summaryrefslogtreecommitdiff
path: root/doc/apk-audit.8.scd
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2020-05-04 15:24:58 +0300
committerTimo Teräs <timo.teras@iki.fi>2020-05-06 13:05:25 +0300
commit791f93fcbe7a543e0bb844887ba395be8ed8ea44 (patch)
treea507ab39c1832769433a4e8e4b036643c191878f /doc/apk-audit.8.scd
parent5258b484bf13441d3d5c199e3c8d70cf2a75b3ca (diff)
downloadapk-tools-791f93fcbe7a543e0bb844887ba395be8ed8ea44.tar.gz
apk-tools-791f93fcbe7a543e0bb844887ba395be8ed8ea44.tar.bz2
apk-tools-791f93fcbe7a543e0bb844887ba395be8ed8ea44.tar.xz
apk-tools-791f93fcbe7a543e0bb844887ba395be8ed8ea44.zip
man pages: make more friendly for help generation
Also few minor fixups added.
Diffstat (limited to 'doc/apk-audit.8.scd')
-rw-r--r--doc/apk-audit.8.scd36
1 files changed, 26 insertions, 10 deletions
diff --git a/doc/apk-audit.8.scd b/doc/apk-audit.8.scd
index 838895b..8b46c32 100644
--- a/doc/apk-audit.8.scd
+++ b/doc/apk-audit.8.scd
@@ -10,10 +10,17 @@ apk audit - audit directories for changes
# DESCRIPTION
-*apk audit* audits the specified directories for changes from the package
-database. By default, the output format is one file per line, for each affected
-file. A character is printed indicating the change detected, followed by a
-space, then the affected path. The changes detected are:
+*apk audit* audits the system or specified directories for changes compared to
+the package database.
+
+The audit can be done against configuration files only (--backup) to generate
+list of files needed to be stored in the overlay in run-from-tmps configuration.
+Alternatively, it can audit all installed files (--system) to e.g. detect
+unauthorized modifications of system files.
+
+By default, the output format is one file per line, for each modified file.
+A character is printed indicating the change detected, followed by a space,
+then the affected path. The changes detected are:
|[ A
:< File added
@@ -34,17 +41,26 @@ space, then the affected path. The changes detected are:
# OPTIONS
+*--backup*
+ Audit configuration files only (default). The list of files to be
+ audited is generated from the masks in protected_paths.d.
+
*--check-permissions*
- In addition to checking file contents, check the uid, gid, and file
- mode as well.
+ Check file permissions too. Namely, the uid, gid and file mode will
+ be checked in addition to the file content.
*--packages*
- Instead of printing each modified file, print the names and versions of
- the packages which own the affected files.
+ Print only the packages with changed files. Instead of the full output
+ each modification, the set of packages with at least one modified file
+ is printed.
+
+ To repair all packages with modified files, one could use:
+ apk audit --packages -q | xargs apk fix
*--system*
- List all modified configuration files (in protected_paths.d) that need
- to be backed up.
+ Audit all system files. All files provided by packages are verified
+ for integrity with the exception of configuration files (listed in
+ protected_paths.d). This is useful detecting unauthorized file changes.
*-r, --recursive*
Descend into directories and audit them as well.