42 files changed, 210 insertions, 4 deletions

diff --git a/etckeeper b/etckeeper
index 9baa7b6..aace0f5 100755
--- a/etckeeper
+++ b/etckeeper
@@ -5,6 +5,11 @@ if [ -e /etc/etckeeper/etckeeper.conf ]; then
 	. /etc/etckeeper/etckeeper.conf
 fi
 
+if [ -z "$VCS" ]; then
+	echo "Please configure a VCS in /etc/etckeeper/etckeeper.conf" >&2
+	exit 1
+fi
+
 if [ ! -z "$GIT_COMMIT_OPTIONS" ]; then
 	export GIT_COMMIT_OPTIONS
 fi
@@ -19,8 +24,8 @@ fi
 command="$1"
 shift 1
 
-if [ ! -d "/etc/etckeeper/$command.d" ]; then
-	echo "etckeeper: /etc/etckeeper/$command.d does not exist" >&2
+if [ ! -d "/etc/etckeeper/$VCS/$command.d" ]; then
+	echo "etckeeper: /etc/etckeeper/$VCS/$command.d does not exist" >&2
 	exit 1
 fi
 
@@ -30,4 +35,4 @@ else
 	cd /etc
 fi
 
-run-parts --exit-on-error "/etc/etckeeper/$command.d"
+run-parts --exit-on-error "/etc/etckeeper/$VCS/$command.d"
diff --git a/etckeeper.conf b/etckeeper.conf
index 753952d..114dd39 100644
--- a/etckeeper.conf
+++ b/etckeeper.conf
@@ -1,6 +1,7 @@
 # Options passed to git commit when run by etckeeper.
 # You could for exemple use "-e" if you want to edit all commit messages
 # before committing.
-# VCS="HG"
+# VCS="hg"
+ VCS="git"
 #GIT_COMMIT_OPTIONS="-e"
 #HG_COMMIT_OPTIONS="-e"
diff --git a/init.d/10restore-etckeeper b/git/init.d/10restore-etckeeper
index 376524c..376524c 100755..100644
--- a/init.d/10restore-etckeeper
+++ b/git/init.d/10restore-etckeeper
diff --git a/init.d/20restore-metadata b/git/init.d/20restore-metadata
index 01c45e4..01c45e4 100755..100644
--- a/init.d/20restore-metadata
+++ b/git/init.d/20restore-metadata
diff --git a/init.d/40git-init b/git/init.d/40git-init
index 69867c4..69867c4 100755..100644
--- a/init.d/40git-init
+++ b/git/init.d/40git-init
diff --git a/init.d/50git-ignore b/git/init.d/50git-ignore
index f931592..f931592 100755..100644
--- a/init.d/50git-ignore
+++ b/git/init.d/50git-ignore
diff --git a/init.d/50git-perm b/git/init.d/50git-perm
index 564e489..564e489 100755..100644
--- a/init.d/50git-perm
+++ b/git/init.d/50git-perm
diff --git a/init.d/50git-pre-commit-hook b/git/init.d/50git-pre-commit-hook
index 0efd5e4..0efd5e4 100755..100644
--- a/init.d/50git-pre-commit-hook
+++ b/git/init.d/50git-pre-commit-hook
diff --git a/init.d/70git-add b/git/init.d/70git-add
index 06504b4..06504b4 100755..100644
--- a/init.d/70git-add
+++ b/git/init.d/70git-add
diff --git a/init.d/README b/git/init.d/README
index 90aec67..90aec67 100644
--- a/init.d/README
+++ b/git/init.d/README
diff --git a/post-apt.d/10git-test b/git/post-apt.d/10git-test
index e72f195..e72f195 100755..100644
--- a/post-apt.d/10git-test
+++ b/git/post-apt.d/10git-test
diff --git a/post-apt.d/30git-add b/git/post-apt.d/30git-add
index 79aa406..79aa406 100755..100644
--- a/post-apt.d/30git-add
+++ b/git/post-apt.d/30git-add
diff --git a/post-apt.d/40git-rm b/git/post-apt.d/40git-rm
index 680dac0..680dac0 100755..100644
--- a/post-apt.d/40git-rm
+++ b/git/post-apt.d/40git-rm
diff --git a/post-apt.d/50git-commit b/git/post-apt.d/50git-commit
index 1a5c55a..1a5c55a 100755..100644
--- a/post-apt.d/50git-commit
+++ b/git/post-apt.d/50git-commit
diff --git a/post-apt.d/README b/git/post-apt.d/README
index befa5c0..befa5c0 100644
--- a/post-apt.d/README
+++ b/git/post-apt.d/README
diff --git a/pre-apt.d/50uncommitted-changes b/git/pre-apt.d/50uncommitted-changes
index d39401c..d39401c 100755..100644
--- a/pre-apt.d/50uncommitted-changes
+++ b/git/pre-apt.d/50uncommitted-changes
diff --git a/pre-apt.d/README b/git/pre-apt.d/README
index 47001b4..47001b4 100644
