Pablo Fernandez

Revisioning /etc with Git

by

Pablo Fernandez
, , , , ,

First and foremost I’m a coder, a coder who strongly believes in revision control. Second I am also a sysadmin; but only by accident. I have some servers and someone has to take care of them. I’m not a good sysadmin because I don’t have any interest on it so I learn as little as possible and also because I don’t want to be good at it and get stuck doing that all the time. What I love is to code.

I’m always scare of touching a file in /etc. What if I break something? I decided to treat /etc the same way I treat my software (where I am generally not afraid of touching anything). I decided to use revision control. So far I’ve never had to roll back a change in /etc, but it gives me a big peace of mind knowing that I can.

In the days of CVS and Subversion I thought about it, but I’ve never done it. It was just too cumbersome. But DVCS changed that, it made it trivial. That’s why I believe DVCS is a breakthru. Essentially what you need to revision-control your /etc with Git is to go to /etc and turn it into a repository:

cd /etc
git init

Done. It’s now a repo. Then, submit everything in there.

git add .
git commit -am "Initial commit. Before today it's prehistory, after today it's fun!"

From now on every time you modify a file you can do

git add <filename>
git commit -m "Description of the change to <filename>"

where <filename> is one or many files. Or if you are lazy you can also do:

git commit -am "Description to all the changes."

which will commit all pending changes. To see your pending changes do:

git status

and

git diff

When there are new files, you add them all with

git add .

and if some files were remove, you have to run

git add -u .

to be sure that they are remove in the repo as well (otherwise they’ll stay as pending changes forever).

That’s essentially all the commands I use when using git and doing sysadmin. If you ever have to do a rollback, merge, branch, etc, you’ll need to learn git for real.

One last thing. I often forget to commit my changes in /etc, so I created this script:

#!/usr/bin/env sh

cd /etc
git status | grep -v "On branch master" | grep -v "nothing to commit"
true # Don't return 1, which is what git status does when there's nothing to do.

on /etc/cron.daily/git-status which reminds me, daily, of my pending changes.

Hope it helps!

13 responses to “Revisioning /etc with Git”

  1. Juanjo Avatar
    Juanjo

    So… with DVCS you don’t need a repo server in Internet?

    Reply
  2. Pablo Avatar
    Pablo

    Juanjo, no, each checkout is a repo in-place so you can just start versioning a directory in-place without ever touching anything outside that directory.

    Reply
  3. Roshan Avatar
    Roshan

    I like your articles and subscribe to your blog via RSS, but the most recent set of RSS entries have a huge ‘share this item’ boilerplate at the end of every post, overshadowing the blog post itself. :-(

    Reply
    1. Pablo Avatar
      Pablo

      My apologies Roshan, better now?

      Reply
  4. Roshan Avatar
    Roshan

    Ah, you enabled the summary RSS. Yes, thanks!

    I like your article, btw. I’ve been doing the same, based on Subversion, for /etc and any other config files. I’m currently considering exporting my blog’s database dump into an SVN repository too. Just gotta implement it now. :-)

    Reply
  5. John Hunter Avatar
    John Hunter

    Very nice I think I will start doing this with my sites on Slicehost. I already maintain the applications in git, this seems like a good addition.

    Reply
    1. Pablo Avatar
      Pablo

      Using git for /etc is good, but I think spending the time to learn Puppet is worth it. I’m now using Puppet and never going back.

      Reply
  6. Mark Avatar
    Mark

    How do you handle file ownership? E. g., /etc/shadow is owned by root:shadow, and some configurations are owned by a dedicated user (freeradius, icecast, www-data), but occasionally, changing their ownership makes sense.

    How can we track such changes?

    Reply
    1. J. Pablo Fernández Avatar
      J. Pablo Fernández

      Mark, I actually didn’t track ownership. I’m not using this method anymore. Now I use puppet.

      Reply
  7. Gonzo Barzulisautilio dela Mancha Avatar
    Gonzo Barzulisautilio dela Mancha

    apt-get install etckeeper will help

    Reply
  8. Asad Hasan Avatar
    Asad Hasan

    WHAT A GENIUS IDEA…i googled it to see if someone has tried it before, and lo and behold here it is.

    Reply
  9. Asad Hasan Avatar
    Asad Hasan

    I am now off to see if I can mess with apt-get or dpkg-configure to do an automatic commit on hooks ran on auto updates that modify /etc files in ubuntu/debian.

    Reply
    1. NoNeedForAName Avatar
      NoNeedForAName

      Hello Asad –

      I’m looking into doing something similar w/ SLES. I came across http://hyperprog.com/howto/etc-git.html ; may this is something like you’re seeking? Otherwise, I think etckeeper (after changing its config fr bzr to git) seems to be a solid choice.

      Reply

Leave a Reply

You may also like:

If you want to work with me or hire me? Contact me

You can follow me or connect with me:

Or get new content delivered directly to your inbox.

Join 5,038 other subscribers

I wrote a book:

Stack of copies of How to Hire and Manage Remote Teams

How to Hire and Manage Remote Teams, where I distill all the techniques I've been using to build and manage distributed teams for the past 10 years.

I write about:

announcement blogging book book review book reviews books building Sano Business C# Clojure ClojureScript Common Lisp database Debian Esperanto Git ham radio history idea Java Kubuntu Lisp management Non-Fiction OpenID programming Python Radio Society of Great Britain Rails rant re-frame release Ruby Ruby on Rails Sano science science fiction security self-help Star Trek technology Ubuntu web Windows WordPress

I've been writing for a while:

Mastodon

%d bloggers like this: