[plug] Server "diff"

[James Devenish]

In message <003301c3349b$6a867dc0$65123bcb at brad>
on Tue, Jun 17, 2003 at 02:41:00PM +0800, Brad Hill wrote:
> I want to know an easy way to get a list of all of the file differences
> between two servers...
> 
> I was thinking of using rsync or something but am not quite sure of how to
> get it to just LIST differences rather than actually downloading and
> updating all the files...

(Whenever anyone mentions rsync I have to mention unison ;) Unison can
do what you want (i.e. list the differences, both in terms of file
contents and in terms of filesystem metadata, without transferring the
files between the machines), however:

    (a) it still has to calculate digests for each file on each host
    (though I believe it will do so on the two separate hosts),

    (b) it will try to keep your entire inode structure in memory along
    with its own annotations, which will probably be a painful process
    (it would probably exceed most people's finite ulimits for memory
    usage).

> This is just so i can find all the changes a previous admin has made to a
> default system so i know exactly what deviations from the norm we have in
> place, but obviously i want to extend it to everything down to file
> permissions etc just to make sure the previous admin hasn't also introduced
> security holes i'm so far unaware of.

One 'hand rolled' way would be to use `find` to execute `ls` (or,
rather, use find's built-in equivalent) and `md5` (or md5sum or whatever
you like/have) for every file/directory/link/etc. Do this on both hosts
and direct all find's output to a file. Then compare the files. Some
utilities/OS defaults basically do this for you (e.g. as part of
intrusion detection or regular changelog maintenance).

> Any suggestions much appreciated and (hopefully) none will get flamed.

Am I the one supposedly flaming people's suggestions? Please let me know
off-list if there are some specific messages I should re-read.