Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/man/qtegrity.1
blob: 2ba896cf9291701e641137cfd81b016072240d15 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

.\" generated by mkman.py, please do NOT edit!
.TH qtegrity "1" "May 2018" "Gentoo Foundation" "qtegrity"
.SH NAME
qtegrity \- verify files with IMA
.SH SYNOPSIS
.B qtegrity
\fI[opts] <misc args>\fR
.SH DESCRIPTION
The default behavior of \fBqtegrity\fP is to verify digests of performed
executables to a list of known good digests. This requires an IMA-enabled
linux kernel, which records digests of performed executables and exports them
through securityfs. Using \fB\-\-ignore-non-existent\fP suppresses messages
about recorded files that can't be accessed (assuming they got removed).
By using \fB\-\-add\fP, the program behaves differently. No verification is
performed, instead a digest is made of the provided file and appended to
the list of known good digests.
.SH OPTIONS
.TP
\fB\-a\fR \fI<arg>\fR, \fB\-\-add\fR \fI<arg>\fR
Add file to store of known-good digests.
.TP
\fB\-i\fR, \fB\-\-ignore\-non\-existent\fR
Be silent if recorded file no longer exists.
.TP
\fB\-s\fR, \fB\-\-show\-matches\fR
Show recorded digests that match with known-good digests.
.TP
\fB\-\-root\fR \fI<arg>\fR
Set the ROOT env var.
.TP
\fB\-v\fR, \fB\-\-verbose\fR
Make a lot of noise.
.TP
\fB\-q\fR, \fB\-\-quiet\fR
Tighter output; suppress warnings.
.TP
\fB\-C\fR, \fB\-\-nocolor\fR
Don't output color.
.TP
\fB\-h\fR, \fB\-\-help\fR
Print this help and exit.
.TP
\fB\-V\fR, \fB\-\-version\fR
Print version and exit.
.SH RELEVANT FILES
.PP
Central list of known good digests
.nf\fI
	/var/db/QTEGRITY\fi
.PP
Linux kernel's recorded digests
.nf\fI
	/sys/kernel/security/ima/ascii_runtime_measurements\fi
.SH "REPORTING BUGS"
Please report bugs via http://bugs.gentoo.org/
.br
Product: Portage Development; Component: Tools, Assignee:
portage-utils@gentoo.org
.SH AUTHORS
.nf
Ned Ludd <solar@gentoo.org>
Mike Frysinger <vapier@gentoo.org>
Fabian Groffen <grobian@gentoo.org>
Sam Besselink
.fi
.SH "SEE ALSO"
.BR q (1),
.BR qatom (1),
.BR qcache (1),
.BR qcheck (1),
.BR qdepends (1),
.BR qfile (1),
.BR qgrep (1),
.BR qlist (1),
.BR qlop (1),
.BR qmerge (1),
.BR qpkg (1),
.BR qsearch (1),
.BR qsize (1),
.BR qtbz2 (1),
.BR quse (1),
.BR qxpak (1)