[EMAIL PROTECTED]: ... > allows admins to prevent users from making incorrect modifications where > they shouldn't be.
Why aren't you setting permissions appropriately? Unlike MS DOS / Win, in Linux you can set files to be read-only to ordinary users, or invisible altogether (inaccessible directories). For example, by default, most of the files in the /etc directory can only be changed by the admin(s), and the /etc/ppp directory is inaccessible (if memory serves). > The reason I can't use this package is that it doesn't show you what was > changed in a given file, just that it was changed. If you have an archived copy of the file, can't you just diff(1) to find out how it changed? > In order to be able to back out installations (if I need to), I need to > know what changes were made to my config files. Hmm, you should be able to install most packages as an ordinary users to try them out; said user wouldn't have access to system configuration files. If you are worried about your own files, and it's your system, it's no trouble to create a sacrificial account just for the trial. > instmon > > This is a great script, and almost accomplishes what I need, except for > one thing - it doesn't track files added or deleted. The author says > that that functionality would require additional scans of the disk, and > would slow the process down. Unfortunately, that's exactly what I need. For files added/deleted, you could always run `tree -fi', store the output in a file, then run it again and compare with diff. (For more flexibility, use find, it'll let you prune branches and things.) > So, unless anyone else has any ideas, I'm off to start writing my first > Linux program. I've written something similar to this for my Win/Dos > machine, but am starting fresh on coding for a Linux system. I'll get > back to you when I have a working version. Actually, a simple version shouldn't be difficult at all - if you start with the `find and diff' idea, but put a checksum next to each of the files, then you'll have a list of files added, files removed and files changed. For the changed files, you compare them with an archive version using diff again. Jiri -- <[EMAIL PROTECTED]> We'll know the future has arrived when every mailer transparently quotes lines that begin with "From ", but no-one remembers why.