1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
.\" generated by mkman.py, please do NOT edit!
.TH qtegrity "1" "Jan 2024" "Gentoo Foundation" "qtegrity"
.SH NAME
qtegrity \- verify files with IMA
.SH SYNOPSIS
.B qtegrity
\fI[opts] <misc args>\fR
.SH DESCRIPTION
The default behavior of \fBqtegrity\fP is to verify digests of performed
executables to a list of known good digests. This requires an IMA-enabled
linux kernel, which records digests of performed executables and exports them
through securityfs. Using \fB\-\-ignore-non-existent\fP suppresses messages
about recorded files that can't be accessed (assuming they got removed).
By using \fB\-\-add\fP, the program behaves differently. No verification is
performed, instead a digest is made of the provided file and appended to
the list of known good digests.
.SH OPTIONS
.TP
\fB\-a\fR \fI<arg>\fR, \fB\-\-add\fR \fI<arg>\fR
Add file to store of known-good digests.
.TP
\fB\-i\fR, \fB\-\-ignore\-non\-existent\fR
Be silent if recorded file no longer exists.
.TP
\fB\-s\fR, \fB\-\-show\-matches\fR
Show recorded digests that match with known-good digests.
.TP
\fB\-\-root\fR \fI<arg>\fR
Set the ROOT env var.
.TP
\fB\-v\fR, \fB\-\-verbose\fR
Report full package versions, emit more elaborate output.
.TP
\fB\-q\fR, \fB\-\-quiet\fR
Tighter output; suppress warnings.
.TP
\fB\-C\fR, \fB\-\-nocolor\fR
Don't output color.
.TP
\fB\-\-color\fR
Force color in output.
.TP
\fB\-h\fR, \fB\-\-help\fR
Print this help and exit.
.TP
\fB\-V\fR, \fB\-\-version\fR
Print version and exit.
.SH RELEVANT FILES
.PP
Central list of known good digests
.nf\fI
/var/db/QTEGRITY\fi
.PP
Linux kernel's recorded digests
.nf\fI
/sys/kernel/security/ima/ascii_runtime_measurements\fi
.SH "REPORTING BUGS"
Please report bugs via http://bugs.gentoo.org/
.br
Product: Gentoo Linux; Component: Current packages
.SH AUTHORS
.nf
Ned Ludd <solar@gentoo.org>
Mike Frysinger <vapier@gentoo.org>
Fabian Groffen <grobian@gentoo.org>
Sam Besselink
.fi
.SH "SEE ALSO"
.BR q (1),
.BR qatom (1),
.BR qcheck (1),
.BR qdepends (1),
.BR qfile (1),
.BR qgrep (1),
.BR qkeyword (1),
.BR qlist (1),
.BR qlop (1),
.BR qmanifest (1),
.BR qmerge (1),
.BR qpkg (1),
.BR qsearch (1),
.BR qsize (1),
.BR qtbz2 (1),
.BR quse (1),
.BR qwhich (1),
.BR qxpak (1)
|