The Shell script verifies Linux files

A, requirements,

Some customers need to verify the consistency of files, so I thought of using MD5SUM tool, so I wrote scripts to carry out custom scan of files, and later I can use it for verification, to quickly verify files and find changed files, and to some extent timely detect *** and other *** * behaviors.

Second, the script

Md5sum is used to save the scanned files in the/TMP directory with a timestamp suffix, which can be used to verify git addresses later

#! /bin/bash
#func:scan file
#md5sum -c $SCAN_FILE


SCAN_DIR=`echo $PATH |sed 's/:/ /g'`
SCAN_CMD=`which md5sum`
SCAN_FILE_FAIL="/tmp/scan_$(date +%F%H%m)_fall.txt"
SCAN_FILE_BIN="/tmp/scan_$(date +%F%H%m)_bin.txt"

scan_fall_disk() {
	echo "Full scan in progress, please wait! File path:$SCAN_FILE_FALL"
	find / -type f ! -path "/proc/*" -exec $SCAN_CMD\ {\} \; >>$SCAN_FILE_FAIL 2>/dev/null
	echo "Scan completed, file can be verified later with the following command"
	echo "$SCAN_CMD -c $SCAN_FILE_FAIL |grep -v 'OK$'"
}

scan_bin() {
	echo "Scanning is under way.$PATHExecutable file, please wait, file path:$SCAN_FILE_BIN"
	for file in $SCAN_DIR
	do
		find $file -type f -exec $SCAN_CMD\ {\} \; >>$SCAN_FILE_BIN 2>/dev/null
	done
	echo "Scan completed, file can be verified later with the following command"
	echo "$SCAN_CMD -c $SCAN_FILE_BIN |grep -v 'OK$'"
}

clear
echo "# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #"
echo "# #"
echo "# verify file with md5sum"
echo "# #"
echo "# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #"
echo "1: Full scan"
echo "2: Bin Path Scan"
echo "3: EXIT"
Select scan mode
read -p "Please input your choice:" method
case $method in 
1)
	scan_fall_disk;;
2)
	scan_bin;;
3)
        echo "you choce channel!" && exit 1;;
*)
	echo "input Error! Place input{1|2|3}" && exit 0;;
esac

Copy the code

Three, test,

• Scanning binary executables Because executables are extremely sensitive, *** if *** the system may have its own program in the feasible path, or replace the original binary file, yes$PATHScanning directories
  

  

  Change in the binary can be detected by moving the WC file to another path, or by following another program

  

• Full scan
  

  

Four, extension,

• You can change the path to your own scan path
• Other tools like this can also be used to scan