Re: Using git on / for configuration files

2012-06-06 Thread Oleg Goldshmidt 
On Wed, Jun 6, 2012 at 12:57 PM, Eli Billauer  wrote:

>
> So what do you say? A bad idea? A brilliant idea? Everyone's doing it and
> nobody told me?
>

I don't know about everyone but I have been doing it (on my home computers)
for so long that I am still on CVS, not git. My repository lives in
/usr/local (and, accordingly, is backed up, unlike the root partition with
the real /etc on it). I am probably not quite consistent in the sense that
I don't keep ALL my configuration under control, but pieces of it -
certainly. Of course, I only keep those things that I modify in some
serious and not easily recoverable way. I do not see much need to keep all
of the default settings that I never touch under version control. As a
from-memory example of what I do keep under version control - /etc/mail.
You don't need a reminder to set up permissions properly, i suppose.

I am sure experienced people will point out that a more comprehensive
solution would be to keep your puppet or similar configuration under
version control, but it may be a serious overkill for a couple of (home)
computers.

-- 
Oleg Goldshmidt | p...@goldshmidt.org 
___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-06 Thread ilya 
It is generally possible, though I'd recommend making your git repo out of
/etc, not /, since this is what you mostly want to track, and managing
.gitignore of
the whole FS will be too painful.
One thing git does not track though, is file ownership. This might be a
problem for
some files.

On 06/06/12 12:57, Eli Billauer wrote:
> Hi all,
>
> I'd just like to get your input before I do something stupid. The
> idea, anyhow, is to create a git repository on my system's root
> directory, and add many of the system's configuration files (e.g. some
> of /etc/) for tracking.
>
> This sounds a bit bizarre even to me, but my question is: Do you see
> anything bad that could happen?
>
> I can see a few advantages:
>
> 1. Keep track of my changes in the configuration files over time
>
> 2. Easily spot what has changed, if something breaks for no apparent
> reason (after some well-meaning automatic utility "helps me out")
>
> 3. Possible to run a cronjob on "git commit -a", maintaining a history
> of these files (and makes it easy to fall back to a known set)
>
> 4. More freedom to hack these files to solve a problem, knowing that
> the "working set" it there to fall back to.
>
> 5. Migrating to a new computer by cloning the repository and
> selectively patching the new system.
>
> And some disadvantages:
>
> 1. Opening a security loophole somehow (?)
>
> 2. Possibly exposing files containing secrets (otherwise readable by
> root only, e.g. /etc/ppp/pap-secrets and other password files)
>
> 3. Running git as root
>
> 4. Mess up the system somehow because git wasn't meant to handle
> sensitive files (?)
>
>
>
>
> So what do you say? A bad idea? A brilliant idea? Everyone's doing it
> and nobody told me?
>
> TAI,
>
>Eli
>


___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-06 Thread Eli Billauer 




There seems to be a misunderstanding about git: If the repository is on
/, it doesn't mean all files are tracked. On the contrary, they are
handpicked with "git add". On the other hand, if I put the repository
under /etc, I'm not so sure I'll be able to track something under, say,
/var.

File ownership is an interesting issue. I suppose all relevant files
belong to root, but maybe some of them have some different group
setting.

On 06/06/2012 01:34 PM, ilya wrote:

  It is generally possible, though I'd recommend making your git repo out of
/etc, not /, since this is what you mostly want to track, and managing
.gitignore of
the whole FS will be too painful.
One thing git does not track though, is file ownership. This might be a
problem for
some files.
  



-- 
Web: http://www.billauer.co.il




___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-06 Thread Tomer Cohen 
I'd suggest doing so but away from system folders. You can create symlinks
to each file or folder you are interested in backing up (keep the symlink
creation script handy!), and by doing so you won't end up with the whole
filesystem in a git repository.

