israel.garcia at cimex.com.cu wrote: ><SNIP> >I mean, How do I know if some of my users changed the original >permissions of any of my files? >I mean, How do I know if my files have the correct >(original)permissions? > >I'd like, if it's possible, some kind of report daily by email or in >some log file with this information...? > >Tripwire do that? </SNIP> > > Sounds like you're looking something akin to a Host-based Intrusion Detection System. Try AIDE: http://www.cs.tut.fi/~rammer/aide.html This tool can check for changed permissions and/or contents as well. It's pretty easy to set up. The sourcecode is a bit hairy though. Or, if you want something more advanced, go with Samhain: http://la-samhna.de/samhain/ The last time I tried to use Tripwire on RHEL it wouldn't compile. My understanding is that open source development on that tool stopped. Hope this helps, Shawn M. Jones