📄 filearchiv.html
字号:
> command shows the size, in bytes, of its target, whether file or <TTCLASS="FILENAME">stdout</TT>.</P><P>The <BCLASS="COMMAND">md5sum</B> and <BCLASS="COMMAND">sha1sum</B> commands display a <AHREF="special-chars.html#DASHREF2">dash</A> when they receive their input from <TTCLASS="FILENAME">stdout</TT>.</P></TD></TR></TABLE></DIV><DIVCLASS="EXAMPLE"><HR><ANAME="FILEINTEGRITY"></A><P><B>Example 12-34. Checking file integrity</B></P><TABLEBORDER="0"BGCOLOR="#E0E0E0"WIDTH="90%"><TR><TD><PRECLASS="PROGRAMLISTING"> 1 #!/bin/bash 2 # file-integrity.sh: Checking whether files in a given directory 3 # have been tampered with. 4 5 E_DIR_NOMATCH=70 6 E_BAD_DBFILE=71 7 8 dbfile=File_record.md5 9 # Filename for storing records (database file). 10 11 12 set_up_database () 13 { 14 echo ""$directory"" > "$dbfile" 15 # Write directory name to first line of file. 16 md5sum "$directory"/* >> "$dbfile" 17 # Append md5 checksums and filenames. 18 } 19 20 check_database () 21 { 22 local n=0 23 local filename 24 local checksum 25 26 # ------------------------------------------- # 27 # This file check should be unnecessary, 28 #+ but better safe than sorry. 29 30 if [ ! -r "$dbfile" ] 31 then 32 echo "Unable to read checksum database file!" 33 exit $E_BAD_DBFILE 34 fi 35 # ------------------------------------------- # 36 37 while read record[n] 38 do 39 40 directory_checked="${record[0]}" 41 if [ "$directory_checked" != "$directory" ] 42 then 43 echo "Directories do not match up!" 44 # Tried to use file for a different directory. 45 exit $E_DIR_NOMATCH 46 fi 47 48 if [ "$n" -gt 0 ] # Not directory name. 49 then 50 filename[n]=$( echo ${record[$n]} | awk '{ print $2 }' ) 51 # md5sum writes records backwards, 52 #+ checksum first, then filename. 53 checksum[n]=$( md5sum "${filename[n]}" ) 54 55 56 if [ "${record[n]}" = "${checksum[n]}" ] 57 then 58 echo "${filename[n]} unchanged." 59 60 elif [ "`basename ${filename[n]}`" != "$dbfile" ] 61 # Skip over checksum database file, 62 #+ as it will change with each invocation of script. 63 # --- 64 # This unfortunately means that when running 65 #+ this script on $PWD, tampering with the 66 #+ checksum database file will not be detected. 67 # Exercise: Fix this. 68 then 69 echo "${filename[n]} : CHECKSUM ERROR!" 70 # File has been changed since last checked. 71 fi 72 73 fi 74 75 76 77 let "n+=1" 78 done <"$dbfile" # Read from checksum database file. 79 80 } 81 82 # =================================================== # 83 # main () 84 85 if [ -z "$1" ] 86 then 87 directory="$PWD" # If not specified, 88 else #+ use current working directory. 89 directory="$1" 90 fi 91 92 clear # Clear screen. 93 echo " Running file integrity check on $directory" 94 echo 95 96 # ------------------------------------------------------------------ # 97 if [ ! -r "$dbfile" ] # Need to create database file? 98 then 99 echo "Setting up database file, \""$directory"/"$dbfile"\"."; echo 100 set_up_database 101 fi 102 # ------------------------------------------------------------------ # 103 104 check_database # Do the actual work. 105 106 echo 107 108 # You may wish to redirect the stdout of this script to a file, 109 #+ especially if the directory checked has many files in it. 110 111 exit 0 112 113 # For a much more thorough file integrity check, 114 #+ consider the "Tripwire" package, 115 #+ http://sourceforge.net/projects/tripwire/. 