.\" $Id: instck.man,v 8.15 2012/09/05 23:09:54 ksb Exp $
.\" Copyright 1990 Purdue Research Foundation, West Lafayette, Indiana
.\" 47907.  All rights reserved.
.\" $Compile: Display%h
.\" $Display: ${groff-groff} -Tascii -tbl -man %f | ${PAGER:-less}
.\" $Install: %b -mDeinstall %o %f && cp %f $DESTDIR/usr/local/man/man8/instck.8
.\" $Deinstall: ${rm-rm} -f $DESTDIR/usr/local/man/[cm]a[nt]8/instck.8*
.\" $Laser: ${tbl-tbl} %f | ${ltroff-ltroff} -man
.\"
.\" Written by Kevin S Braunsdorf, ksb@cc.purdue.edu, purdue!ksb
.\"	       Jeff Smith, jsmith@cc.purdue.edu, purdue!jsmith
.\"
.\" This software is not subject to any license of the American Telephone
.\" and Telegraph Company or the Regents of the University of California.
.\"
.\" Permission is granted to anyone to use this software for any purpose on
.\" any computer system, and to alter it and redistribute it freely, subject
.\" to the following restrictions:
.\"
.\" 1. Neither the authors nor Purdue University are responsible for any
.\"    consequences of the use of this software.
.\"
.\" 2. The origin of this software must not be misrepresented, either by
.\"    explicit claim or by omission.  Credit to the authors and Purdue
.\"    University must appear in documentation and sources.
.\"
.\" 3. Altered versions must be plainly marked as such, and must not be
.\"    misrepresented as being the original software.
.\"
.\" 4. This notice may not be removed or altered.
.TH INSTCK 1 LOCAL
.SH NAME
instck - check, repair, or record the modes of files
.SH SYNOPSIS
.ds PN "instck
\fI\*(PN\fP [\fB\-dlLqSv\fP] [\fB\-C\fP\~\fIchecklist\fP] [\fB\-g\fP\~\fIgroup\fP] [\fB\-m\fP\~\fImode\fP] [\fB\-o\fP\~\fIowner\fP] \fIdirectories\fP
.br
\fI\*(PN\fP \fB\-i\fP [\fB\-dlLSvy\fP] [\fB\-C\fP\~\fIchecklist\fP] [\fB\-g\fP\~\fIgroup\fP] [\fB\-m\fP\~\fImode\fP] [\fB\-o\fP\~\fIowner\fP] \fIdirectories\fP
.br
\fI\*(PN\fP \fB\-G\fP [\fB\-R\fP | \fB\-d\fP] [\fB\-lLSvx\fP] [\fB\-g\fP\~\fIgroup\fP] [\fB\-m\fP\~\fImode\fP] [\fB\-o\fP\~\fIowner\fP] \fIdirectories\fP
.br
\fI\*(PN\fP \fB\-h\fP
.br
\fI\*(PN\fP \fB\-V\fP
.SH DESCRIPTION
\fIInstck\fP inspects the modes of files in a directory structure.
Actually it handles almost every type of node.
.PP
It has two major methods of operation:
.br
 \fIscanning\fP, to generate a "good" list, and
 \fIchecking\fP, to see if the "good" list is being honored.
.br
.PP
For instance, your system might have the file \fI/usr/local/lib/install.cf\fP,
which would contain a "good" list that states /bin/sh should be installed mode
0755, owned by user root and group wheel. In a weak moment, your local SA used
install to put a new version of \fBsh\fP on the machine via:
.br
	install \-m7555 \-o root \-g wheel sh /bin
.br
(note the extra \`5\').  \fIInstck\fP would find this error if it were to check
/bin/sh against your "good" list.
.PP
In checking mode, the default action is to report (not act on) files that do
not comply with the expected values from the checklist.  The default checklist
is /usr/local/lib/install.cf.
.SH OPTIONS
.TP
.nf
\fB\-C\fP \fIchecklist\fP
.fi
Search \fIchecklist\fP for the expressions to match the
installed files, see \fBinstall.cf\fP(5l).
.TP
.nf
\fB\-d\fP
.fi
Do not check the contents of a directory, as in \fBls\fP(1).
.TP
.nf
\fB\-g\fP \fPgroup\fP
.fi
Set the default group for all installed files.
.TP
.nf
\fB\-G\fP
.fi
This option will generate a checklist file for the given directories.
\fIInstck\fP outputs some crass comments on the end of the lines describing
each node, so some editing is recommended.
However one should reflect carefully on these before deleting them.