On Wed, Jun 6, 2012 at 12:57 PM, Eli Billauer  wrote:

> Hi all,
>
> I'd just like to get your input before I do something stupid. The idea,
> anyhow, is to create a git repository on my system's root directory, and
> add many of the system's configuration files (e.g. some of /etc/) for
> tracking.
>
> This sounds a bit bizarre even to me, but my question is: Do you see
> anything bad that could happen?
>
> I can see a few advantages:
>
> 1. Keep track of my changes in the configuration files over time
>
> 2. Easily spot what has changed, if something breaks for no apparent
> reason (after some well-meaning automatic utility "helps me out")
>
> 3. Possible to run a cronjob on "git commit -a", maintaining a history of
> these files (and makes it easy to fall back to a known set)
>
> 4. More freedom to hack these files to solve a problem, knowing that the
> "working set" it there to fall back to.
>
> 5. Migrating to a new computer by cloning the repository and selectively
> patching the new system.
>
> And some disadvantages:
>
> 1. Opening a security loophole somehow (?)
>
> 2. Possibly exposing files containing secrets (otherwise readable by root
> only, e.g. /etc/ppp/pap-secrets and other password files)
>
> 3. Running git as root
>
> 4. Mess up the system somehow because git wasn't meant to handle sensitive
> files (?)
>
>
>
>
> So what do you say? A bad idea? A brilliant idea? Everyone's doing it and
> nobody told me?
>
> TAI,
>
>   Eli
>
> --
> Web: http://www.billauer.co.il
>
>
> __**_
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/**mailman/listinfo/linux-il
>



-- 
Tomer Cohen
http://tomercohen.com
___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-06 Thread ilya 
On 06/06/12 16:03, Eli Billauer wrote:
> There seems to be a misunderstanding about git: If the repository is
> on /, it doesn't mean all files are tracked. On the contrary, they are
> handpicked with "git add". On the other hand, if I put the repository
> under /etc, I'm not so sure I'll be able to track something under,
> say, /var.
1. The files may not be tracked, but they will show up on git status,
and generally
get in the way of being useful.
2. Correct, you will not be able to track files in /var. On the other
hand, those files are rarely config files, and even more rarely
are bound to things in /etc/

>
> File ownership is an interesting issue. I suppose all relevant files
> belong to root, but maybe some of them have some different group setting.
some of the mail-related config files for certain MTAs come to mind
right away.
Some database systems also often are in similar situation.

On the other hand, number of files affected by this isn't too large, and
adding some hooks to your repo
to maintain this information should not be hard.

> On 06/06/2012 01:34 PM, ilya wrote:
>> It is generally possible, though I'd recommend making your git repo out of
>> /etc, not /, since this is what you mostly want to track, and managing
>> .gitignore of
>> the whole FS will be too painful.
>> One thing git does not track though, is file ownership. This might be a
>> problem for
>> some files.
>>   
>
>
> -- 
> Web: http://www.billauer.co.il

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-06 Thread Kfir Lavi 
On Wed, Jun 6, 2012 at 1:34 PM, ilya  wrote:

> It is generally possible, though I'd recommend making your git repo out of
> /etc, not /, since this is what you mostly want to track, and managing
> .gitignore of
> the whole FS will be too painful.
> One thing git does not track though, is file ownership. This might be a
> problem for
> some files.
>
> Git permission problem can be solve like this (Not the best, but still
usable):
http://stackoverflow.com/questions/3207728/retaining-file-permissions-with-git

On 06/06/12 12:57, Eli Billauer wrote:
> > Hi all,
> >
> > I'd just like to get your input before I do something stupid. The
> > idea, anyhow, is to create a git repository on my system's root
> > directory, and add many of the system's configuration files (e.g. some
> > of /etc/) for tracking.
> >
> > This sounds a bit bizarre even to me, but my question is: Do you see
> > anything bad that could happen?
> >
> > I can see a few advantages:
> >
> > 1. Keep track of my changes in the configuration files over time
> >
> > 2. Easily spot what has changed, if something breaks for no apparent
> > reason (after some well-meaning automatic utility "helps me out")
> >
> > 3. Possible to run a cronjob on "git commit -a", maintaining a history
> > of these files (and makes it easy to fall back to a known set)
> >
> > 4. More freedom to hack these files to solve a problem, knowing that
> > the "working set" it there to fall back to.
> >
> > 5. Migrating to a new computer by cloning the repository and
> > selectively patching the new system.
> >
> > And some disadvantages:
> >
> > 1. Opening a security loophole somehow (?)
> >
> > 2. Possibly exposing files containing secrets (otherwise readable by
> > root only, e.g. /etc/ppp/pap-secrets and other password files)
> >
> > 3. Running git as root
> >
> > 4. Mess up the system somehow because git wasn't meant to handle
> > sensitive files (?)
> >
> >
> >
> >
> > So what do you say? A bad idea? A brilliant idea? Everyone's doing it
> > and nobody told me?
> >
> > TAI,
> >
> >Eli
> >
>
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-06 Thread Oron Peled 
On Wednesday, 6 בJune 2012 12:57:06 Eli Billauer wrote:
> Hi all,
> 
> I'd just like to get your input before I do something stupid. The idea, 
> anyhow, is to create a git repository on my system's root directory, and 
> add many of the system's configuration files (e.g. some of /etc/) for 
> tracking.

