mtree vs tripwire

Lowell Gilbert freebsd-security-local at be-well.ilk.org
Wed Jan 21 05:39:25 PST 2004


Tillman Hodgson <tillman at seekingfire.com> writes:

> On Tue, Jan 20, 2004 at 07:53:44PM -0500, Lowell Gilbert wrote:
> > Tillman Hodgson <tillman at seekingfire.com> writes:
> > > On Tue, Jan 20, 2004 at 07:40:28PM -0500, Lowell Gilbert wrote:
> > > > Hmm.  I've never had this problem, and when I try to trigger it
> > > > deliberately, I find that my mtree specification has the spaces in the
> > > > filenames escaped.
> > > > 
> > > > e.g.,
> > > >     foo\040bar\040baz \
> > > 
> > > Interesting. I'm using -STABLE as of Jan 7/04 on this box ... is your
> > > mtree by any chance from -CURRENT?
> > 
> > No, it's -STABLE within the last few days.
> > 
> > Any chance you could generate a test case that demonstrates the
> > problem on your system?
> 
> I tried `touch`ing files to create them with spaces, and they ended up
> encoded as follows:
> 
> # ./test
> /set type=file uid=0 gid=0 mode=0644 nlink=1 flags=none
> test            type=dir mode=0755 nlink=2 size=512 time=1074647709.0
>     this\040is\040a\040file\040with\040spaces.txt \
>                 size=0 time=1074647708.0 \
>                 sha1digest=da39a3ee5e6b4b0d3255bfef95601890afd80709
> # ./test
> 
> But when I try to mtree a directory that includes Loki SimCity 3000
> saved games I get files with spaces unencoded:
> 
> # mtree -K sha1digest -c -X mtree.exclude -p /exports/tillman/.loki/sc3u/ > mtree.out
> 
> # ./buildings
> /set type=file uid=500 gid=500 mode=0777 nlink=1 flags=none
> buildings       type=dir mode=0755 nlink=2 size=1024 time=1017616936.0
>     Den\040Burg\040Bruges.bld \
>                 type=link size=39 time=1017616936.0 \
>                 link=/opt/SC3U/buildings/Den Burg Bruges.bld
>     Dupont\040House.bld \
>                 type=link size=36 time=1017616936.0 \
>                 link=/opt/SC3U/buildings/Dupont House.bld
>     Garvey\040Plaza.bld \
>                 type=link size=36 time=1017616936.0 \
>                 link=/opt/SC3U/buildings/Garvey Plaza.bld
>     GuestHouse\040Building.bld \
>                 type=link size=43 time=1017616936.0 \
>                 link=/opt/SC3U/buildings/GuestHouse Building.bld
> etc.
> 
> The filesystem is still UFS2. I'm just NFS exporting my home
> directories to several machines, including the RedHat 7.3 box that
> originally generated the sc3u save files.
> 
> I'm not /that/ worried about it: I should exclude home directories from
> mtree for this "tripwire replacement" purpose anyway. But it's worrisome
> that it /could/ fail in this way.

Unless we can establish what "this way" is, there isn't much we can do
about it.  It sounds like you've tried to create your test on the same
filesystem as the files that were showing the problems, so I'm not
sure what else to check.  Maybe you can see some differences in the
directory listings themselves?


More information about the freebsd-questions mailing list