Solved Should I have a file named [ in the /bin directory?

[orphansec]

Hello all: )

Hopefully I am not wasting thread space.
I found a file named [ inside the /bin directory that is encrypted and after several Google searches I was unable to figure out what its supposed to be. Is this a legitimate script or should I be worried? I searched Google to no avail and figured it was something to worry about since I couldn't find anything.
Sorry for being a nub, and thanks for any and all help.

 

[tobik@]

Yes, it is an alias for test(1). Try checksumming them with sha256 "/bin/[" /bin/test. It should output the same checksum for both of them.

 

[SirDice]

They're actually exactly the same file, one is hard-linked to the other. Just look at the inodes:

dice@molly:~ % ls -li /bin/test /bin/\[
1600837 -r-xr-xr-x  2 root  wheel  11384 Feb 23 22:41 /bin/[
1600837 -r-xr-xr-x  2 root  wheel  11384 Feb 23 22:41 /bin/test

 

[woodsb02]

This also came up recently on the OpenBSD mailing lists:
http://marc.info/?t=141942953700002&r=1&w=2

 

[usdmatt]

I found a file named [ inside the /bin directory that is encrypted

It's not encrypted, it's just a binary executable not a script.
I'm not sure who originally came up with the idea (instead of just using /bin/test), but it allows scripts to have neat if statements like the following:

if [ -z "${_mdconfig_list}" ]; then

The last bracket gets ignored by the executable when called as [, so it's effectively doing the following:

if /bin/test -z "some value"; then

It's used all over the place in the base system scripts.

 

[tobik@]

I want to add to what usdmatt said. test is actually a shell builtin since 2001 and compiled into /bin/sh for efficiency reasons. But code is shared between the shell builtin and /bin/test, so they work in the same way.