If you want this route, why re-invent the wheel?
 http://joeyh.name/code/etckeeper

> This sounds a bit bizarre even to me, but my question is: Do you see 
> anything bad that could happen?

Personally, for many years I'm maintaining a *selection* of /etc files
in RCS (i.e: create /etc/RCS, /etc/sysconfig/RCS, etc.)
Why this bizzare selection?
 * Originally, I used it also on many legacy Unices (HP-UX, Solaris, SGI)
   and it's the easiest solution I can install on a variety of OS's

 * A more important feature (IMO), is that RCS is handling only single files.
   This means that checking out an older version of specific file, cannot
   change (by mistake), other managed files.

I was also thinking about moving to etckeeper (or similar) solution, but
didn't do anything about it yet...

-- 
Oron Peled Voice: +972-4-8228492
o...@actcom.co.il  http://users.actcom.co.il/~oron
Hi! I'm a .signature virus! Copy me into your ~/.signature to help
me spread!

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-07 Thread Tzafrir Cohen 
On Wed, Jun 06, 2012 at 10:38:49PM +0300, Oron Peled wrote:
> On Wednesday, 6 בJune 2012 12:57:06 Eli Billauer wrote:
> > Hi all,
> > 
> > I'd just like to get your input before I do something stupid. The idea, 
> > anyhow, is to create a git repository on my system's root directory, and 
> > add many of the system's configuration files (e.g. some of /etc/) for 
> > tracking.
> 
> If you want this route, why re-invent the wheel?
>  http://joeyh.name/code/etckeeper

Note that while etckeeper defaults to using git, it can use a number of
other version control systems (though only distributed ones).

It also has hooks to package managers. Thus it documents the changes
created by apt / yum / whatever.

IIRC there's something similar for configuration files in the home
directory, but I did not get to look at it.

-- 
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
tzaf...@cohens.org.il ||  best
tzaf...@debian.org|| friend

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-07 Thread Eli Billauer 




On 06/06/2012 06:39 PM, Ohad Levy wrote:

  [...]
  
  
So what do you say? A bad idea? A brilliant idea? Everyone's doing it
and nobody told me?
  
  etckeeper
  
  
  

Thanks for that one (goes to Oron too). On Fedora 14 (running on a
guinea pig virtual machine) it was just yum install etckeeper,
etckeeper init, etckeeper commit "initial commit", and the whole thing
was set up. And I dare to believe that if it's part of a Fedora
distribution, there's probably nothing fundamentally wrong with running
git as root or maintaining version control on configuration files.
Personal experiences reported here were valuable too, of course. Thank
you.

A nice thing about etckeeper is that it makes commits on yum calls, so
there's a clear before-after view.

What I liked less, is that the repository is under /etc (not
surprising, and still), so configuration files outside that directory
can't be tracked. /var/lib/tftpboot/pxelinux.cfg/, for example. I
suppose I'll init the git repository on / instead, and fix the
.gitignore file accordingly. With some luck, this will have no effect,
since git will respond exactly the same (won't find a repository in
/etc, climbs up to /). Fingers crossed.

   Eli


-- 
Web: http://www.billauer.co.il





___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-07 Thread Oleg Goldshmidt 
Eli Billauer  writes:

> What I liked less, is that the repository is under /etc (not surprising, and
> still), so configuration files outside that directory can't be
> tracked. /var/lib/tftpboot/pxelinux.cfg/, for example.

So, out of curiousity, what does it do with symlinks? A typical use
case, in my mind, would be a package under /opt with configuration
under /opt/foo/etc and symlinks under /etc/foo - how is that handled?

