Build a Lightweight File Integrity Monitor with Bash, SQLite, and Docker

In the world of server security, File Integrity Monitoring (FIM) is a critical layer of defense. It's the "silent alarm" that tells you when a configuration file, a system binary, or a sensitive database has been tampered with. While there are enterprise grade tools like Tripwire or OSSEC, sometimes you need something lightweight, transparent, and easy to deploy. In this post, I’ll walk you through a project I built: a Bash based File Integrity Checker that uses SQLite for baseline storage and Docker for a fully isolated testing environment. 🚀 The Core Concept: Baseline vs. Reality The tool works on a simple but powerful principle: Initialize ( --init ) : Scan your critical files, calculate their SHA-256 hashes , and store them in a persistent SQLite database. This is your "known-good" state. Check ( --check ) : Periodically re-scan those same files. If a single bit has changed, the hashes won't match, and an alert is triggered. 🛠️ The Tech Stack Bash : The engine. It handles the file