1 etckeeper is a collection of tools to let /etc be stored in a git,
2 mercurial, or bazaar repository. It hooks into apt to automatically commit
3 changes made to /etc during package upgrades. It tracks file metadata that
4 git does not normally support, but that is important for /etc, such as the
5 permissions of `/etc/shadow`. It's quite modular and configurable, while
6 also being simple to use if you understand the basics of working with
11 First, a big warning: By checking /etc into revision control, you are
12 creating a copy of files like /etc/shadow that must remain secret. Anytime
13 you have a copy of a secret file, it becomes more likely that the file
14 contents won't remain secret. etckeeper is careful about file permissions,
15 and will make sure that repositories it sets up don't allow anyone but root
16 to read their contents. However, you *also* must take care when cloning
17 or copying these repositories, not to allow anyone else to see the data.
19 Since git mushes all the files into packs under the .git directory, the
20 whole .git directory content needs to be kept secret. (Ditto for mercurial
21 and .hg as well as bazaar and .bzr)
23 Also, since revision control systems don't keep track of the mode of files
24 like the shadow file, it will check out world readable, before etckeeper
25 fixes the permissions. The tutorial has some examples of safe ways to avoid
26 these problems when cloning an /etc repository.
28 Also note that `etckeeper init` runs code stored in the repository.
29 So don't use it on repositories from untrusted sources.
32 ## what etckeeper does
34 etckeeper has special support to handle changes to /etc caused by
35 installing and upgrading packages. Before apt installs packages,
36 `etckeeper pre-install` will check that /etc contains no uncommitted changes.
37 After apt installs packages, `etckeeper post-install` will add any new
38 interesting files to the repository, and commit the changes.
40 Revsion control systems are designed as a way to manage source code, not as
41 a way to manage arbitrary directories like /etc. This means there are a few
42 limitations that etckeeper has to work around. These include file metadata
43 storage, empty directories, and special files.
45 Most VCS, including git, mercurial and bazaar have only limited tracking of
46 file metadata, being able to track the executable bit, but not other
47 permissions or owner info. So file metadata storage is stored separately.
48 Among other chores, `etckeeper init` sets up a `pre-commit` hook that stores
49 metadata about file owners and permissions into a `/etc/.metadata` file.
50 This metadata is stored in version control along with everything else, and
51 can be applied if the repo should need to be checked back out.
53 Warning: bazaar cannot support running etckeeper's pre-commit hook. To
54 ensure that all file metadata is stored in bzr, you have to manually
55 run "etckeeper pre-commit" before committing to bazaar.
57 git and mercurial cannot track empty directories, but they can be
58 significant sometimes in /etc. So the `pre-commit` hook also stores
59 information that can be used to recreate the empty directories in a
60 `/etc/.etckeeper` file.
62 Most VCS, including git, mercurial, and bazaar don't support several
63 special files that you _probably_ won't have in /etc, such as unix
64 sockets, named pipes, hardlinked files (but softlinks are fine), and
65 device files. The `pre-commit` hook will warn if your /etc contains
71 A quick walkthrough of using etckeeper.
73 First, edit `/etc/etckeeper/etckeeper.conf` to select which version control
74 system to use. The default is git, and this tutorial assumes you're using
75 it. Mercurial and bazaar are similar.
77 The `etckeeper init` command initialises an /etc/.git/ repository. This
78 command is careful to never overwrite existing files or directories in
79 /etc. It will create a `.gitignore` if one doesn't already exist, sets up
80 pre-commit hooks if they don't already exist, and so on. It does *not*
81 commit any files, but does `git add` all interesting files for an initial
86 Now you might want to run `git status` to check that it includes all
87 the right files, and none of the wrong files. And you can edit the
88 `.gitignore` and so forth. Once you're ready, it's time to commit:
91 git commit -m "initial checkin"
92 git gc # pack git repo to save a lot of space
94 After this first commit, you can use regular git commands to handle
99 git commit -a -m "changed a password"
101 Rinse, lather, repeat. You might find that some files are changed by
102 daemons and shouldn't be tracked by git. These can be removed from git:
104 git rm --cached printcap # modified by CUPS
105 echo printcap >> .gitignore
106 git commit -a -m "don't track printcap"
108 etckeeper hooks into apt so changes to interesting files in /etc caused by
109 installing or upgrading packages will automatically be committed. Here
110 "interesting" means files that are not ignored by `.gitignore`.
112 You can use any git commands you like, but do keep in mind that, if you
113 check out a different branch or an old version, git is operating directly
114 on your system's /etc. But if you do decide to check out a branch or tag,
115 make sure you run "etckeeper init" again, to get any metadata changes:
117 git checkout april_first_joke_etc
120 Often it's better to clone /etc to elsewhere and do potentially dangerous
121 stuff in a staging directory. You can clone the repository using git clone,
122 but be careful that the directory it's cloned into starts out mode 700, to
123 prevent anyone else from seeing files like shadow, before `etckeeper init`
124 fixes their permissions:
134 Another common reason to clone the repository is to make a backup to a
135 server. When using git push to create a new remote clone, make sure the new
136 remote clone is mode 700! (And, obviously, only push over a secure
137 transport like ssh, and only to a server you trust.)
139 ssh server 'mkdir /etc-clone; cd /etc-clone; chmod 700 .; git init'
140 git push ssh://server/etc-clone master
142 Of course, it's also possible to pull changes from a server onto client
143 machines, to deploy changes to /etc. You might even set up branches for
144 each machine and merge changes between them. Once /etc is under version
145 control, the sky's the limit..
150 The main configuration file is `/etc/etckeeper/etckeeper.conf`
152 etckeeper runs the executable files in `/etc/etckeeper/$command.d/`. (It
153 ignores the same ones that run-parts(1) would ignore.) You can modify these
154 files, or add your own custom files. Each individual file is short, simple,
155 and does only one action.
157 For example, here's how to configure it to run `git gc` after each apt run,
158 which will save a lot of disk space:
160 cd /etc/etckeeper/post-install.d
161 (echo '#!/bin/sh' ; echo 'exec git gc') > 99git-gc
164 git commit -m "run git gc after each apt run"
166 Here's how to disable the automatic commits after each apt run, while still
167 letting it git add new files and git rm removed ones:
169 chmod -x /etc/etckeeper/commit.d/50vcs-commit
174 Two blog posts provided inspiration for techniques used by etckeeper:
175 * http://www.jukie.net/~bart/blog/20070312134706
176 * http://bryan-murdock.blogspot.com/2007/07/put-etc-under-revision-control-with-git.html
178 [isisetup][2] has some of the same aims as etckeeper, however, unlike it,
179 etckeeper does not aim to be a git porcelain with its own set of commands
180 for manipulating the /etc repository. Instead, etckeeper provides a simple
181 setup procedure and hooks for setting up an /etc repository, and then gets
182 out of your way; you manage the repository using regular VCS commands.
184 [2]: http://www.isisetup.ch/
189 etckeeper is licensed under version 2 or greater of the GNU GPL.
194 Joey Hess <joey@kitenet.net>
git.samba.org / jelmer / etckeeper.git / blob