If it works in some sane way then maybe all it takes is symlinking
what you need?

-- 
Oleg Goldshmidt | p...@goldshmidt.org

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-08 Thread Eli Billauer 




I tried to symlink /boot/grub/ and got one single file (the symbolic
link itself). Some googling immediately revealed that making git follow
symlinks is a popular question, with a typical answer that git doesn't
like to do that (or can't do that).

So given that a configuration repository is supposed to be a long term
thing, I would avoid this, even if I found a way to trick git into
following symlinks. Even specific symlinks (because /etc has a few of
its own).

   Eli

On 06/08/2012 08:06 AM, Oleg Goldshmidt wrote:

  Eli Billauer  writes:

  
  
What I liked less, is that the repository is under /etc (not surprising, and
still), so configuration files outside that directory can't be
tracked. /var/lib/tftpboot/pxelinux.cfg/, for example.

  
  
So, out of curiousity, what does it do with symlinks? A typical use
case, in my mind, would be a package under /opt with configuration
under /opt/foo/etc and symlinks under /etc/foo - how is that handled?

If it works in some sane way then maybe all it takes is symlinking
what you need?

  




-- 
Web: http://www.billauer.co.il





___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-08 Thread Oleg Goldshmidt 
Eli Billauer  writes:

> I tried to symlink /boot/grub/ and got one single file (the symbolic link
> itself). Some googling immediately revealed that making git follow symlinks is
> a popular question, with a typical answer that git doesn't like to do that (or
> can't do that).
> So given that a configuration repository is supposed to be a long term thing,
> I would avoid this, even if I found a way to trick git into following
> symlinks. Even specific symlinks (because /etc has a few of its
> own).

So there goes your /etc/alternatives down the drain?

-- 
Oleg Goldshmidt | p...@goldshmidt.org

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-08 Thread Eli Billauer 




Aha. I learn something new every day.

As for git, on the contrary. /etc/alternatives contains symbolic links,
so it would be pointless to follow them. What git wisely does is
maintaining the link's destination. So if you change or delete the
symbolic link, you get exactly that change in the repository. I tried
changing a symbolic link, committed to git, and got a single plus-minus
change in the diff log, with the names of the destination files.

Now it's clear to me why git doesn't follow symlinks. Not the first
time it turns out smarter than me. :P

   Eli

On 06/08/2012 02:03 PM, Oleg Goldshmidt wrote:

  Eli Billauer  writes:

  
  
My what down the drain?

  
  Eh, "man alternatives"? "ls -l /etc/alternatives"? I think it gets
installed with chkconfig...

Whatever, it's a humongous collection of symlinks to default version
of all sorts of things (perl and java come to mind), and a way to
maintain them, switch between versions, etc.

My home Fedora has more than 180 symlinks under /etc/alternatives -
none that I touched though. I've been in situations where something
you need - typically some 3rd party piece your production software
depends on - requires a particular version of, say, JVM (they are all
incompatible, as you probably know). Then it becomes really handy as a
part of your installation procedure.

  




-- 
Web: http://www.billauer.co.il





___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-08 Thread Oron Peled 
On Friday, 8 בJune 2012 12:24:55 Eli Billauer wrote:
>   
> What I liked less, is that the repository is under /etc 
(not surprising, and
> still), so configuration files outside that directory can't be
> tracked. /var/lib/tftpboot/pxelinux.cfg/, for example.
> 
>   
>   
[ Replying to HTML mail... thanks, Eli you deserve it :-( ]

If you only want to follow a couple of directories/files you can
bind-mount them to something under /etc and solve the problem.

Cheers,

-- 
Oron Peled Voice: +972-4-8228492
o...@actcom.co.il  http://users.actcom.co.il/~oron
Some people claim that the UNIX learning curve is steep, but at least
you only have to climb it once

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-08 Thread Oleg Goldshmidt 
Eli Billauer  writes:

> What git wisely does is maintaining the link's destination. So if
> you change or delete the symbolic link, you get exactly that change
> in the repository. I tried changing a symbolic link, committed to
> git, and got a single plus-minus change in the diff log, with the
> names of the destination files.

