Protect Linux Configurations Using Source Control

Recently, while performing some system updates, I mistakenly overwrote one of the system’s configuration files found in /etc. As I had not done any backups in some time (my own negligence), I wound up locking myself out of my system upon the next reboot. After using a live USB to restore the file from an older version, which I had to dig up, it was made evident I needed a better solution to prevent this from occurring. Enter etckeeper: a tool to keep track of all the changes made to configuration files.

While etckeeper won’t prevent you from making changes to your configurations in /etc, it will keep track of everything that is changed, as well as when the changes have occurred. This is accomplished through Version Control Systems; it effectively turns your /etc directory into a git repository. It then uses hooks with the package manager to perform commits to the repository whenever a package is installed, updated, or removed (this may vary depending on what package manager is being used). It offers a fair bit of flexibility on the type of VCS being used, so alternatives such as Mercurial are equally an option. To restore or view any commits, it’s as simple as querying the repository with the appropriate commands, such as performing a git diff. Be sure to perform such operations directly in the /etc directory, with root permissions (else the repository will not be accessible).

Etckeeper is already pre-packaged for many different Linux distributions, such as Ubuntu, Debian, Fedora, and even Arch. It is recommended to follow the installation instructions on its website, to ensure it is active and actually monitoring for configuration changes.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s