Date: Sun, 29 Mar 2009 14:45:24 +0200 From: Roland Smith <rsmith@xs4all.nl> To: Glen Barber <glen.j.barber@gmail.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: [OT] - Best Practices(TM) for Configuration File Changes Message-ID: <20090329124524.GA48814@slackbox.xs4all.nl> In-Reply-To: <4ad871310903290437q269964d7k54a449f405fb31b2@mail.gmail.com> References: <4ad871310903290437q269964d7k54a449f405fb31b2@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--RnlQjJ0d97Da+TV1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Mar 29, 2009 at 07:37:27AM -0400, Glen Barber wrote: > Hello, list. >=20 > Before I pose my question, I am not intending to start a flame-war of > any sort -- I'm just searching for "different" ways of doing things. >=20 > With so many different version control systems available (aside from > the traditional "keep current backups" solution), I am curious: >=20 > Q: What is *your* favorite/suggestion solution to keep (working) > versions of configuration files, in case something goes awry? >=20 > I am specifically targeting configuration files because they are what > I change the most, in avoidance of "It worked 10 minutes ago..." > situations. My configuration files are kept in git managed directories under ~/setup/<hostname>. Every <hostname> directory is its own repository. The reason that I'm using git is because it does what I need, is small and fast and doesn't require an external reporitory. For configuration files which are usually plain text all revision control systems would probably work OK. Every directory contains two perl scripts, check.pl and install.pl that respectively check the differences between files in the repository and in the filesystem and install files. Both these programs read a file called 'filelist.<username>'. This is a text file that has on every line a file in the reposirory, a permission, and its location in the filesystem (e.g. under /etc or /usr/local/etc for user root, or in $HOME for other users) and any post-install commands. Both scripts only process the filelists for the user that is running the script. Excerpt from filelist.root: # List of files that should be installed as root, # with their install locations. # Time-stamp: <2009-03-04 20:52:39 rsmith> # setup file perm system file commands etc/login.conf 644 /etc/login.conf cap_mkdb /etc/login= =2Econf etc/make.conf 644 /etc/make.conf etc/manpath.config 644 /etc/manpath.config etc/master.passwd 600 /etc/master.passwd pwd_mkdb -p /etc/ma= ster.passwd etc/mergemaster.rc 644 /etc/mergemaster.rc etc/named.conf 644 /var/named/etc/namedb/named.conf etc/ntp.conf 644 /etc/ntp.conf /etc/rc.d/ntpd rest= art The file from the first column is installed in the location in the third column with the permissions listed in the second column. The rest of the line (if any) is interpreted as a list of commands and executed by a subshe= ll. This system makes it easy to see if there are any differences between the configuration files in the repository and the real configuration files (e.g. after a mergemaster run). And it can install every file in its correct place. It also makes sure that users can only install their own files, by reading only that user's filelist. Roland --=20 R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) --RnlQjJ0d97Da+TV1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (FreeBSD) iEYEARECAAYFAknPbWQACgkQEnfvsMMhpyVYFgCfYQUsFFrtu28BhN3cCqXhan4p O5EAoIG4yChostMpvrXFKd6dOlZd22p0 =vxoY -----END PGP SIGNATURE----- --RnlQjJ0d97Da+TV1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090329124524.GA48814>