diff options
| -rw-r--r-- | README | 19 | ||||
| -rw-r--r-- | etc-init | 6 | ||||
| -rwxr-xr-x | etc-init.d/10restore-metadata | 5 | ||||
| -rwxr-xr-x | etc-init.d/20git-init | 5 | ||||
| -rwxr-xr-x | etc-init.d/30git-perm | 3 | ||||
| -rwxr-xr-x | etc-init.d/40git-ignore | 15 | ||||
| -rwxr-xr-x | etc-init.d/40git-pre-commit-hook | 16 | ||||
| -rw-r--r-- | etc-init.d/README | 12 | ||||
| -rw-r--r-- | etc-post-apt | 4 | ||||
| -rw-r--r-- | etc-post-apt.d/README | 2 | ||||
| -rw-r--r-- | etc-pre-apt | 4 | ||||
| -rw-r--r-- | etc-pre-apt.d/README | 2 | ||||
| -rw-r--r-- | etc-pre-commit | 4 | ||||
| -rw-r--r-- | etc-pre-commit.d/README | 2 | ||||
| -rwxr-xr-x | etckeeper | 16 |
15 files changed, 94 insertions, 21 deletions
@@ -1,6 +1,9 @@ etckeeper is a collection of tools to let /etc be stored in a git -repository. It's probably generic enough in its approach that support -for other revision control systems than git could be added to it. +repository. It hooks into apt to automatically commit changes made to /etc +during package upgrades. It uses `metastore` to track file metadata that +git does not normally support, but that is important for /etc, such as the +permissions of `/etc/shadow`. It's quite modular and configurable, while +also being simple to use if you understand the basics of working with git. ## security warning @@ -131,9 +134,15 @@ Each etc-foo command uses `run-parts` to run the executable files in symlinks to the actual files; you can remove or reorder the symlinks, or add your own custom files. +Note that the etc-foo commands are careful to not hardcode anything about +git. If you want to use some other revision control system, that's +theoretically possible to accomplish by just changing the files in +/etc/etckeeper/. If you do this, please let me know. + + ## inspiration -Two blog posts provided inspiration for etckeeper: +Two blog posts provided inspiration for techniques used by etckeeper: * http://www.jukie.net/~bart/blog/20070312134706 * http://bryan-murdock.blogspot.com/2007/07/put-etc-under-revision-control-with-git.html @@ -144,3 +153,7 @@ etckeeper provides a couple of simple tools and hooks for setting up an /etc repsository, and then gets out of your way; you manage the repository using regular git commands. + +## author + +Joey Hess <joey@kitenet.net> diff --git a/etc-init b/etc-init deleted file mode 100644 index 087a391..0000000 --- a/etc-init +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -# Initialise the current directory (typically /etc) for use by etckeeper. -# Runs /etc/etckeeper/post-apt.d/* hooks, which handle chores like setting -# up metadata storage hooks, ignores, adding files (but not committing -# those added files), and ensuring that the revision control directory -# won't leak data from files like shadow, by making it mode 700. diff --git a/etc-init.d/10restore-metadata b/etc-init.d/10restore-metadata new file mode 100755 index 0000000..4ce97ed --- /dev/null +++ b/etc-init.d/10restore-metadata @@ -0,0 +1,5 @@ +#!/bin/sh +set -e +if [ -e .metadata ]; then + metastore --apply --mtime +fi diff --git a/etc-init.d/20git-init b/etc-init.d/20git-init new file mode 100755 index 0000000..7bf1c89 --- /dev/null +++ b/etc-init.d/20git-init @@ -0,0 +1,5 @@ +#!/bin/sh +set -e +if [ ! -e .git ]; then + git-init +fi diff --git a/etc-init.d/30git-perm b/etc-init.d/30git-perm new file mode 100755 index 0000000..564e489 --- /dev/null +++ b/etc-init.d/30git-perm @@ -0,0 +1,3 @@ +#!/bin/sh +set -e +chmod 700 .git diff --git a/etc-init.d/40git-ignore b/etc-init.d/40git-ignore new file mode 100755 index 0000000..846c32d --- /dev/null +++ b/etc-init.d/40git-ignore @@ -0,0 +1,15 @@ +#!