acst

acst as a tool is designed to detect silent data corruption by first writing the mtime and the SHA256 checksum of a file into its extended attributes and then, upon later execution, comparing and verifying changes against both the mtime and checksum.

Download

acst 0.1.3 (31kb) (2022-07-12)

Manual

ACST(1)                     General Commands Manual                    ACST(1) 
 
NAME 
       acst - Actual C-implementation of a Simple shaTag 
 
SYNOPSIS 
       acst [-dhmnqrvx] <FILE...> 
 
DESCRIPTION 
       acst is a minimal and simplified implementation in C of, or rather, 
       inspired by, shatag and also inspired by cshatag. 
 
       acst as a tool is designed to detect silent data corruption by first 
       writing the mtime and the SHA256 checksum of a file into its extended 
       attributes and then, upon later execution, comparing and verifying 
       changes against both the mtime and checksum. For this to work, the file 
       system intended to be verified must first support extended user 
       attributes, either by being mounted with user_xattr enabled or by other 
       means. Depending on how these variables differ, various file statuses 
       are being reported (see the FILE STATUSES section). 
 
       acst won’t follow symlinks due to the risks of creating reference loops 
       or referencing data outside of the indented scope of subdirectories. 
       acst also won’t descend into directories on other file systems than the 
       one specified using the FILE argument. Keep in mind that if multiple 
       files with different file systems are specified using the FILE 
       argument, they will get traversed indifferent of each other. For 
       example, if you specify two different partitions mounted on two 
       different directories, they would both be traversed. 
 
       acst reads names of files to open from standard input if the only FILE 
       argument is ’-’. To open files starting with ’-’, use ’--’ to cancel 
       parsing of arguments. 
 
       acst does not aim to be format-compatible with shatag and uses 
       different names for the extended attributes but similar formats for the 
       extended attributes (see the COMPATIBILITY section). 
 
OPTIONS 
       -d     Check for duplicates among files based on stored checksums from 
              acst’s extended attributes. Return values when checking for 
              duplicates are normally 0 for success or 1 for fatal errors (in 
              other words, the RETURN VALUES section does not apply). 
              Certainty of the result is, of course, dependent on checksums 
              being created or corrected fairly recently as no checksums are 
              being computed during the duplicate check. 
 
       -h     Print brief usage information to standard output and exit. 
 
       -m     Summarize information at end of execution. 
 
       -n     Don’t create or update any extended file attributes. File 
              hashing and checking will be performed, but no extended file 
              attributes will be created or updated. 
 
       -q     Quiet mode. If specified one time ok files are not being 
              reported. If specified two times, only corrupt, backdated, and 
              malformed files and errors are being reported. 
 
       -r     Process directories and their contents recursively, not just 
              files. 
 
       -x     Remove acts’s extended attributes (xattrs) from FILE. 
 
       -v     prints version information to stderr, then exits. 
 
RETURN VALUES 
       0      Success 
 
       1      Wrong number of or invalid arguments. 
 
       2      One or more files, including directories when executed with the 
              recursive flag, could not be opened. 
 
       3      One or more files is not a regular file and probably a symlink 
              of sorts. 
 
       4      Extended attributes could not be written to one or more files. 
 
       5      At least one file was found to be corrupt, backdated or 
              malformed. 
 
       6      More than one type of error has occurred. 
 
FILE STATUSES 
       During program execution and processing of each file various file 
       statuses will appear on stdout.  Following are descriptions of these 
       statuses. 
 
       ok     Checksum is correct and mtime is unchanged. 
 
       hash ok 
              Checksum is correct and mtime was changed. 
 
       outdated 
              Checksum is incorrect and mtime is newer than the one stored as 
              an extended Attribute. 
 
       backdated 
              Checksum is incorrect and mtime is older than the one stored as 
              an extended Attribute. 
 
       malformed 
              Extended attributes could not be read as otherwise intended. 
 
       corrupt 
              Checksum is incorrect but mtime stayed the same. 
 
       disrupted 
              File was modified during hash computation. 
 
       new    Extended attributes are missing and were added. 
 
       xattr removed 
              Extended attributes were removed. 
 
       dup    Duplicate of checksum among files checked. 
 
EXAMPLES 
       find /strg/shr/media -xdev -type f | acst - > /root/acst.log 
              will use find to recursively traverse through files in 
              /mnt/memorystick within the same file system and log the result 
              to /root/acst.log. Using acst this way is many times faster than 
              using the recursive argument and can also replace all examples 
              below using the recursive argument. It should be treated as the 
              preferred method of using acst. 
 
       acst -r /home/user01 /mnt/memorystick > /root/acst.log 
              will recursively process files in both /home/user01 and 
              /mnt/memorystick even if they belong to different file systems, 
              as they are both specified using the FILE argument, and then log 
              the result to /root/acst.log. 
 
       acst -rm /home/user01 /mnt/memorystick > /root/acst.log 
              will perform the same operation as above with the addition of 
              also summarizing the result of the execution to the log. 
 
       acst -rx /mnt/memorystick > /root/acst.log 
              will recursively process and remove extended attributes from 
              files in /mnt/memorystick and log the result to /root/acst.log. 
 
       acst -rd /mnt/memorystick 
              will recursively check for duplicates among files in 
              /mnt/memorystick based on checksums stored as extended 
              attributes. 
 
COMPATIBILITY 
       acst writes to user.acst.cs and user.acst.ts instead of the 
       user.shatag.sha256 and user.shatag.ts specified by shatag. 
       acst writes the user.acst.ts field with full integer nanosecond 
       precision, while python-implemented shatag doesn’t. 
 
AUTHOR 
       Chris Noxz <chris@noxz.tech> 
 
COPYRIGHT 
       Copyright © 2022 Chris Noxz. 
 
       License: GPLv3+ 
 
       GNU GPL version 3 or later 
       <https://www.gnu.org/licenses/licenses.html>. 
 
       This is free software: you are free to change and redistribute it. 
       There is NO WARRANTY, to the extent permitted by law. 
 
SEE ALSO 
       shatag(1), cshatag(1), sha256sum(1), getfattr(1), setfattr(1) 
 
       The original shatag utility, written in python by Maxime Augier: 
       https://bitbucket.org/maugier/shatag 
       and cshatag utility, written in Go by Jakob Unterwurzacher: 
       https://github.com/rfjakob/cshatag 
 
AVAILABILITY 
       Up-to-date sources can be found at: 
       https://noxz.tech/git/acst 
       https://noxz.tech/software/acst 
 
                                 acst-0.1.3                            ACST(1) 

Installation

Edit config.mk to match your local setup (acst is installed into the /usr/local namespace by default), then simply enter the following command to install (if necessary as root):

make clean install 

get source here.