Menu
I want to find out if a file has been modified since the last time my shell script was started, maybe by creating a boolean or something... Maybe it would be possible to save the last time the script was run in a text file and when the script is started the next time it should read this file and then it should find out what file have been changed so that I can check if a file has changed using something like:
for file in *
do
#Somecode here
if [ $filehaschanged != "0" ]; then
echo "Foobar" > file.txt
fi
#Somecode here
done
Maybe it would be possible to do this with find...any ideas?
251
You can use the stat command on a file to check access and modification times or set up RCS to track changes. You can use MD5 or sum to get the current state of the file, copy that value to a file and then that file to verify that the original file wasn't changed.
Get the st_mtime member of the struct stat structure, which will tell you the modification time of the file. If the current mtime is later than a prior mtime, the file has been modified.
Finding Files Modified on a Specific Date in Linux: You can use the ls command to list files including their modification date by adding the -lt flag as shown in the example below. The flag -l is used to format the output as a log. The flag -t is used to list last modified files, newer first.
Syntax of find command with “-mmin n” option -n : find command will look for files modified in last n minutes. +n : find command will look for files modified in before the last n minutes i.e. which are not modified in last n mins. n : find command will look for files which are modified exactly n minutes ago.
Michael, by "changed", are you asking if the file has been touched (i.e. datestamp is newer), or are you asking if the content is different?
If the former, you can test this with find or test. For example, in shell:
#!/bin/sh
touch file1
sleep 1
touch file2
if [ "file1" -nt "file2" ]; then
echo "This will never be seen."
else
echo "Sure enough, file1 is older."
fi
If what you're looking for is a test of the contents, then your operating system probably includes something that will test the hash of a file.
[ghoti@pc ~]$ date > testfile
[ghoti@pc ~]$ md5 testfile
MD5 (testfile) = 1b2faf8be02641f37e6d87b15444417d
[ghoti@pc ~]$ cksum testfile
3778116869 29 testfile
[ghoti@pc ~]$ sha1 testfile
SHA1 (testfile) = 5f4076a3828bc23a050be4867549996180c2a09a
[ghoti@pc ~]$ sha256 testfile
SHA256 (testfile) = f083afc28880319bc31417c08344d6160356d0f449f572e78b343772dcaa72aa
[ghoti@pc ~]$
I'm in FreeBSD. If you're in Linux, then you probably have "md5sum" instead of "md5".
To put this into a script, you'd need to walk through your list of files, store their hashes, then have a mechanism to test current files against their stored hashes. This is easy enough to script:
[ghoti@pc ~]$ find /bin -type f -exec md5 {} \; > /tmp/md5list
[ghoti@pc ~]$ head -5 /tmp/md5list
MD5 (/bin/uuidgen) = 5aa7621056ee5e7f1fe26d8abb750e7a
MD5 (/bin/pax) = 7baf4514814f79c1ff6e5195daadc1fe
MD5 (/bin/cat) = f1401b32ed46802735769ec99963a322
MD5 (/bin/echo) = 5a06125f527c7896806fc3e1f6f9f334
MD5 (/bin/rcp) = 84d96f7e196c10692d5598a06968b0a5
You can store this (instead of /bin run it against whatever's important, perhaps /) in a predictable location, then write a quick script to check a file against the hash:
#!/bin/sh
sumfile=/tmp/md5list
if [ -z "$1" -o ! -f "$1" ]; then
echo "I need a file."
exit 1
elif ! grep -q "($1)" $sumfile; then
echo "ERROR: Unknown file: $1."
exit 1
fi
newsum="`md5 $1`"
if grep -q "$newsum" $sumfile; then
echo "$1 matches"
else
echo "$1 IS MODIFIED"
fi
This kind of script is what tools like tripwire provide.
193
You can touch all files when you run your script. Then touch the script itself.
Next time, you just find any files which is newer than your script.
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
