systraq - monitors your system and warns you when files change
systraq is part of the systraq package, a set of scripts that monitors
your system for file changes. It is meant to be run by a cronjob, not
systraq runs various system commands, to inspect the state of the
system: what is it doing now?, what has it been doing recently?, are we
running to hardware limitations?. Furthermore, it runs commands to
inspect some files in users´ homedirectories, as well as some system
files, for frequently seen flaws. All these commands are maintained in
little scripts in /etc/systraq/systraq.d. The first two characters of
the script´s name are used for the execution-order. The names of
executable files in systraq.d/ (or symlinks to such files) must consist
entirely of upper and lower case letters, digits, underscores, and
hyphens. Files which not adhere will be silently ignored. The systraq
script supplies some environment variables to the scripts in
systraq.d/, these might be helpful when adding your own scripts. Refer
to the (very small) systraq code itself for the details.
We´ll elaborate on some of the shipped systraq.d/ scripts.
AA-shellrc checks for unsafe umask setting in shell startup scripts, or
unsafe PATH in these scripts.
AA-debsums runs debsums, to check md5sums as stated in packaging files
with the sums of the actual files running the system. (NB: debsums has
support for md5 checksums only, most Debian packages ship md5 checksums
only. Therefore, we can´t use sha256sum. See also the discussion on
proposed release goal: DEBIAN/md5sums for all packages at the
Debian release mailinglist in August 2007 as well as Debian Bug
#268658 for some considerations on this.)
AA-localdigest runs sha256sum (or the command set in the ST_SUM
environment variable) to check message digests as locally maintained in
a file named in the ST_LDIGESTS environment variable. Typically, this
is set to /var/lib/systraq/systraq.sums. If this environment variable
is unset, this check is silenty skipped.
Of course, you can add your own scripts. If you name them AA-local,
they´ll never get overwritten by any version of this software. If you
don´t like one of these scripts, you can disable it by removing the
symlink, and creating a new symlink with the same name pointing to
The systraq Manual, installed in /usr/share/doc/systraq.
$Id: systraq.dbx 374 2008-12-14 08:47:32Z joostvb $
Joost van Baal <firstname.lastname@example.org>
Laurent Fousse <email@example.com>
Copyright © 2001-2008 Joost van Baal
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU General Public License, Version 2 or any
later version published by the Free Software Foundation.
This document is based upon a manual page written by Laurent Fousse for
the Debian project.
1. proposed release goal: DEBIAN/md5sums for all packages
2. Debian Bug #268658
17 december 2008