system or specified directories for changes compared to
the package database.

The audit can be done against configuration files only (--backup) to generate
list of files needed to be stored in the overlay in run-from-tmps configuration.
Alternatively, it can audit all installed files (--system) to e.g. detect
unauthorized modifications of system files.

By default, the output format is one file per line, for each modified file.
A character is printed indicating the change detected, followed by a space,
then the affected path. The changes detected are:
Drew DeVault's avatar
Drew DeVault committed
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43

|[ A
:< File added
|  d
:  Directory added
|  D
:  Directory added (with non-listed files/subdirs)
|  M
:  File metadata changed (uid, gid, or mode)
|  m
:  Directory metadata changed
|  U
:  File contents modified
|  X
:  File deleted
|  x
:  xattrs changed

# OPTIONS

44 45 46 47
*--backup*
	Audit configuration files only (default). The list of files to be
	audited is generated from the masks in protected_paths.d.

Drew DeVault's avatar
Drew DeVault committed
48
*--check-permissions*
49 50
	Check file permissions too. Namely, the uid, gid and file mode will
	be checked in addition to the file content.
Drew DeVault's avatar
Drew DeVault committed
51 52

*--packages*
53 54 55 56 57 58
	Print only the packages with changed files. Instead of the full output
	each modification, the set of packages with at least one modified file
	is printed.

	To repair all packages with modified files, one could use:
		apk audit --packages -q | xargs apk fix
Drew DeVault's avatar
Drew DeVault committed
59 60

*--system*
61 62 63
	Audit all system files. All files provided by packages are verified
	for integrity with the exception of configuration files (listed in
	protected_paths.d). This is useful detecting unauthorized file changes.
Drew DeVault's avatar
Drew DeVault committed
64 65 66 67 68 69 70

*-r, --recursive*
	Descend into directories and audit them as well.

# AUTHORS

Natanael Copa <ncopa@alpinelinux.org>++
71
Timo Teräs <timo.teras@iki.fi>