The Sys Admin's Daily Grind: Etckeeper
Fountain of Youth
Configuration files change over the life of almost every Linux system, but not always for the better. Sometimes individual /etc files literally degenerate. Don't despair: You can restore a state from better days.
Etckeeper is part of many distributions and is otherwise available from GitHub [1]. Of course, Git also needs to be installed on the computer. Anyone who hasn't used Git on their system should configure a few fundamental settings:
git config --global user.name "Charly" git config --global user.email "charly@example.com" git config --global core.editor "vim"
Because I execute the etckeeper
and git
commands with sudo
, these settings prevent the root user from being entered as a committer.
Preserving Youth
To begin, I need to initialize the new repository, then I save all /etc
files in it for the first time:
cd /etc sudo etckeeper init sudo etckeeper commit "Initial etc commit"
Some distributions, such as Ubuntu, execute this step automatically when installing Etckeeper. In this case, I see output like:
> On branch master > nothing to commit, working directory clean
Sometimes I don't want all the data in /etc/
in the repository, so I tell Git which directories Etckeeper should ignore in the .gitignore
file right after the # end section [...] etckeeper
line:
# end section managed by etckeeper ghostscript/*
Now, however, all the data from /etc/
since the first commit is already in the repository, so I have to remove the undesired files manually:
sudo git rm -r --cached ghostscript/*
To demonstrate, I change a little something in /etc/postfix/main.cf
; in fact, sudo git status
shows that Git notices the difference when comparing the data with the repository (Figure 1). I can now check in the new version:
sudo git commit -a -m "main.cf changed"
An overview of all actions is provided with sudo git log
command:
commit9695e06a8175bd5cf485316f20d8fb 6d6fcc1e49 Author: Charly <charly@example.com> Date: Wed May 11 14:18:50 2016 +0200 main.cf changed
It's important to realize that this process implements versioning – there's no backup! Etckeeper and Git help you comprehend changes in configuration files and roll them back if necessary, but that's a lot for anyone who's configured something incorrectly.
Infos
- Etckeeper: https://github.com/joeyh/etckeeper
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs