Menu
Index

Contact
LinkedIn
GitHub
Atom Feed
Comments Atom Feed



Tweet

Similar Articles

01/05/2011 20:00
syslog-ng on OpenWrt
01/05/2011 11:25
Log checker (mini_logcheck) for OpenWrt
23/01/2010 18:41
OpenWrt with native IPv6 on DG834 v2 (using AAISP)
05/04/2014 22:23
OpenWrt on RB450G for AAISP FTTC II (12.09: Attitude Adjustment)
01/05/2015 11:06
OpenWrt on Netgear WNDR3700v2 for AAISP FTTC (14.07: Barrier Breaker)
04/01/2015 14:50
DBPower (MayGion) 720p P2P IP Camera with Linux & Zoneminder

Recent Articles

23/04/2017 14:21
Raspberry Pi SD Card Test
07/04/2017 10:54
DNS Firewall (blackhole malicious, like Pi-hole) with bind9
28/03/2017 13:07
Kubernetes to learn Part 4
23/03/2017 16:09
Kubernetes to learn Part 3
21/03/2017 15:18
Kubernetes to learn Part 2

Glen Pitt-Pladdy :: Blog

Filesystem checker (mini_fscheck) for OpenWrt

 

As mentioned previously, I'm a believer in monitoring things closely and another tool that is useful. Some form of filesystem checker which reports changes is useful even if it is only to remind me of changes I've made.

Like my mini_logcheck script this also has to be very lightweight and based on standard busybox tools.

How it works

What we do is maintain a database of the filesystem the last time we looked at it. This includes inodes, MD5 checksums, permissions, sizes etc., then on each run we do a diff against the last time, and email that if stuff has changed.

Installation & Configuration

Download mini_fscheck for OpenWrt and ensure you also have the following packages installed:

  • cron - needed to run mini_fscheck
  • mini_sendmail - needed to send emails

Put mini_fscheck somewhere suitable (eg. /usr/sbin though /etc would arguably be OK considering it contains email configuration). You will need to edit the file to set the email configuration appropriately for your needs.

You may also want to modify the find command to include/exclude things that you want to monitor.

If you are using my mini_logcheck then don't forget to add a rule rule in for running this for crond:

crond\[[0-9]+\]: USER root pid [0-9]+ cmd /usr/sbin/mini_fscheck$

This will be logged each time the cron runs the script so if you don't have this you will get an email every time.

Then add a cron entry (create a a new file if needed) in /etc/crontabs/root to run the script:

# m h dom mon dow command
  42 */2 * * * /usr/sbin/mini_fscheck

How often you run the filesystem check is up to you - more often will catch problems earlier but this is fairly CPU and IO intensive and if the rules are not perfect it risks filling your mailbox with messages.

Restart cron to read the new crontab and start things off:

# /etc/init.d/cron restart

Then each time the script runs it should email you any new log lines which are not excluded by the patterns on the find lines.

The first run should email you about generating the databases, and after that you should get diffs of the files that change.

Comments:




Are you human? (reduces spam)
Note: Identity details will be stored in a cookie. Posts may not appear immediately