1.\" Copyright (c) 1989, 1990, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" %sccs.include.redist.roff% 5.\" 6.\" @(#)mtree.8 8.1 (Berkeley) 06/06/93 7.\" 8.Dd 9.Dt MTREE 8 10.Os 11.Sh NAME 12.Nm mtree 13.Nd map a directory hierarchy 14.Sh SYNOPSIS 15.Nm mtree 16.Op Fl cderux 17.Op Fl f Ar spec 18.Op Fl K Ar keywords 19.Op Fl k Ar keywords 20.Op Fl p Ar path 21.Op Fl s Ar seed 22.Sh DESCRIPTION 23The utility 24.Nm mtree 25compares the file hierarchy rooted in the current directory against a 26specification read from the standard input. 27Messages are written to the standard output for any files whose 28characteristics do not match the specification's, or which are 29missing from either the file hierarchy or the specification. 30.Pp 31The options are as follows: 32.Bl -tag -width flag 33.It Fl c 34Print a specification for the file hierarchy to the standard output. 35.It Fl d 36Ignore everything except directory type files. 37.It Fl e 38Don't complain about files that are in the file hierarchy, but not in the 39specification. 40.It Fl f 41Read the specification from 42.Ar file , 43instead of from the standard input. 44.It Fl K 45Add the specified (whitespace or comma separated) keywords to the current 46set of keywords. 47.It Fl k 48Use the ``type'' keyword plus the specified (whitespace or comma separated) 49keywords instead of the current set of keywords. 50.It Fl p 51Use the file hierarchy rooted in 52.Ar path , 53instead of the current directory. 54.It Fl r 55Remove any files in the file hierarchy that are not described in the 56specification. 57.It Fl s 58Display a single checksum to the standard error output that represents all 59of the files for which the keyword 60.Cm cksum 61was specified. 62The checksum is seeded with the specified value. 63.It Fl u 64Modify the owner, group, and permissions of existing files to match 65the specification and create any missing directories. 66User, group, and permissions must all be specified for missing directories 67to be created. 68.It Fl x 69Don't descend below mount points in the file hierarchy. 70.El 71.Pp 72Specifications are mostly composed of ``keywords'', i.e. strings that 73that specify values relating to files. 74No keywords have default values, and if a keyword has no value set, no 75checks based on it are performed. 76.Pp 77Currently supported keywords are as follows: 78.Bl -tag -width Cm 79.It Cm cksum 80The checksum of the file using the default algorithm specified by 81the 82.Xr cksum 1 83utility. 84.It Cm ignore 85Ignore any file hierarchy below this file. 86.It Cm gid 87The file group as a numeric value. 88.It Cm gname 89The file group as a symbolic name. 90.It Cm mode 91The current file's permissions as a numeric (octal) or symbolic 92value. 93.It Cm nlink 94The number of hard links the file is expected to have. 95.It Cm uid 96The file owner as a numeric value. 97.It Cm uname 98The file group as a symbolic name. 99.It Cm size 100The size, in bytes, of the file. 101.It Cm link 102The file the symbolic link is expected to reference. 103.It Cm time 104The last modification time of the file. 105.It Cm type 106The type of the file; may be set to any one of the following: 107.sp 108.Bl -tag -width Cm -compact 109.It Cm block 110block special device 111.It Cm char 112character special device 113.It Cm dir 114directory 115.It Cm fifo 116fifo 117.It Cm file 118regular file 119.It Cm link 120symbolic link 121.It Cm socket 122socket 123.El 124.El 125.Pp 126The default set of keywords are 127.Cm gid , 128.Cm mode , 129.Cm nlink , 130.Cm size , 131.Cm slink , 132.Cm time , 133and 134.Cm uid . 135.Pp 136There are four types of lines in a specification. 137.Pp 138The first type of line sets a global value for a keyword, and consists of 139the string ``/set'' followed by whitespace, followed by sets of keyword/value 140pairs, separated by whitespace. 141Keyword/value pairs consist of a keyword, followed by an equals sign 142(``=''), followed by a value, without whitespace characters. 143Once a keyword has been set, its value remains unchanged until either 144reset or unset. 145.Pp 146The second type of line unsets keywords and consists of the string 147``/unset'', followed by whitespace, followed by one or more keywords, 148separated by whitespace. 149.Pp 150The third type of line is a file specification and consists of a file 151name, followed by whitespace, followed by zero or more whitespace 152separated keyword/value pairs. 153The file name may be preceded by whitespace characters. 154The file name may contain any of the standard file name matching 155characters (``['', ``]'', ``?'' or ``*''), in which case files 156in the hierarchy will be associated with the first pattern that 157they match. 158.Pp 159Each of the keyword/value pairs consist of a keyword, followed by an 160equals sign (``=''), followed by the keyword's value, without 161whitespace characters. 162These values override, without changing, the global value of the 163corresponding keyword. 164.Pp 165All paths are relative. 166Specifying a directory will cause subsequent files to be searched 167for in that directory hierarchy. 168Which brings us to the last type of line in a specification: a line 169containing only the string 170.Dq Nm \&.. 171causes the current directory 172path to ascend one level. 173.Pp 174Empty lines and lines whose first non-whitespace character is a hash 175mark (``#'') are ignored. 176.Pp 177The 178.Nm mtree 179utility exits with a status of 0 on success, 1 if any error occurred, 180and 2 if the file hierarchy did not match the specification. 181.Sh EXAMPLES 182To detect system binaries that have been ``trojan horsed'', it is recommended 183that 184.Nm mtree 185be run on the file systems, and a copy of the results stored on a different 186machine, or, at least, in encrypted form. 187The seed for the 188.Fl s 189option should not be an obvious value and the final checksum should not be 190stored on-line under any circumstances! 191Then, periodically, 192.Nm mtree 193should be run against the on-line specifications and the final checksum 194compared with the previous value. 195While it is possible for the bad guys to change the on-line specifications 196to conform to their modified binaries, it shouldn't be possible for them 197to make it produce the same final checksum value. 198If the final checksum value changes, the off-line copies of the specification 199can be used to detect which of the binaries have actually been modified. 200.Pp 201The 202.Fl d 203and 204.Fl u 205options can be used in combination to create directory hierarchies 206for distributions and other such things. 207.Sh FILES 208.Bl -tag -width /etc/mtree -compact 209.It Pa /etc/mtree 210system specification directory 211.El 212.Sh SEE ALSO 213.Xr chmod 1 , 214.Xr chown 1 , 215.Xr chgrp 1 , 216.Xr cksum 1 , 217.Xr stat 2 , 218.Xr fts 3 , 219.Sh HISTORY 220The 221.Nm mtree 222utility appeared in 223.Bx 4.3 Reno . 224