116 </PRE></TD></TR></TABLE><HR></DIV><P>Also see <AHREF="contributed-scripts.html#DIRECTORYINFO">Example A-19</A> and <AHREF="colorizing.html#HORSERACE">Example 33-14</A> for creative uses of the <BCLASS="COMMAND">md5sum</B> command.</P><DIVCLASS="NOTE"><TABLECLASS="NOTE"WIDTH="90%"BORDER="0"><TR><TDWIDTH="25"ALIGN="CENTER"VALIGN="TOP"><IMGSRC="common/note.png"HSPACE="5"ALT="Note"></TD><TDALIGN="LEFT"VALIGN="TOP"><P> There have been reports that the 128-bit <BCLASS="COMMAND">md5sum</B> can be cracked, so the more secure 160-bit <BCLASS="COMMAND">sha1sum</B> is a welcome new addition to the checksum toolkit. </P><P>Some security consultants think that even <BCLASS="COMMAND">sha1sum</B> can be compromised. So, what's next -- a 512-bit checksum utility?</P><TABLEBORDER="0"BGCOLOR="#E0E0E0"WIDTH="90%"><TR><TD><PRECLASS="SCREEN"> <TTCLASS="PROMPT">bash$ </TT><TTCLASS="USERINPUT"><B>md5sum testfile</B></TT> <TTCLASS="COMPUTEROUTPUT">e181e2c8720c60522c4c4c981108e367 testfile</TT> <TTCLASS="PROMPT">bash$ </TT><TTCLASS="USERINPUT"><B>sha1sum testfile</B></TT> <TTCLASS="COMPUTEROUTPUT">5d7425a9c08a66c3177f1e31286fa40986ffc996 testfile</TT> </PRE></TD></TR></TABLE></TD></TR></TABLE></DIV></DD><DT><ANAME="SHREDREF"></A><BCLASS="COMMAND">shred</B></DT><DD><P>Securely erase a file by overwriting it multiple times with random bit patterns before deleting it. This command has the same effect as <AHREF="extmisc.html#BLOTOUT">Example 12-55</A>, but does it in a more thorough and elegant manner.</P><P>This is one of the GNU <ICLASS="EMPHASIS">fileutils</I>.</P><DIVCLASS="CAUTION"><TABLECLASS="CAUTION"WIDTH="90%"BORDER="0"><TR><TDWIDTH="25"ALIGN="CENTER"VALIGN="TOP"><IMGSRC="common/caution.png"HSPACE="5"ALT="Caution"></TD><TDALIGN="LEFT"VALIGN="TOP"><P>Advanced forensic technology may still be able to recover the contents of a file, even after application of <BCLASS="COMMAND">shred</B>.</P></TD></TR></TABLE></DIV></DD></DL></DIV><DIVCLASS="VARIABLELIST"><P><B><ANAME="FAENCENCR1"></A>Encoding and Encryption</B></P><DL><DT><BCLASS="COMMAND">uuencode</B></DT><DD><P>This utility encodes binary files into ASCII characters, making them suitable for transmission in the body of an e-mail message or in a newsgroup posting.</P></DD><DT><BCLASS="COMMAND">uudecode</B></DT><DD><P>This reverses the encoding, decoding uuencoded files back into the original binaries.</P><DIVCLASS="EXAMPLE"><HR><ANAME="EX52"></A><P><B>Example 12-35. Uudecoding encoded files</B></P><TABLEBORDER="0"BGCOLOR="#E0E0E0"WIDTH="90%"><TR><TD><PRECLASS="PROGRAMLISTING"> 1 #!/bin/bash 2 # Uudecodes all uuencoded files in current working directory. 3 4 lines=35 # Allow 35 lines for the header (very generous). 5 6 for File in * # Test all the files in $PWD. 7 do 8 search1=`head -$lines $File | grep begin | wc -w` 9 search2=`tail -$lines $File | grep end | wc -w` 10 # Uuencoded files have a "begin" near the beginning, 11 #+ and an "end" near the end. 12 if [ "$search1" -gt 0 ] 13 then 14 if [ "$search2" -gt 0 ] 15 then 16 echo "uudecoding - $File -" 17 uudecode $File 18 fi 19 fi 20 done 21 22 # Note that running this script upon itself fools it 23 #+ into thinking it is a uuencoded file, 24 #+ because it contains both "begin" and "end". 25 26 # Exercise: 27 # -------- 28 # Modify this script to check each file for a newsgroup header, 29 #+ and skip to next if not found. 