--- a/pre-apt.d/README
+++ b/git/pre-apt.d/README
diff --git a/pre-commit.d/20store-empty-directory b/git/pre-commit.d/20store-empty-directory
index e0f9538..e0f9538 100755..100644
--- a/pre-commit.d/20store-empty-directory
+++ b/git/pre-commit.d/20store-empty-directory
diff --git a/pre-commit.d/20warn-hardlinks b/git/pre-commit.d/20warn-hardlinks
index 3dd7a96..3dd7a96 100755..100644
--- a/pre-commit.d/20warn-hardlinks
+++ b/git/pre-commit.d/20warn-hardlinks
diff --git a/pre-commit.d/20warn-special-file b/git/pre-commit.d/20warn-special-file
index cb4d019..cb4d019 100755..100644
--- a/pre-commit.d/20warn-special-file
+++ b/git/pre-commit.d/20warn-special-file
diff --git a/pre-commit.d/30store-metadata b/git/pre-commit.d/30store-metadata
index b878abd..b878abd 100755..100644
--- a/pre-commit.d/30store-metadata
+++ b/git/pre-commit.d/30store-metadata
diff --git a/pre-commit.d/README b/git/pre-commit.d/README
index 051d094..051d094 100644
--- a/pre-commit.d/README
+++ b/git/pre-commit.d/README
diff --git a/hg/init.d/10restore-etckeeper b/hg/init.d/10restore-etckeeper
new file mode 100644
index 0000000..376524c
--- /dev/null
+++ b/hg/init.d/10restore-etckeeper
@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+
+# Yes, this runs code from the repository. As documented, etckeeper-init
+# should only be run on repositories you trust.
+if [ -e .etckeeper ]; then
+	. ./.etckeeper
+fi
diff --git a/hg/init.d/20restore-metadata b/hg/init.d/20restore-metadata
new file mode 100644
index 0000000..01c45e4
--- /dev/null
+++ b/hg/init.d/20restore-metadata
@@ -0,0 +1,10 @@
+#!/bin/sh
+set -e
+
+# Note that metastore doesn't check that the .metastore file only changes
+# perms of files in the current directory. It's ok to trust the .metastore
+# file won't do anything shady, because, as documented, etckeeper-init
+# should only be run on repositories you trust.
+if [ -e .metadata ]; then
+	metastore --apply --mtime
+fi
diff --git a/hg/init.d/40git-init b/hg/init.d/40git-init
new file mode 100644
index 0000000..69867c4
--- /dev/null
+++ b/hg/init.d/40git-init
@@ -0,0 +1,6 @@
+#!/bin/sh
+set -e
+if [ ! -e .git ]; then
+	git-init
+	echo "$(hostname) /etc repository" > .git/description
+fi
diff --git a/hg/init.d/50git-ignore b/hg/init.d/50git-ignore
new file mode 100644
index 0000000..f931592
--- /dev/null
+++ b/hg/init.d/50git-ignore
@@ -0,0 +1,22 @@
+#!/bin/sh
+set -e
+if [ ! -e .gitignore ]; then
+	cat >.gitignore <<EOF
+*~
+
+# new and old versions of conffiles, stored by dpkg
+*.dpkg-*
+
+# mount(8) records system state here, no need to keep these in git
+blkid.tab
+blkid.tab.old
+
+# some other files in /etc that typically do not need to be tracked
+ld.so.cache
+mtab
+.pwd.lock
+network/run
+adjtime
+
+EOF
+fi
diff --git a/hg/init.d/50git-perm b/hg/init.d/50git-perm
new file mode 100644
index 0000000..564e489
--- /dev/null
+++ b/hg/init.d/50git-perm
@@ -0,0 +1,3 @@
+#!/bin/sh
+set -e
+chmod 700 .git
diff --git a/hg/init.d/50git-pre-commit-hook b/hg/init.d/50git-pre-commit-hook
new file mode 100644
index 0000000..0efd5e4
--- /dev/null
+++ b/hg/init.d/50git-pre-commit-hook
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -e
+if [ -x .git/hooks/pre-commit ]; then
+	if ! grep -q "etckeeper pre-commit" .git/hooks/pre-commit; then
+		echo "etckeeper warning: .git/hooks/pre-commit needs to be manually modifed to run: etckeeper pre-commit `pwd`" >&2
+	fi
+else
+	cat >.git/hooks/pre-commit <<EOF
+#!/bin/sh
+# pre-commit hook for etckeeper, to store metadata and do sanity checks
+set -e
+etckeeper pre-commit `pwd`
