Skip to content
Lightweight file permission checker
Branch: master
Clone or download
legionus v1.2.9
Signed-off-by: Alexey Gladkov <gladkov.alexey@gmail.com>
Latest commit 837fd65 May 14, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
contrib
data Cron: add hash type configuration support Apr 22, 2019
debian
src Make sure that all messages end with newline May 12, 2019
update Version bump Apr 22, 2019
.gear-rules Add gear rules Jun 4, 2008
.gitignore Add utitlity to get version of database Feb 11, 2013
AUTHORS Version bump Apr 22, 2019
COPYING Initial commit May 12, 2008
ChangeLog Remove ChangeLog Sep 3, 2016
INSTALL Initial commit May 12, 2008
Makefile.am
NEWS v1.2.9 May 14, 2019
README Version bump Apr 22, 2019
TODO Initial commit May 12, 2008
autogen.sh Add autogen script Nov 23, 2011
config.h.in Add large-file support Dec 9, 2016
configure.ac
depcomp Initial commit May 12, 2008
install-sh Initial commit May 12, 2008
missing Initial commit May 12, 2008
osec.spec Removed some warnings: Apr 23, 2019

README

Osec is a lightweight integrity checking system.
You can use it to see difference between two states of your system
Osec also adds an ability of checking system for the dangerous files, e.g.
suid, sgid and world writeable

If you run osec under root acount, then this program
will work under non-privilegy user with only one extra capability 'dac_read_search', so osec cannot
damage any system file on internal errors.

Osec is divided into two parts:
1. osec          - data gathering program. Osec have made it's output in row format to stdout.
2. osec_reporter - report filter. You can pass row output from osec to reporter to see 
human-readable reports with some analisys.

Reporter process made it's output to stdout, so you can continue this pipeline. For example, you 
can send e-mail with report to system administrator.

If you develop some interesting reporter module or filter you can sent to authors to include
it into osec distribution.

Authors
-------
Written in C++ by Stanislav Ievlev <inger@altlinux.org>.
Almost completely rewritten from scratch in C by Alexey Gladkov <gladkov.alexey@gmail.com>.
Support for hash type switching and stribog512 hash is implemented by Aleksei Nikiforov <darktemplar@basealt.ru>

Requires
--------
You need following tools to build library:
    o c compiler (gcc 3.2 or higher)
    o libcdb library (0.76 or higher). Latest version available at http://www.corpit.ru/mjt/tinycdb.html
    o libcap library (1.10 or higher)
    o GNU autoconf (2.61 or higher)
    o GNU automake (1.11 or higher)
    o GNU help2man (1.40.12 or higher)
    o libgcrypt

optionally:
    o libattr library (2.4.46 or higher)

Notes
-----
You can use osec under non-privilege user, but if you try to run osec under administrator account,
osec will try to drop its privileges to non-privilege user "osec". You can change this default
user (and group) using --user (--group) options.
By default, osec will create database in current directory. You can change this path using
--dbpath option. If you run osec under administrator account please check that non privilege user
have write osec in this output directory.


Bug reporting
------------
Please report all bugs you find in the program directly to authors.
You can’t perform that action at this time.