Am 04.04.22 08:32 schrieb Eric Thomas: > I want to have a high degree of confidence in my system's state > (packages that have been added, configs that have changed, permissions > changed, etc). I've read about "read only filesystems" and the > pro's/con's [here](http://geodsoft.com/howto/harden/OpenBSD/no_changes.htm). > > Aside from that, is there a way to... > > 1. ...hash the file system in some way and monitor for changes? OR > 2. ...somehow review changes that have taken place (a log somewhere)? > > The goal is to concretely know whether the state of the system has > changed, then point to what EXACTLY has changed. >
Since many years I use rcs(1) for that on hosts I have to admin. In Openbsd this fine tool is in base...
