Keep track of /etc with Etckeeper

You can insure yourself against accidentally changing your files using versioning. The technique can be used in many contexts, a good example that we will discuss below is the important configuration files for Linux Systems.

Some programs have relatively small configuration files. Many times, we can also make the settings graphically. When talking about more complex software, such as Postfix, the configuration becomes worse. Configuration files containing  several hundred parameters. When updating the configuration it’s important to not get lost and hope that it ends with a software that works as intended. However, it could also result that the system goes down, so you have to think before you start changing the settings.

Etckeeper to the rescue

Etckeeper is a smart software that is available in most major distributions package repository. The idea is to use ​​version control for files in the / etc directory, where the most important configuration files are. An advantage to the program is that it’s also linked to the package manager. This means that changes made during upgrades and installations can be traced and taken back. The program is undeniably interesting and can save us hours of troubleshooting. Let us see how it is installed and used.

In this example we are using Debian, but the process is similar in other distributions. First, we install the program:

[precode]sudo apt-get install etckeeper[/precode]

Etckeeper uses an external version control system, which is set in the application’s configuration file. So when the installation of Etckeeper is done it is time to check the settings. These are stored in /etc/etckeeper/etckeeper.conf.

The first section is about what VCS (Version Control System) that will be used Here you can choose between software like Git, Darcs or Bazaar. Current version is using Git and older versions are using Bazaar as default, both works in most cases. Besides choosing the VCS to use, we only need to look into the last two parameters. They specify what package manager will be used. Since we are using Debian in this guide we accept the default values of ​​Apt and Dpkg.

Using Etckeeper

In order to be able to track the versions we need to initialize the repository. This is done using the following commands:

[precode]
cd / etc
etckeeper init
etckeeper commit “Initial import”
# On branch master
nothing to commit (working directory clean)
[/precode]

Then we can make a change to one of the configuration files, here we will update resolv.conf since this doesn’t impact on system stability.  We change it by adding another nameserver entry on the last line. When the file is saved the change is stored in the VCS by running this command:

[precode]etckeeper commit “New nameserver”[/precode]

The result may look like this:

[precode]
[Master f21e7e6] New nameserver
“>Author: root <root@uopplnnr>
“>Committer: root <root@uopplnnr.(none)>
Your name and email address were configured Automatically based
on your username and hostname. Please check That They are accurate.
You can suppress this message by setting them explicitly:
git config – global user.name “Your Name”
git config – global user.email you@example.com
If the identity used for this commit is wrong, you can fix it with:
‘”>git commit – amend – author = ‘Your Name <you@example.com>’
2 files changed, 2 insertions (+), 0 deletions (-)
[/precode]

When installation and initialization of the repository is complete, Etckeeper is set to run automatically. this means that changes to /etc will be recorded once per day. Changes will also be saved before and after a package installation. To update  the repository manually after changing a configuration file, use the following command:

[precode] etckeeper commit “Reason for Change”[/precode]

Sub commands case

Etckeeper itself has very few parameters, instead sub commands are used. These are commands that are relayed to the VCS used. For example, to see the changes that have been stored, the “log”-used:

[precode]
etckeeper VCS log
[/precode]
When this run is a list of changes that have been stored. Among the information displayed is also who did what and when, and also a unique transaction number. After the change above, the log look like this:

[precode]
commit f21e7e61e5f1aab89288f0a2130f1b52bb7e6376
“>Author: root <root@uopplnnr>
Date: Tue Jun 4 23:37:08 2013 +0200
New nameserver
commit ccc2d2633c9414b3d22deba05860f619b9ffe924
“>Author: root <root@uopplnnr.(none)>
Date: Tue Jun 4 23:21:49 2013 +0200
Initial commit
[/precode]

It is thus the information about the change of resolv.conf made earlier. To more accurately see what has been done, you can use the command “diff”:

[precode]
etckeeper VCS diff
[/precode]

Using the log file, we can see that something has changed, and with the help of diff, we can see exactly what has been done.

There are even more features, exactly what features depends on which VCS is used. Therefore, take a look in program manuals.

1 comment for “Keep track of /etc with Etckeeper

Leave a Reply

Your email address will not be published. Required fields are marked *