DragonFly On-Line Manual Pages

CONFAUDIT(8)           DragonFly System Manager's Manual          CONFAUDIT(8)

NAME
     confaudit - configuration auditor

SYNOPSIS
     confaudit [-s] [-q] [-d]
     confaudit -h

DESCRIPTION
     The confaudit utility is designed to report differences between the
     confman(8) repository and the live filesystem. While its behavior is very
     similar to confman audit, confaudit is intended to be invoked via
     cron(8).

     The -s option will cause confaudit to run in sleep mode.  In this mode,
     confaudit will sleep for CONF_AUDIT_SLEEP seconds before executing.  This
     can be used to stagger the execution of confaudit across multiple managed
     hosts.

     When invoked with -q, confaudit will report only whether files differ and
     not the actual differences (See diff(1)).

     The -d option can be used to print additional debugging information.

     When launched with -h, confaudit will display the usage statement and
     exit.

     confaudit uses the export file that is generated by confexport(8), and as
     such, requires that CONF_EXPORT_URI be defined in confman.conf(5).

SECURITY CONSIDERATIONS
     This functionality can provide insight into whether a System
     Administrator has been lazy about using confman for revision control. It
     could also be run as part of your daily security runs to possibly
     identify an unauthorized presence on the host.  However, as the utility
     and snapshot are all stored on local disk, it is not meant as a
     replacement for a proper IDS.

SEE ALSO
     confman(8), confexport(8), confman.conf(5), cron(8), diff(1)

AUTHORS
     Chris Cowart <ccowart@timesinks.net>

DragonFly 6.5-DEVELOPMENT         May 6, 2009        DragonFly 6.5-DEVELOPMENT