svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
bart_rules(5)
bart_rules(5) File Formats bart_rules(5)
NAME
bart_rules - bart rules file
DESCRIPTION
The bart_rules file is a text file that is used by the bart(8) command.
The rules file determines which files to validate and which file
attributes of those files to ignore.
Some lines are ignored by the manifest comparison tool. Ignored lines
include blank lines, lines that consist only of white space, and com‐
ments that begin with #.
The rules file supports three directives: CHECK, IGNORE, and a subtree
directive, which is an absolute path name and optional pattern matching
modifiers. Each CHECK, IGNORE, and subtree directive must be on a sepa‐
rate line. Bart supports continuation of long lines using a backslash
(\). The rules file uses the directives to create logical blocks.
Syntax
The syntax for the rules file is as follows:
[IGNORE attribute...]*
[CHECK] [attribute...]*
subtree1 [pattern...]*
[IGNORE attribute...]*
[CHECK] [attribute...]*
subtree2 [pattern...]*
subtree3 [pattern...]*
subtree4 [pattern...]*
[IGNORE attribute...]*
[CHECK] [attribute...]*
...
Rule Blocks
Rule blocks are composed of statements that are created by using direc‐
tives and arguments.
There are three types of blocks:
Global Block The first block in the file. The block is considered
"global" if it specifies CHECK and IGNORE statements,
but no previous subtree statement. A global block per‐
tains to all subsequent blocks.
Local block A block that specifies CHECK and IGNORE statements as
well as a subtree directive. The rules in this block
pertain to files and directories found in the specified
subtree.
Heir block A block that contains a null CHECK statement, no argu‐
ments. This block inherits the global CHECK statements
and IGNORE statements.
The order in which CHECK and IGNORE statements appear in blocks is
important. The bart command processes CHECK and IGNORE statements in
the order in which they are read, with later statements overriding ear‐
lier statements.
Subtree specifications must appear one per line. Each specification
must begin with an absolute path name. Optionally, each specification
can be followed by pattern-matching modifiers.
When a file system being tracked belongs to more than one subtree
directive, bart performs the following resolution steps:
o Applies the CHECK and IGNORE statements set in the global
block. Note that all CHECK and IGNORE statements are pro‐
cessed in order.
o Finds the last subtree directive that matches the file.
o Processes the CHECK and IGNORE statements that belong to the
last matching subtree directive. These statements are pro‐
cessed in the order in which they are read, overriding
global settings.
Pattern Matching Modifiers
There are two types of pattern matching modifiers:
AND For a given subtree directive, pattern matching modifiers are
logically ANDed all together and with the subtree. In other
words, for an entry to match the subtree block rule, it must
match the subtree directive and ALL pattern matching modifiers.
Therefore, it usually makes little sense to specify more than
one positive pattern matching modifier for the given subtree
block rule. Patterns have the following syntax:
o Wildcards are permitted for both the subtree and pat‐
tern matching modifiers.
o The exclamation point (!) character represents logi‐
cal NOT.
o A pattern that terminates with a slash is a subtree.
The absence of a slash indicates that the pattern is
not a directory. The subtree itself does not require
an end slash.
For example, the following subtree example includes the contents
of /home/nickiso/src except for object files, core files, and
all of the SCCS subtrees. Note that directory names that termi‐
nate with .o and directories named core are not excluded because
the patterns specified do not terminate with /.
/home/nickiso/src !*.o !core !SCCS/
CHECK all
No possible entry can match the following subtree block rule
because the two specified pattern matching modifiers are dis‐
junct:
/home/nickiso/src *.o core
CHECK all
OR Group multiple subtree directives together. Such subtree direc‐
tives are logically ORed together.
/home/nickiso/src !*.o !core
/home/nickiso/Mail
/home/nickiso/docs *.sdw
CHECK all
IGNORE mtime lnmtime dirmtime
The files included in the previous example are as follows:
o Everything under /home/nickiso/src except for *.o and
core files
o Everything under /home/nickiso/Mail
o All files under /home/nickiso/docs that end in *.sdw
For these files, all attributes are checked except for modifica‐
tion times.
File Attributes
The bart command uses CHECK and IGNORE statements to define which
attributes to track or ignore. Each attribute has an associated key‐
word.
The attribute keywords are as follows:
acl ACL attributes for the file. For a file with ACL
attributes, this field contains the output from
acl_totext(3SEC).
all All attributes.
contents Checksum value of the file. This attribute is only speci‐
fied for regular files. If you turn off context checking or
if checksums cannot be computed, the value of this field is
-. The algorithm used to compute this is controlled by the
-a option to the bart command.
dest Destination of a symbolic link.
devnode Value of the device node. This attribute is for character
device files and block device files only.
dirmtime Modification time in seconds since 00:00:00 UTC, January 1,
1970 for directories.
gid Numerical group ID of the owner of this entry.
lnmtime Creation time for links.
mode Octal number that represents the permissions of the file.
mtime Modification time in seconds since 00:00:00 UTC, January 1,
1970 for files.
size File size in bytes.
type Type of file.
uid Numerical user ID of the owner of this entry.
EXAMPLES
Example 1 Sample Rules File
The following is a sample rules file:
# Global rules, track everything except dirmtime.
CHECK all
IGNORE dirmtime
# The files in /data* are expected to change, so don't bother
# tracking the attributes expected to change.
# Furthermore, by specifying "IGNORE contents", you save
# time and resources.
/data*
IGNORE contents mtime size
/home/nickiso f* bar/
IGNORE acl
# For /usr, apply the global rules.
/usr
CHECK
# Note: Since /usr/tmp follows the /usr block, the /usr/tmp
# subtree is subjected to the "IGNORE all".
/usr/tmp
/home/nickiso *.o
/home/nickiso core
/home/nickiso/proto
IGNORE all
Based on the sample rules file, the following files are catalogued into
the manifests:
o Files under /data* and /usr subtree.
o Files under /home/nickiso subtree beginning with f and files
under /home/nickiso/bar subtree.
o All .o and core files under /home/nickiso, as well as the
/home/nickiso/proto and /usr/tmp subtrees.
When the same rules file is used again when comparing the manifests,
then the following files and attributes are tracked:
o All attributes, except for dirmtime, mtime, size, and con‐
tents, are tracked for files under the /data* subtrees.
o All files and all their attributes (except dirmtime) under
the /usr subtree, except for /usr/tmp, are tracked by using
the global rules.
o If the /home/nickiso/foo.c file exists, its attributes,
except for acl and dirmtime, are tracked.
o All .o and core files under /home/nickiso, as well as the
/home/nickiso/proto and /usr/tmp subtrees, are ignored.
o If the /home/nickiso/bar/foo.o file exists, it is ignored
because it is subject to the last block.
SEE ALSO
bart_manifest(5), attributes(7), bart(8)
Oracle Solaris 11.4 21 Jun 2021 bart_rules(5)