Security check


Are there any packages to check the file integrity of the system (such as tripwire, AIDE or Samhain) available on QNX system?


Don’t know about the stuff you mention, but check out the system utility chkfsys.

I don’t think anybody has done that
bu my experiences with tripwire and AIDE on other Unixes tell me it should be trivial to compile either of them on QNX.
I would suggest you give it a try and post back if you have problems.

Hi, there

I downloaded the source code of aide and successfully configurated, compiled and installed it.

I met a few problems in installation.

  1. In my first try, the ‘configue’ script complained that it can ot find the lib of mhash function.
  2. The I downloaded a gnu mhash lib, and installed in the system.
  3. Then the configuration, compiling and installation were ok. But when I try to use any checksum method such as MD5…, aide complained that ‘error in mmap’ing’.
  4. Then I bypassed the use of mmap by using
    ./configure --without-mmap
    Everythings are OK.
    It is strange that mmap is a standard posix function and qnx should support it.

But, anyway, aide works on my qnx system (although the checkin and checkout speed is rather slow). I am now using aide to check if there are un-expected system file changes which means there is someone cracking your qnx system. ( It is so easy to get root privilege in qnx :frowning: )

QNX does support mmap(), but it doesn’t support the mmap()ing of files and keeping them in sync with the filesystem. So you can either pass in the NOSYNCFILE flag in the source or not use it that way.

I can not find something looks like “NOSYNCFILE” flag in the source files. So, I am using the AIDE package without the mmap().
Thanks a lot for your suggstion, it might be usful for me to compile some other GNU projects under QNX later.