Ah, so it does do something sane: keeps the file's metadata (symlink)
and contents (destination). For a fleeting moment I got a wrong
impression. Sorry, Linus... ;-)

-- 
Oleg Goldshmidt | p...@goldshmidt.org

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-08 Thread Amos Shapira 
What about linking the none-/etc directories as git submodules? Would that
help?

(I'm still 100 pages from the end of Pro Git and just read about submodules
last night).
On Jun 9, 2012 2:13 AM, "Oron Peled"  wrote:

> On Friday, 8 בJune 2012 12:24:55 Eli Billauer wrote:
> >   
> > What I liked less, is that the repository is under /etc
> (not surprising, and
> > still), so configuration files outside that directory can't be
> > tracked. /var/lib/tftpboot/pxelinux.cfg/, for example.
> > 
> >   
> >   
> [ Replying to HTML mail... thanks, Eli you deserve it :-( ]
>
> If you only want to follow a couple of directories/files you can
> bind-mount them to something under /etc and solve the problem.
>
> Cheers,
>
> --
> Oron Peled Voice: +972-4-8228492
> o...@actcom.co.il  http://users.actcom.co.il/~oron
> Some people claim that the UNIX learning curve is steep, but at least
> you only have to climb it once
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-08 Thread Tomer Cohen 
On Fri, Jun 8, 2012 at 12:24 PM, Eli Billauer  wrote:

> **
> I tried to symlink /boot/grub/ and got one single file (the symbolic link
> itself). Some googling immediately revealed that making git follow symlinks
> is a popular question, with a typical answer that git doesn't like to do
> that (or can't do that).
>

Even if you're right, there is no reason why git won't follow hardlinks.

-- 
Tomer Cohen
http://tomercohen.com
___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-09 Thread Eli Billauer 
As far as I know, there is no way git can tell the difference between a 
hard link to a file (or should I say inode?) and the "original". I'm not 
even sure there is a way to tell which one is which (maybe some raw 
dumping of the file system's binary data?).


This way or another, hard links are not allowed for directories on a 
system that wants to stay sane. So this doesn't help much.


Thanks anyhow. :)

On 06/09/2012 09:33 AM, Tomer Cohen wrote:



On Fri, Jun 8, 2012 at 12:24 PM, Eli Billauer > wrote:


I tried to symlink /boot/grub/ and got one single file (the
symbolic link itself). Some googling immediately revealed that
making git follow symlinks is a popular question, with a typical
answer that git doesn't like to do that (or can't do that).


Even if you're right, there is no reason why git won't follow hardlinks.

--
Tomer Cohen
http://tomercohen.com




--
Web: http://www.billauer.co.il


___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Using git on / for configuration files

2012-06-09 Thread Eli Billauer 

Let's take them one by one:

bind mounting: That reminds me that I once mounted my / somewhere under 
my home directory to make it temporarily available over an SMB share. It 
was a quick thing, and then I went rm -rf on the directory under which 
the mount was done. The only time ever I needed to restore / from backup.


git submodules: I'll try that out, if my plan A fails (moving .git to 
/). Even though plan A involves hacking in etckeeper's scripts, it looks 
like the natural solution to me.


  Eli

On 06/09/2012 08:46 AM, Amos Shapira wrote:


What about linking the none-/etc directories as git submodules? Would 
that help?


(I'm still 100 pages from the end of Pro Git and just read about 
submodules last night).


On Jun 9, 2012 2:13 AM, "Oron Peled" > wrote:


On Friday, 8 בJune 2012 12:24:55 Eli Billauer wrote:
> 
> What I liked less, is that the repository is under /etc
(not surprising, and
> still), so configuration files outside that directory can't be
> tracked. /var/lib/tftpboot/pxelinux.cfg/, for example.
> 
> 
> 
[ Replying to HTML mail... thanks, Eli you deserve it :-( ]

If you only want to follow a couple of directories/files you can
bind-mount them to something under /etc and solve the problem.

Cheers,

--
Oron Peled Voice: +972-4-8228492

o...@actcom.co.il 
http://users.actcom.co.il/~oron 
Some people claim that the UNIX learning curve is steep, but at least
you only have to climb it once

___
Linux-il mailing list
Linux-il@cs.huji.ac.il 
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il


___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
   





___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il