The Sys Admin's Daily Grind: Etckeeper

Fountain of Youth

Article from Issue 189/2016
Author(s):

Configuration files change over the life of almost every Linux system, but not always for the better. Sometimes individual /etc files literally degenerate. Don't despair: You can restore a state from better days.

Etckeeper is part of many distributions and is otherwise available from GitHub [1]. Of course, Git also needs to be installed on the computer. Anyone who hasn't used Git on their system should configure a few fundamental settings:

git config --global user.name "Charly"
git config --global user.email "charly@example.com"
git config --global core.editor "vim"

Because I execute the etckeeper and git commands with sudo, these settings prevent the root user from being entered as a committer.

Preserving Youth

To begin, I need to initialize the new repository, then I save all /etc files in it for the first time:

cd /etc
sudo etckeeper init
sudo etckeeper commit "Initial etc commit"

Some distributions, such as Ubuntu, execute this step automatically when installing Etckeeper. In this case, I see output like:

> On branch master
> nothing to commit, working directory clean

Sometimes I don't want all the data in /etc/ in the repository, so I tell Git which directories Etckeeper should ignore in the .gitignore file right after the # end section [...] etckeeper line:

# end section managed by etckeeper
ghostscript/*

Now, however, all the data from /etc/ since the first commit is already in the repository, so I have to remove the undesired files manually:

sudo git rm -r --cached ghostscript/*

To demonstrate, I change a little something in /etc/postfix/main.cf; in fact, sudo git status shows that Git notices the difference when comparing the data with the repository (Figure 1). I can now check in the new version:

sudo git commit -a -m "main.cf changed"
Figure 1: If someone has configured something in /etc, Git notices the difference when comparing with the repository.

An overview of all actions is provided with sudo git log command:

commit9695e06a8175bd5cf485316f20d8fb 6d6fcc1e49
Author: Charly <charly@example.com>
Date: Wed May 11 14:18:50 2016 +0200
main.cf changed

It's important to realize that this process implements versioning – there's no backup! Etckeeper and Git help you comprehend changes in configuration files and roll them back if necessary, but that's a lot for anyone who's configured something incorrectly.

The Author

Charly Kühnast is a Unix operating system administrator at the Data Center in Moers, Germany. His tasks include firewall and DMZ security and availability. He divides his leisure time into hot, wet, and eastern sectors, where he enjoys cooking, freshwater aquariums, and learning Japanese, respectively.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Etckeeper

    Etckeeper keeps order in global configuration files and prevents problems with accidentally deleted files.

  • The sys admin's daily grind: Smorgasbord

    Sys admin columnist Charly Kühnast has an electronic note box in which he collects ideas and small snippets of code. He calls it his "quarry" and is taking this opportunity to offer up some collectors' items to regular readers.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News