30 31 exit 0</PRE></TD></TR></TABLE><HR></DIV><DIVCLASS="TIP"><TABLECLASS="TIP"WIDTH="90%"BORDER="0"><TR><TDWIDTH="25"ALIGN="CENTER"VALIGN="TOP"><IMGSRC="common/tip.png"HSPACE="5"ALT="Tip"></TD><TDALIGN="LEFT"VALIGN="TOP"><P>The <AHREF="textproc.html#FOLDREF">fold -s</A> command may be useful (possibly in a pipe) to process long uudecoded text messages downloaded from Usenet newsgroups.</P></TD></TR></TABLE></DIV></DD><DT><BCLASS="COMMAND">mimencode</B>, <BCLASS="COMMAND">mmencode</B></DT><DD><P>The <BCLASS="COMMAND">mimencode</B> and <BCLASS="COMMAND">mmencode</B> commands process multimedia-encoded e-mail attachments. Although <ICLASS="EMPHASIS">mail user agents</I> (such as <BCLASS="COMMAND">pine</B> or <BCLASS="COMMAND">kmail</B>) normally handle this automatically, these particular utilities permit manipulating such attachments manually from the command line or in a batch by means of a shell script.</P></DD><DT><BCLASS="COMMAND">crypt</B></DT><DD><P>At one time, this was the standard UNIX file encryption utility. <ANAME="AEN9457"HREF="#FTN.AEN9457">[3]</A> Politically motivated government regulations prohibiting the export of encryption software resulted in the disappearance of <BCLASS="COMMAND">crypt</B> from much of the UNIX world, and it is still missing from most Linux distributions. Fortunately, programmers have come up with a number of decent alternatives to it, among them the author's very own <AHREF="ftp://metalab.unc.edu/pub/Linux/utils/file/cruft-0.2.tar.gz"TARGET="_top">cruft</A> (see <AHREF="contributed-scripts.html#ENCRYPTEDPW">Example A-4</A>). </P></DD></DL></DIV><DIVCLASS="VARIABLELIST"><P><B><ANAME="FAMISC1"></A>Miscellaneous</B></P><DL><DT><ANAME="MKTEMPREF"></A><BCLASS="COMMAND">mktemp</B></DT><DD><P>Create a <ICLASS="FIRSTTERM">temporary file</I> <ANAME="AEN9479"HREF="#FTN.AEN9479">[4]</A> with a <SPANCLASS="QUOTE">"unique"</SPAN> filename. When invoked from the command line without additional arguments, it creates a zero-length file in the <TTCLASS="FILENAME">/tmp</TT> directory.</P><P> <TABLEBORDER="0"BGCOLOR="#E0E0E0"WIDTH="90%"><TR><TD><PRECLASS="SCREEN"> <TTCLASS="PROMPT">bash$ </TT><TTCLASS="USERINPUT"><B>mktemp</B></TT> <TTCLASS="COMPUTEROUTPUT">/tmp/tmp.zzsvql3154</TT> </PRE></TD></TR></TABLE> </P><P><TABLEBORDER="0"BGCOLOR="#E0E0E0"WIDTH="90%"><TR><TD><PRECLASS="PROGRAMLISTING"> 1 PREFIX=filename 2 tempfile=`mktemp $PREFIX.XXXXXX` 3 # ^^^^^^ Need at least 6 placeholders 4 #+ in the filename template. 5 # If no filename template supplied, 6 #+ "tmp.XXXXXXXXXX" is the default. 7 8 echo "tempfile name = $tempfile" 9 # tempfile name = filename.QA2ZpY 10 # or something similar... 11 12 # Creates a file of that name in the current working directory 13 #+ with 600 file permissions. 14 # A "umask 177" is therefore unnecessary, 15 # but it's good programming practice anyhow.</PRE></TD></TR></TABLE></P></DD><DT><BCLASS="COMMAND">make</B></DT><DD><P>Utility for building and compiling binary packages. This can also be used for any set of operations that is triggered by incremental changes in source files.</P><P><ANAME="MAKEFILEREF"></A></P><P>The <BCLASS="COMMAND">make</B> command checks a <TTCLASS="FILENAME">Makefile</TT>, a list of file dependencies and operations to be carried out.</P></DD><DT><BCLASS="COMMAND">install</B></DT><DD><P>Special purpose file copying command, similar to <BCLASS="COMMAND">cp</B>, but capable of setting permissions and attributes of the copied files. This command seems tailormade for installing software packages, and as such it shows up frequently in <TTCLASS="FILENAME">Makefiles</TT> (in the <TTCLASS="REPLACEABLE"><I>make install :</I></TT> section). It could likewise find use in installation scripts.