state databases

So how do you compare the current state this morning to the known state last night? The answer is to save a snapshot of what the machine looked like in a database.

integrit uses two databases, the known-state database and the current-state database.

Let's rewind the example above and say that right after installing the OS, you installed integrit and generated a current-state database, say you called the file, "/root/databases/os_install.cdb".

You put the new database onto a zip disk, pocket the zip disk, and only then do you put the machine on the internet. Then you go to bed.

The next morning you have a database, "os_install.cdb", on your zip disk which represents the last known state of the computer system. The database you made last night is a snapshot of the system in a known state.

You then run integrit, to compare the current state of the system with the known state preserved on the zip disk database, "os_install.cdb". The file, os_install.cdb, is the known-state database.

Last night, os_install.cdb held the current state. This morning, it holds known state. Time has elapsed.

Next: update and check
SourceForge Logo

integrit homepage
integrit project page