1bart_manifest(4) File Formats bart_manifest(4)
2
6 bart_manifest - system audit manifest file
7
9 The bart(1M) command generates a manifest that describes the contents
10 of a managed host. A manifest consists of a header and entries. Each
11 entry represents a single file. Entries are sorted in ascending order
12 by file name. Any nonstandard file names, such as those that contain
13 embedded newline or tab characters, have the special characters quoted
14 prior to being sorted. See Quoting Syntax.
15 Lines that begin with ! supply metadata about the manifest. The mani‐
18 fest version line indicates the manifest specification version. The
19 date line shows the date on which the manifest was created, in date(1)
20 form.
21 Some lines are ignored by the manifest comparison tool. Ignored lines
24 include blank lines, lines that consist only of white space, and com‐
25 ments that begin with #.
26 In addition to metadata lines, the header contains the format comment
29 block. This comment block lists the attributes reported for each file
30 type.
31 To see the format of a manifest file, see EXAMPLES.
34 Manifest File Entries
36 Each manifest file entry is a single line of one of the following
37 forms, depending on the file type:
38 fname D size mode acl dirmtime uid gid
40 fname P size mode acl mtime uid gid
41 fname S size mode acl mtime uid gid
42 fname F size mode acl mtime uid gid contents
43 fname L size mode acl lnmtime uid gid dest
44 fname B size mode acl mtime uid gid devnode
45 fname C size mode acl mtime uid gid devnode
46 The fields of the manifest file entries are described as follows:
50 fname Name of the file. To prevent parsing problems that are
52 caused by special characters embedded in file names, file
53 names are encoded as described in Quoting Syntax.
54 type Type of file.
57 Possible values for type are as follows:
59 B Block device node
61 C Character device node
64 D Directory
67 F File
70 L Symbolic link
73 P Pipe
76 S Socket
79 size File size in bytes.
83 mode Octal number that represents the permissions of the file.
86 acl ACL attributes for the file. For a file with ACL
89 attributes, this field contains the output from aclto‐
90 text().
91 uid Numerical user ID of the owner of this entry.
94 gid Numerical group ID of the owner of this entry.
97 dirmtime Modification time in seconds since 00:00:00 UTC, January 1,
100 1970 for directories.
101 lnmtime Creation time for links.
104 mtime Modification time in seconds since 00:00:00 UTC, January 1,
107 1970 for files.
108 contents Checksum value of the file. This attribute is only speci‐
111 fied for regular files. If you turn off context checking or
112 if checksums cannot be computed, the value of this field is
113 -.
114 dest Destination of a symbolic link.
117 devnode Value of the device node. This attribute is for character
120 device files and block device files only.
121 Quoting Syntax
124 The rules file supports a quoting syntax for representing nonstandard
125 file names.
126 When generating a manifest for file names that embeded TAB, SPACE, or
129 NEWLINE characters, the special characters are encoded in their octal
130 forms.
131 ┌─────────────────────────────┬─────────────────────────────┐
136 │ Input Character │ Quoted Character │
137 ├─────────────────────────────┼─────────────────────────────┤
138 │SPACE │\SPACE │
139 ├─────────────────────────────┼─────────────────────────────┤
140 │TAB │\TAB │
141 ├─────────────────────────────┼─────────────────────────────┤
142 │NEWLINE │\NEWLINE │
143 ├─────────────────────────────┼─────────────────────────────┤
144 │? │\? │
145 ├─────────────────────────────┼─────────────────────────────┤
146 │[ │\[ │
147 ├─────────────────────────────┼─────────────────────────────┤
148 │* │\* │
149 └─────────────────────────────┴─────────────────────────────┘
150
152 Example 1 Sample Manifest File
153 The following is a sample system manifest file. The file entries are
156 sorted by the encoded versions of the file names to correctly handle
157 special characters.
158 ! Version 1.0
161 ! Mon Feb 11 10:55:30 2002
162 # Format:
163 # fname D size mode acl dirmtime uid gid
164 # fname P size mode acl mtime uid gid
165 # fname S size mode acl mtime uid gid
166 # fname F size mode acl mtime uid gid contents
167 # fname L size mode acl lnmtime uid gid dest
168 # fname B size mode acl mtime uid gid devnode
169 # fname C size mode acl mtime uid gid devnode
170 /etc D 3584 40755 user::rwx,group::r-x,mask::r-x,other::r-x,
171 3c6803d7 0 3
172 /etc/.login F 524 100644 user::rw-,group::r--,mask::r--,other::r--,
173 3c165878 0 3 27b53d5c3e844af3306f1f12b330b318
174 /etc/.pwd.lock F 0 100600 user::rw-,group::---,mask::---,other::---,
175 3c166121 0 0 d41d8cd98f00b204e9800998ecf8427e
176 /etc/.syslog_door L 20 120777 user::rw-,group::r--,mask::
177 rwx,other::r--,3c6803d5 0 0 /var/run/syslog_door
178 /etc/autopush L 16 120777 user::r-x,group::r-x,mask::r-x,other::r-x,
179 3c165863 0 0 ../sbin/autopush
180 /etc/cron.d/FIFO P 0 10600 user::rw-,group::---,mask::---,other::---,
181 3c6803d5 0 0
182
185 date(1), bart(1M), bart_rules(4), attributes(5)
186SunOS 5.11 9 Sep 2003 bart_manifest(4)