</P></DD><DT><BCLASS="COMMAND">dos2unix</B></DT><DD><P>This utility, written by Benjamin Lin and collaborators, converts DOS-formatted text files (lines terminated by CR-LF) to UNIX format (lines terminated by LF only), and vice-versa.</P></DD><DT><BCLASS="COMMAND">ptx</B></DT><DD><P>The <BCLASS="COMMAND">ptx [targetfile]</B> command outputs a permuted index (cross-reference list) of the targetfile. This may be further filtered and formatted in a pipe, if necessary.</P></DD><DT><BCLASS="COMMAND">more</B>, <BCLASS="COMMAND">less</B></DT><DD><P>Pagers that display a text file or stream to <TTCLASS="FILENAME">stdout</TT>, one screenful at a time. These may be used to filter the output of <TTCLASS="FILENAME">stdout</TT> . . . or of a script.</P><P> An interesting application of <BCLASS="COMMAND">more</B> is to <SPANCLASS="QUOTE">"test drive"</SPAN> a command sequence, to forestall potentially unpleasant consequences. <TABLEBORDER="0"BGCOLOR="#E0E0E0"WIDTH="90%"><TR><TD><PRECLASS="PROGRAMLISTING"> 1 ls /home/bozo | awk '{print "rm -rf " $1}' | more 2 # ^^^^ 3 4 # Testing the effect of the following (disastrous) command line: 5 # ls /home/bozo | awk '{print "rm -rf " $1}' | sh 6 # Hand off to the shell to execute . . . ^^</PRE></TD></TR></TABLE> </P></DD></DL></DIV></DIV><H3CLASS="FOOTNOTES">Notes</H3><TABLEBORDER="0"CLASS="FOOTNOTES"WIDTH="100%"><TR><TDALIGN="LEFT"VALIGN="TOP"WIDTH="5%"><ANAME="FTN.AEN8586"HREF="filearchiv.html#AEN8586">[1]</A></TD><TDALIGN="LEFT"VALIGN="TOP"WIDTH="95%"><P>An <ICLASS="FIRSTTERM">archive</I>, in the sense discussed here, is simply a set of related files stored in a single location.</P></TD></TR><TR><TDALIGN="LEFT"VALIGN="TOP"WIDTH="5%"><ANAME="FTN.AEN8596"HREF="filearchiv.html#AEN8596">[2]</A></TD><TDALIGN="LEFT"VALIGN="TOP"WIDTH="95%"><P> A <BCLASS="COMMAND">tar czvf archive_name.tar.gz *</B> <ICLASS="EMPHASIS">will</I> include dotfiles in directories <ICLASS="EMPHASIS">below</I> the current working directory. This is an undocumented GNU <BCLASS="COMMAND">tar</B> <SPANCLASS="QUOTE">"feature"</SPAN>. </P></TD></TR><TR><TDALIGN="LEFT"VALIGN="TOP"WIDTH="5%"><ANAME="FTN.AEN9457"HREF="filearchiv.html#AEN9457">[3]</A></TD><TDALIGN="LEFT"VALIGN="TOP"WIDTH="95%"><P>This is a symmetric block cipher, used to encrypt files on a single system or local network, as opposed to the <SPANCLASS="QUOTE">"public key"</SPAN> cipher class, of which <BCLASS="COMMAND">pgp</B> is a well-known example.</P></TD></TR><TR><TDALIGN="LEFT"VALIGN="TOP"WIDTH="5%"><ANAME="FTN.AEN9479"HREF="filearchiv.html#AEN9479">[4]</A></TD><TDALIGN="LEFT"VALIGN="TOP"WIDTH="95%"><P>Creates a temporary <ICLASS="EMPHASIS">directory</I> when invoked with the <TTCLASS="OPTION">-d</TT> option.</P></TD></TR></TABLE><DIVCLASS="NAVFOOTER"><HRALIGN="LEFT"WIDTH="100%"><TABLEWIDTH="100%"BORDER="0"CELLPADDING="0"CELLSPACING="0"><TR><TDWIDTH="33%"ALIGN="left"VALIGN="top"><AHREF="textproc.html">Prev</A></TD><TDWIDTH="34%"ALIGN="center"VALIGN="top"><AHREF="index.html">Home</A></TD><TDWIDTH="33%"ALIGN="right"VALIGN="top"><AHREF="communications.html">Next</A></TD></TR><TR><TDWIDTH="33%"ALIGN="left"VALIGN="top">Text Processing Commands</TD><TDWIDTH="34%"ALIGN="center"VALIGN="top"><AHREF="external.html">Up</A></TD><TDWIDTH="33%"ALIGN="right"VALIGN="top">Communications Commands</TD></TR></TABLE></DIV></BODY></HTML>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -