Skip to content

curvelogic/fimbl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
.github/workflows
.github/workflows
 
 
resources/test
resources/test
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

fimbl

A very simple command line based file integrity checker for the paranoid. fimbl just checks that files have not changed since it last saw them.

Installation

On MacOS: brew install curvelogic/tap/fimbl

On linux, build from source or try the release binary.

On windows, try the source, good luck.

Usage

Add files to the database (manually) with, for example:

fimbl add ~/.zshrc ~/.profile ~/.config/foo

...and have them checked (somewhere in automation) with fimbl verify e.g.

fimbl verify ~/.zshrc ~/.profile ~/.config/foo
if [ $? -ne 0 ] ; then
  # notify, panic, stamp and shout, whatever...
fi

...or use fimbl verify-all to verify everything in the database but it's probably better to be explicit. The point of this is to alert you to the unexpected after all.

If files have changed legitimately, accept them with:

fimbl accept ~/.zshrc

fimbl list shows you all files currently tracked.

Simple as that.

Currently uses SHA3_256 content hashes and records some file attributes too. The database is sled and should be maintained transparently behind the scenes. If you want to test something with a different database, specify a --database path.

More help on fimbl --help or fimbl <command> --help.

Note that --tolerant needs to be specified if you don't want add complaining about pre-existing files or remove complaining about missing files. The whole point is to alert you to the unexpected.

Rationale and Provisos

This was conceived as an ultra simplistic tool to support periodic checks that various configuration files were not being tampered with.

There are a zillion ways to do it better:

  • you could use git to manage these files and use git status
  • you might have a proper file integrity solution
  • you might have files under some regime managed by the OS
  • you could stick hashes in a public blockchain notarising them for all eternity...

...but whatever else is going on, you can still use fimbl to check in periodically for peace of mind.

Of course, by itself, fimbl does not ensure the files are not being tampered with. Someone can just fimbl accept the changes without your knowledge, or tamper with fimbl's database.

About

Simple file integrity checker for the paranoid.

Resources

Readme

License

EPL-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

0.1.20 Latest
Jun 14, 2023

Packages

No packages published

Languages