| VERIEXECGEN(8) | System Manager's Manual | VERIEXECGEN(8) | 
veriexecgen —
| veriexecgen | [ -AaDrSTvW] [-ddir] [-ffile] [-ofingerprintdb] [-pprefix] [-talgorithm] | 
| veriexecgen | [ -h] | 
veriexecgen can be used to create a fingerprint database
  for use with Veriexec.
If no command line arguments were specified,
    veriexecgen will resort to default operation,
    implying -D -o
    /etc/signatures -t
    sha256.
If the output file already exists,
    veriexecgen will save a backup copy in the same file
    only with a “.old” suffix.
The following options are available:
-A-a-D-d
    dir-f
    file-h-o
    fingerprintdb-p
    prefix-r-S-T-t
    algorithm-v-Wveriexecgen will exit when an error
      condition is encountered. This option will treat errors such as not being
      able to follow a symbolic link, not being able to find the real path for a
      directory entry, or not being able to calculate a hash of an entry as a
      warning, rather than an error. If errors are treated as warnings,
      veriexecgen will continue processing. The default
      behaviour is to treat errors as fatal.# veriexecgen
Fingerprint files in /etc, appending to the default fingerprint database:
# veriexecgen -A -a -d /etc
Fingerprint files in /path/to/somewhere using “sha512” as the hashing algorithm, saving to /etc/somewhere.fp:
# veriexecgen -d /path/to/somewhere -t sha512 -o /etc/somewhere.fp
| July 31, 2019 | NetBSD 10.1 |