+EOF
+	chmod +x .git/hooks/pre-commit
+fi
diff --git a/hg/init.d/70git-add b/hg/init.d/70git-add
new file mode 100644
index 0000000..06504b4
--- /dev/null
+++ b/hg/init.d/70git-add
@@ -0,0 +1,5 @@
+#!/bin/sh
+set -e
+if ! git-add .; then
+	echo "etckeeper warning: git-add failed" >&2
+fi
diff --git a/hg/init.d/README b/hg/init.d/README
new file mode 100644
index 0000000..90aec67
--- /dev/null
+++ b/hg/init.d/README
@@ -0,0 +1,13 @@
+Executable files in this directory are run to initialise the working directory
+for use by etckeeper. If the working directory is not already in version
+control, that includes setting up the version control, but not actually
+committing anything. If the working directory is in version control,
+it includes applying stored metadata to the checked out files in the
+working directory.
+
+Please be careful to *never* overwrite existing files/directories
+in the working directory (or use absolute care when doing so). If a file
+you need to write already exists, check if its contents are sane, and 
+if not, emit a warning on stderr.
+
+If initialisation fails, exit nonzero and no later files will be run.
diff --git a/hg/post-apt.d/10git-test b/hg/post-apt.d/10git-test
new file mode 100644
index 0000000..e72f195
--- /dev/null
+++ b/hg/post-apt.d/10git-test
@@ -0,0 +1,6 @@
+#!/bin/sh
+set -e
+if [ ! -d .git ]; then
+	echo "etckeeper warning: etckeeper is not yet enabled for $(pwd)" >&2
+	echo "etckeeper warning: run etckeeper init to enable it" >&2
+fi
diff --git a/hg/post-apt.d/30git-add b/hg/post-apt.d/30git-add
new file mode 100644
index 0000000..79aa406
--- /dev/null
+++ b/hg/post-apt.d/30git-add
@@ -0,0 +1,7 @@
+#!/bin/sh
+set -e
+if [ -d .git ]; then
+	if ! git-add .; then
+		echo "etckeeper warning: git-add failed" >&2
+	fi
+fi
diff --git a/hg/post-apt.d/40git-rm b/hg/post-apt.d/40git-rm
new file mode 100644
index 0000000..680dac0
--- /dev/null
+++ b/hg/post-apt.d/40git-rm
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+TAB="	"
+
+if [ -d .git ]; then
+	for file in $(git ls-files --deleted); do
+		if [ ! -d "$file" ]; then 
+			git rm --quiet "$file"
+		fi
+	done
+fi
diff --git a/hg/post-apt.d/50git-commit b/hg/post-apt.d/50git-commit
new file mode 100644
index 0000000..1a5c55a
--- /dev/null
+++ b/hg/post-apt.d/50git-commit
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ -d .git ]; then
+
+	# TODO: figure out what packages were acted on by the apt run, and
+	# include that info in the commit message
+	message="committing changes after apt run"
+
+	# ignore exit code since it exits nonzero if there is nothing to do
+	git commit $GIT_COMMIT_OPTIONS -m "$message" || true
+fi
diff --git a/hg/post-apt.d/README b/hg/post-apt.d/README
new file mode 100644
index 0000000..befa5c0
--- /dev/null
+++ b/hg/post-apt.d/README
@@ -0,0 +1,2 @@
+Files in this directory are run after apt has run. They should commit
+changes and new files in /etc to repository.
diff --git a/hg/pre-apt.d/50uncommitted-changes b/hg/pre-apt.d/50uncommitted-changes
new file mode 100644
index 0000000..d39401c
--- /dev/null
+++ b/hg/pre-apt.d/50uncommitted-changes
@@ -0,0 +1,22 @@
+#!/bin/sh
+set -e
+if [ -d .git ] && ! LANG=C git-status 2>&1 | grep -q "working directory clean"; then
+	. /usr/share/debconf/confmodule
+	db_capb escape
+	db_title etckeeper
+
+	db_reset etckeeper/unclean || true
+	db_subst etckeeper/unclean STATUS $(git-status | debconf-escape -e) || true
+	db_input critical etckeeper/unclean || true
+	db_go || true
+	db_get etckeeper/unclean
+	if [ "$RET" = true ]; then
+		git add .
