From 393c2ec93b261db90aa3c258743f8225863fdab3 Mon Sep 17 00:00:00 2001 From: tim Date: Thu, 31 Aug 2017 16:41:28 +0200 Subject: [PATCH] Adds a script to verify data checksums and notify of change and potential corruption, using cshatag (or shatag). --- verify_data.sh | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100755 verify_data.sh diff --git a/verify_data.sh b/verify_data.sh new file mode 100755 index 0000000..b4a3710 --- /dev/null +++ b/verify_data.sh @@ -0,0 +1,72 @@ +#!/bin/bash + +# Compute checksums for important data, and report changed or invalid +# checksums. +# This should help to identify bit rot among rarely-used files. + +mailto=root@localhost + +if ! [ $( which cshatag ) ]; then + echo "cshatag is not installed. Exiting." + exit +fi + +if ! [ $( which pcre2grep ) ]; then + echo "pcre2grep is not installed. Exiting." + exit +fi + +shatag="cshatag" + +for dir in /data/www /data/home ; do + + output=$( find "${dir}" -xdev -type f -exec ${shatag} {} \; ) + final_output= + corrupt_output=$( echo "${output}" | grep -v "" | pcre2grep -vM '.*\n.*stored:.*\n.*actual.*' ) + outdated_output=$( echo "${output}" | grep -v "" | pcre2grep -vM '.*\n.*stored:.*\n.*actual.*' ) + subject="Changed files in ${dir}" + + if [ -n "${corrupt_output}" ]; then + final_output=$( cat <<-END_CORRUPT + ${final_output} + + The following files may be corrupted: + + ${corrupt_output} + + END_CORRUPT + ) + subject="CORRUPT files in ${dir}" + fi + if [ -n "${outdated_output}" ]; then + modified_output=$( echo "${outdated_output}" | pcre2grep -vM '.*\n.*stored:.*0000000000.000000000.*\n.*actual.*' ) + final_output=$( cat <<-END_OUTDATED + ${final_output} + + The following files have been modified: + + ${modified_output} + + END_OUTDATED + ) + fi + + if [ -n "${final_output}" ]; then + cat <<-END_FINAL | mail -s "${subject}" "${mailto}" +The following files have changed on disk. + +If this is unexpected (that is, you haven't opened and re-saved these +files), they may have become corrupted. Please forward this list to your +systems administrator and request they be restored from backups. +${final_output} + END_FINAL + fi +done + +# for shatag: +# db=$( echo $dir | sed 's/[\/ ]/-/g' | sed 's/^-//' ) +# output=$( find "${dir}" -type f -exec ${shatag} -d "/root/${db}.shatagdb" -vqpt {} + 2>&1 ) +# outdated_output=$( echo "${output}" | grep -v "" ) +# +# corrupt_output=$( echo "${output}" | grep -v "" | awk -v SKIP=-1 '// { SKIP = 2 } SKIP-- >= 0 {next } 1' ) +# outdated_output=$( echo "${output}" | grep -v "" | awk -v SKIP=-1 '// { SKIP = 2 } SKIP-- >= 0 {next } 1' )