store empty directories and restore in etckeeper init

While working on this, I had to consider security policies -- is it ok if
etckeeper init can run code from the /etc repository? I've decided this
should be ok, and documented that it should only be run on trusted repos.
Note that metastore could also be exploited by untrusted repos, and of
course, note that you're checking out your *** /etc *** so it damn well
better be trusted!

With that determined, I decided to use a simple shell script to hold the
empty directory info and allow them to be easily created. Expanding this for
other files git can't represent is a possibility..

3 files changed, 19 insertions, 6 deletions

diff --git a/pre-commit.d/10store-empty-directory b/pre-commit.d/10store-empty-directory
new file mode 100755
index 0000000..bc698e2
--- /dev/null
+++ b/pre-commit.d/10store-empty-directory
@@ -0,0 +1,19 @@
+#!/bin/sh
+set -ex
+
+# Make sure the file is not readable by others, since it can leak
+# information about contents of non-readable directories in /etc.
+umask 077
+
+if [ -e .etckeeper ]; then
+	egrep -v '^mkdir ' .etckeeper > .etckeeper.new || true
+fi
+find -type d -empty | grep -v /.git/ | sort | 
+	sed -e "s/^/mkdir -p '/" -e "s/\$/'/" >> .etckeeper.new
+
+if [ ! -e .etckeeper ] || ! cmp -s .etckeeper .etckeeper.new ; then
+	mv -f .etckeeper.new .etckeeper
+	git add .etckeeper
+else
+	rm -f .etckeeper.new
+fi
diff --git a/pre-commit.d/10warn-empty-directory b/pre-commit.d/10warn-empty-directory
deleted file mode 100755
index b850c86..0000000
--- a/pre-commit.d/10warn-empty-directory
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-set -e
-empty=$(find -type d -empty | grep -v /.git/) || true
-if [ -n "$empty" ]; then
-	echo "etckeeper warning: there are some empty directories, which git will ignore" >&2
-fi
diff --git a/pre-commit.d/10store-metadata b/pre-commit.d/20store-metadata
index b878abd..b878abd 100755
--- a/pre-commit.d/10store-metadata
+++ b/pre-commit.d/20store-metadata