.TP
.nf
\fB\-h\fP
.fi
Print a summary of \fI\*(PN\fP's usage.
.TP
.nf
\fB\-i\fP
.fi
Prompt the user with suggested shell commands, for example if /tmp was
the wrong mode \fI\*(PN\fP might prompt with:
.sp 1
	instck: `/tmp' mode 0777 doesn't have bits to match drwxrwxrwt (1777)
.br
	instck: chmod 1777 /tmp [nfhqy]
.sp 1
A reply of `y' or `Y' will run the proposed command, `f' will skip to
the next file.  For other choices see `h'.  If your job holds little value,
`-y' will make subsequent prompts assume a `y'.  Careful, this one bites.
.TP
.nf
\fB\-l\fP
.fi
A long list will be made of all the files that didn't match any rule.
Under \fB\-G\fP generate no default pattern, list all nodes.
.TP
.nf
\fB\-L\fP
.fi
Allows `link format' in the configuration file.  Link format records
where a hardlink points or where a symbolic link points.  This is quite
useful for programs that carry a link with them, like \fBvi\fB and \fBex\fP.
.TP
.nf
\fB\-m\fP \fImode\fP
.fi
Set the default mode for all installed files.
.TP
.nf
\fB\-o\fP \fIowner\fP
.fi
Set the default owner for installed files.
.TP
.nf
\fB\-R\fP
.fi
Recursively descend from each directory given into all subdirectories,
like \fBls\fP(1).
.TP
.nf
\fB\-S\fP
.fi
Run as if \fBgeteuid\fP(2) returned zero.
.TP
.nf
\fB\-q\fP
.fi
Suppress warnings about dangerous unchecked files.
.TP
.nf
\fB\-v\fP
.fi
Be more verbose.  Under \fB\-G\fP do not use double quote (") to
copy values from the preceding lines.
.TP
.nf
\fB\-V\fP
.fi
Give version information about \fI\*(PN\fP itself.
.TP
.nf
\fB\-x\fP
.fi
In the \fB\-gG\fP output, separate plain files by execute bit.  Those
with any execute bits set will be higher in the output.  This tends to
allow more of the double quote short-hand.
.TP
.nf
\fB\-y\fP
.fi
Under \fB\-i\fP fake a `yes' response to each confirmation,
like \fBfsck\fP(8).
Note that some operations are too dangerous to allow this option to
force their action.  For these few this option changes the default
answer to yes.  The author thinks this might cross the fine
line between clever and stupid.
.SH EXAMPLES
.TP
.nf
\fI\*(PN\fP /bin /usr/bin /usr/ucb /usr/local/bin /etc
.fi
Report inconsistent installations in the listed directories, using
/usr/local/lib/install.cf as the reference point.
.TP
.nf
\fI\*(PN\fP \-v /etc
.fi
Report inconsistent installations in /etc, be very verbose.  Since the default
checklist doesn't have much specific information about files in /etc this may
not provide much useful information.
.TP
.nf
\fI\*(PN\fP \-GdLx /etc/*  > /tmp/etc.cf
.fi
Generate a list of only the directories in /etc/. Like \fBls\fP, \-d and \-R are
exclusive to one another.
.TP
.nf
\fI\*(PN\fP \-GRLx /usr > /tmp/usr.cf
.fi
Generate a recursive checklist for /usr and all the files in /usr.
.TP
.nf
\fI\*(PN\fP \-ilvC/tmp/usr.cf /usr
.fi
Use the previously generated checklist to check /usr for changes.  Prompt for
what repairs might be required.
.TP
.nf
\fI\*(PN\fP \-V
.fi
Report version information, e.g.
.br
.RS
.TS
l s s
l s s
l l l.
instck: version: $\&Id: instck.m,v 8.22 2006/12/30 03:21:06 ksb Exp $
instck: configuration file: /usr/local/etc/install.cf
instck: defaults: owner=root	group=binary	mode=\-rwxr\-xr\-x
.TE
.RE
.SH FILES
.TS
l l.
/usr/local/lib/instck.cf	the default \fIchecklist\fP file
.TE
.SH AUTHOR
KS Braunsdorf, NPC Guild.org
.br
install at-hate-spam ksb.npcguild.org
.br
Copyright \*(co 1990 Purdue Research Foundation.  All rights reserved.
This is a modified version of that code-base.
.SH "SEE ALSO"
.hlm 0
ls(1), chgrp(1), chmod(1), install(1l), ranlib(1), strip(1),
geteuid(2), syslog(3), install.cf(5l), purge(8l),
chown(8), fsck(8)