Yafic is a software tool that checks the integrity of files, similar to Tripwire, integrit, and AIDE programs.
Some essential features of the software include configuration files with a format similar to Tripwire. It has the ability to detect changes in file attributes like permissions/mode, inode #, number of links, user id, group id, size, access time, modification time, and creation/inode modification time. Additionally, it hashes files using SHA-1, an efficient 160-bit hash algorithm.
Furthermore, it has attribute templates (like Tripwire). You can add/subtract individual attribute flags. Configuration files are parsed in order to make them more intuitive. For example, a rule that prunes a directory can still have its subdirectories/contents scanned by subsequent explicit rules. An alternate root besides / may be specified. Paths specified in the configuration file will be interpreted relative to the new root. This feature proves to be useful when checking multiple jail(8) installations.
The software is platform-independent, making no assumptions about the size of stat(2) fields. If your platform's off_t or time_t are 64-bits wide, yafic will adjust. The tradeoff is that databases cannot be shared across platforms with differing stat's. Yafic's report is short, precise, and allows easy parsing by scripts. It also displays SHA-1 hash of the resultant database in the report. The software can view the contents of any resultant database, compare the contents of any two databases, and cryptographically sign and verify databases.
In the latest release, yafic has fixed a bug where lstat() warnings were always given. Overall, it is a comprehensive software that delivers efficient file integrity checking.
Version 1.2.2: N/A