Read Me

MCP - Master Control Program, a security tool to watch for file changes
Copyright (C) 2009-2010 Filip Jursik

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.


COMPILATION
-----------
make mcp

creates the executable file "mcp"


USAGE
-----

mcp [-d 1|2] [-l <logfile>] [-c <event command>] [-p <event command with pipe>] <directory>|<file>...

-d 1|2
Do not daemonize, stay in foreground and send all events and additional debug info to stdout instead of any specified log file
possible values 1 or 2 determine the detail level of the debugging info.

-l <logfile>
Write events to the specified log file. If -d is active, the output will not be written to the log file.

-c <event command>
Run the specified command upon every event, the command or short script is run using shell.

-p <event command with pipe>
Run the specified command upon every event, the command or short script is run using shell. The event parameters are piped to the stdin of the command.
The event format is:
[yyyy-mm-dd hh:mm:ss]<tab><affected file or directory><tab><type of the event><tab><event parameters><newline>

<directory>|<file>
Directories or files to be watched. The directories are watched recursively. Symlinks are resolved.

Example 1:
mcp -l /var/log/mcp -c "date >>/var/log/mcptest1; echo \"this is a test\" >>/var/log/mcptest1" -p "cat >>/var/log/mcptest2" /etc /bin /sbin /vmlinuz

This would:
1) log all events to /var/log/mcp
2) run (using the shell) the script "date >>/var/log/mcptest1; echo \"this is a test\" >>/var/log/mcptest1" upon every event
3) run (using the shell) the script "cat >>/var/log/mcptest2", upon every event and pipe the event details to it
4) recursively watch directories /etc /bin /sbin, watch the symlink /vmlinuz and the file pointed by the symlink /vmlinuz
5) run mcp as a daemon

Example 2:
mcp -d 1 /etc

This would:
1) mcp would stay in foreground and log all events to stdout (console or redirected)
2) recursively watch the directory /etc

Please note that even if you would specify a logfile, the -d option would override it and no output would be sent to the log file.