/bin/sh +set -e +if [ ! -e .gitignore ]; then + cat <<EOF >.gitignore +*~ + +# new and old versions of conffiles, stored by dpkg +*.dpkg-new +*.dpkg-old + +# mount(8) records system state here, no need to keep these in git +blkid.tab(|.old) +mtab +EOF +fi diff --git a/etc-init.d/40git-pre-commit-hook b/etc-init.d/40git-pre-commit-hook new file mode 100755 index 0000000..e7b58e0 --- /dev/null +++ b/etc-init.d/40git-pre-commit-hook @@ -0,0 +1,16 @@ +#!/bin/sh +set -e +if [ -x .git/hooks/pre-commit ]; then + if ! grep -q etc-pre-commit .git/hooks/pre-commit; then + echo "warning: .git/hooks/pre-commit needs to be manually modifed to run etc-pre-commit" >&2 + fi +else + echo <<EOF >>.git/hooks/pre-commit +#!/bin/sh +# pre-commit hook for etckeeper. Calls etc-pre-commit to store metadata +# and do sanity checks. +set -e +etc-pre-commit +EOF + chmod +x .git/hooks/pre-commit +fi diff --git a/etc-init.d/README b/etc-init.d/README new file mode 100644 index 0000000..8fe4cd1 --- /dev/null +++ b/etc-init.d/README @@ -0,0 +1,12 @@ +Executable files in this directory are run to initialise the working directory +for use by etckeeper. If the working directory is not already in version +control, that includes setting up the version control, but not actually +committing anything. If the working directory is in version control, +it includes applying stored metadata to the checked out files in the +working directory. + +Please be careful to *never* overwrite existing files/directories +in the working directory. If a file you need to write already exists, check +if its contents are sane, and if not, emit a warning on stderr. + +If initialisation fails, exit nonzero and no later files will be run. diff --git a/etc-post-apt b/etc-post-apt deleted file mode 100644 index a5aa9e5..0000000 --- a/etc-post-apt +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -# Intended to be an apt DPkg::Post-Invoke hook. Runs -# /etc/etckeeper/post-apt.d/* hooks, which can be used to -# add new files, and commit the changes. diff --git a/etc-post-apt.d/README b/etc-post-apt.d/README new file mode 100644 index 0000000..34b65ac --- /dev/null +++ b/etc-post-apt.d/README @@ -0,0 +1,2 @@ +Files in this directory are run after apt has run. They should commit +changed and new files in the working directory to to repository. diff --git a/etc-pre-apt b/etc-pre-apt deleted file mode 100644 index 01da221..0000000 --- a/etc-pre-apt +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -# Intended to be an apt DPkg::Pre-Install-Pkgs hook. Runs -# /etc/etckeeper/pre-apt.d/* hooks, which can be used to check for -# uncommitted files in /etc, and so on, before apt runs. diff --git a/etc-pre-apt.d/README b/etc-pre-apt.d/README new file mode 100644 index 0000000..aadbd4f --- /dev/null +++ b/etc-pre-apt.d/README @@ -0,0 +1,2 @@ +Files in this directory are run before apt is run. This is mostly used for +sanity checks, ie, does the working directory have any uncommitted changes? diff --git a/etc-pre-commit b/etc-pre-commit deleted file mode 100644 index a11194b..0000000 --- a/etc-pre-commit +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -# Run this before committing changes to a repository. Runs -# /etc/etckeeper/pre-commit.d/* hooks, which handle storing file -# permissions and metadata, performing checks, etc. diff --git a/etc-pre-commit.d/README b/etc-pre-commit.d/README new file mode 100644 index 0000000..051d094 --- /dev/null +++ b/etc-pre-commit.d/README @@ -0,0 +1,2 @@ +This is run by a git pre-commit hook before committing changes to the +repository. This can be used for storing metadata, and for sanity checks. diff --git a/etckeeper b/etckeeper new file mode 100755 index 0000000..294e0ce --- /dev/null +++ b/etckeeper @@ -0,0 +1,16 @@ +#!/bin/sh +set -e + +if [ "$0" != etckeeper ]; then + command="$(basename $0)" +else + command="etc-$1" + shift 1 +fi + +if [ ! -d "/etc/etckeeper/$command.d" ]; then + echo "/etc/etckeeper/$command.d does not exist" >&2 + exit 1 +fi + +run-parts "/etc/etckeeper/$command.d" |