这是我生产中所用的防篡改脚本需要的拿走点赞.

扫描定义的数组目录的所有文件的MD5值，然后在用下面个脚本对比1.2.2.4 扫描deploy目录的md5值脚本[root@localhost scripts]# cat md5sum_check.sh#!/bin/shpath=(/deploy/factory/tomcat/webapps/deploy/passport/tomcat/webapps/deploy/uniring/tomcat/webapps/deploy/oms/tomcat/webapps/deploy/rad/tomcat/webapps/deploy/dubbo/tomcat/webapps/deploy/nginx)[ -d /md5 ] || mkdir /md5 -pmd5_log=/md5/md5_$(date +%F).lognum_log=/md5/num_$(date +%F).logLANG=enfor n in ${path[*]}do    if [ ! -z $n ];then       find ${path[*]} -type f |xargs md5sum >$md5_log       find ${path[*]} -type f >$num_log    else       exit 1    fidone下面这个脚本放到定时任务每天晚上检测如果有异常就邮件报警对比deploy下指定的目录如果异常发送邮件[root@localhost scripts]# cat md5_detection.sh#!/bin/shpath=(/deploy/factory/tomcat/webapps/deploy/passport/tomcat/webapps/deploy/uniring/tomcat/webapps/deploy/oms/tomcat/webapps/deploy/rad/tomcat/webapps/deploy/dubbo/tomcat/webapps/deploy/nginx)[ -d /md5 ] || mkdir -p /md5md5_log=/md5/md5_$(date +%F).lognum_log=/md5/num_$(date +%F).lognum=$(cat $num_log|wc -l)LANG=ENwhile true    do    log=/md5/check.log    [ ! -f $log ] && touch $log    md5_count=$(md5sum -c $md5_log 2>/dev/null |grep FAILED|wc -l)    md5_FAILED=$(md5sum -c $md5_log 2>/dev/null |grep FAILED)    echo $md5_FAILED >>$log    for n in ${path[*]}       do       if [ ! -z $n ];then          num_count=$(find ${path[*]} -type f |wc -l)          find ${path[*]} -type f >/md5/new.log       fi       done    if [ $md5_count -ne 0 ] || [ $num_count -ne $num ];then        #if [ $md5_count -ne 0 ];then       diff $num_log /md5/new.log >>$log           mail -s "web site is misrepresented in $(date +%F\ %T)"  QQ邮箱157@qq.com <$log           exit 0        else            exit 3    fi      done