Wednesday, 29 February 2012

Shared hosting MD5 Change Detection Script

#!/bin/bash
# Irongeek's crappy change detection script.
# The purpose of this script is to detect file changes. We will make an MD5
# hash of all the files in a path and look for changes. In theory, the next
# two lines should be all you have to change (except maybe the find command).
PathToCheck="/home/someuser/somepath"
SendReportsToThisEmailAddress="someone@example.com"
# We will store the results of our recursive hashing so we can compare them
# to new results later. Add a line like this:
# */10 * * * * /home/someuser/changedetectionscript.sh>/dev/null 2>&1
# to your crontab to run the script every 10 min. "crontab -e" should be the
# command to do that (and of course leave off the # comment, and chmod +x the
# script so that it is executable). This next line sets a variable so we know
# where the script is ran from, and CDs into that directory. You will need
# write permissions in this directory.
 
ScriptDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 
# These lines just print some running information
echo Working in directory $ScriptDir  
echo Checking directory $PathToCheck  
echo Reports will be sent to $SendReportsToThisEmailAddress
# The next line finds all the files in the path, but excludes some we don't
# care to check. In my case, some .spc files used to cache some RSS feeds.
# Remove this exclusion, or add more exclusions, as you wish. After find finds
# a file, it runs md5sum on it, and stores the results by redirecting
# standard out into a file.
find $PathToCheck -type f \( -not -iname "*.spc" \) -exec md5sum '{}' \;>$ScriptDir/newout.txt
# Assuming this is not the first run, the output of the command above gets
# compared to the old output of a previous run and the differences redirected
# into a temp file.
 
diff -C 0 $ScriptDir/oldout.txt $ScriptDir/newout.txt > $ScriptDir/difftemp.txt
# Assuming the file is bigger than 0 bytes, we will go into this if statement.
if [ -s $ScriptDir/difftemp.txt ]
then

# Yippy, we found some differences in the MD5 hashes, time to generate
# some output we will eventually send as a warning.
echo "Got differences, sending email"
echo "Change Report" > $ScriptDir/tempoutput.txt
echo >> $ScriptDir/tempoutput.txt
# The weird awk and regex below is so we can work with file names with
# spaces in them. We ls -al each changed file to get things like size,
# timestamp and permissions, just so there is extra info in the report.
awk '{fn=substr($0,length($1 $2) + 4);gsub(/ /,"\\ ", fn); print fn}' \
          $ScriptDir/difftemp.txt | grep / | uniq | xargs ls -al \           >>$ScriptDir/tempoutput.txt
# Lines like the one below are just to put in an extra linefeed.echo >> $ScriptDir/tempoutput.txt
# Let's put the hash differences into the report.cat $ScriptDir/difftemp.txt >> $ScriptDir/tempoutput.txt
echo >> $ScriptDir/tempoutput.txt
# Now we can pipe it into the mail utility and send it to whom we want. cat $ScriptDir/tempoutput.txt | mail -s "MD5 Diff `date`" $SendReportsToThisEmailAddress
# We will also make a running log, >> means append but not over wight.date >> permlog.txtcat $ScriptDir/tempoutput.txt >> permlog.txt# We will also make an archived copy of the output, naming it by date.cp $ScriptDir/newout.txt $ScriptDir/oldout_`date +"%Y%m%d%H%M%S"`.txt
# And now the new output becomes the old output for the next time we do
# MD5 file hash comparisons.
mv $ScriptDir/newout.txt $ScriptDir/oldout.txt
else
# If the file in the if statement is 0 bytes, we end up here, and do
# nothing.
echo "No differences"
fi 
 # I got a lot of help on writing this script from these pages/posts:
# http://wandzeitung.informations-compagnie.de/2008/07/30/recursive-md5-hashing-with-linux/
# http://bytes.com/topic/unix/answers/647432-renaming-file-append-date
# http://www.cyberciti.biz/faq/find-command-exclude-ignore-files/
# http://www.linuxforums.org/forum/programming-scripting/134529-bash-script-needs-e-mail-output.html
# http://stackoverflow.com/questions/59895/can-a-bash-script-tell-what-directory-its-stored-in
# http://tldp.org/LDP/Bash-Beginners-Guide/html/sect_07_01.html

No comments:

Post a Comment