+		if ! git commit $GIT_COMMIT_OPTIONS -m "saving uncommitted changes in /etc prior to apt run"; then
+			db_input critical etckeeper/commit_failed || true
+			db_go || true
+			db_reset etckeeper/commit_failed || true
+		fi
+	fi
+	db_reset etckeeper/unclean || true
+fi
diff --git a/hg/pre-apt.d/README b/hg/pre-apt.d/README
new file mode 100644
index 0000000..47001b4
--- /dev/null
+++ b/hg/pre-apt.d/README
@@ -0,0 +1,2 @@
+Files in this directory are run before apt is run. This is mostly used for
+sanity checks, ie, does /etc have any uncommitted changes?
diff --git a/hg/pre-commit.d/20store-empty-directory b/hg/pre-commit.d/20store-empty-directory
new file mode 100644
index 0000000..e0f9538
--- /dev/null
+++ b/hg/pre-commit.d/20store-empty-directory
@@ -0,0 +1,19 @@
+#!/bin/sh
+set -e
+
+# Make sure the file is not readable by others, since it can leak
+# information about contents of non-readable directories in /etc.
+umask 077
+
+if [ -e .etckeeper ]; then
+	egrep -v '^mkdir ' .etckeeper > .etckeeper.new || true
+fi
+find -type d -empty | grep -v /.git/ | sort | 
+	sed -e "s/^/mkdir -p '/" -e "s/\$/'/" >> .etckeeper.new
+
+if [ ! -e .etckeeper ] || ! cmp -s .etckeeper .etckeeper.new ; then
+	mv -f .etckeeper.new .etckeeper
+	git add .etckeeper
+else
+	rm -f .etckeeper.new
+fi
diff --git a/hg/pre-commit.d/20warn-hardlinks b/hg/pre-commit.d/20warn-hardlinks
new file mode 100644
index 0000000..3dd7a96
--- /dev/null
+++ b/hg/pre-commit.d/20warn-hardlinks
@@ -0,0 +1,7 @@
+#!/bin/sh
+set -e
+hardlinks=$(find -type f -not -links 1 | grep -v /.git/) || true
+if [ -n "$hardlinks" ]; then
+	echo "etckeeper warning: hardlinked files could cause problems with git:" >&2
+	echo "$hardlinks" >&2
+fi
diff --git a/hg/pre-commit.d/20warn-special-file b/hg/pre-commit.d/20warn-special-file
new file mode 100644
index 0000000..cb4d019
--- /dev/null
+++ b/hg/pre-commit.d/20warn-special-file
@@ -0,0 +1,9 @@
+#!/bin/sh
+set -e
+special=$(find -not -type d -not -type f -not -type l | grep -v /.git/) || true
+if [ -n "$special" ]; then
+	echo "etckeeper warning: special files could cause problems with git:" >&2
+	echo "$special" >&2
+fi
+
+true
diff --git a/hg/pre-commit.d/30store-metadata b/hg/pre-commit.d/30store-metadata
new file mode 100644
index 0000000..b878abd
--- /dev/null
+++ b/hg/pre-commit.d/30store-metadata
@@ -0,0 +1,18 @@
+#!/bin/sh
+set -e
+
+# Make sure the file is not readable by others, since it can leak
+# information about contents of non-readable directories in /etc.
+umask 077
+
+# ensure the file exists so that it will list its own metadata
+if [ ! -e .metadata ]; then
+	metastore --save
+fi
+
+# metastore doesn't produce the same output file for the same metadata
+# everytime, so avoid changing the file if nothing really changed.
+if [ ! -z "$(metastore --compare)" ]; then
+	metastore --save
+	git add .metadata
+fi
diff --git a/hg/pre-commit.d/README b/hg/pre-commit.d/README
new file mode 100644
index 0000000..051d094
--- /dev/null
+++ b/hg/pre-commit.d/README
@@ -0,0 +1,2 @@
+This is run by a git pre-commit hook before committing changes to the
+repository. This can be used for storing metadata, and for sanity checks.