In Linux, the /etc directory is of critical importance because it houses your system configuration files, such as hosts, crontabs, fstab, inittab, passwords, profiles, timezone data and so much more.
Simply put, without /etc, Linux wouldn’t function.
That’s why it’s important to treat that directory with the importance that it deserves. You could accidentally delete or configure a file in /etc/ and find your system behaving in an undesired way. Or maybe a bad actor has injected a malicious program onto your system that changes one or more configurations in /etc. If you are unaware that something has happened, the consequences could be catastrophic.
Because of this, you should keep a constant watch on the changes that occur in /etc. Of course, if your Linux system uses the Btrfs file system, you could always roll back the changes. Unfortunately, not every system makes use of Btrfs. If that describes your Linux servers or desktops, then you’ll want to know about etckeeper.
Etckeeper is a collection of tools used to monitor changes that occur within /etc. Etckeeper can use a Git, Mercurial, Bazaar or Darcs repository that is housed on your local machine (in /etc/.git) and is automatically updated daily.
I’ll show you how to install and use etckeeper so you, too, can keep tabs on the comings and goings of your /etc/ directory.
What You’ll Need
I’m going to demonstrate this on Ubuntu Server 22.04, but you can install the application on most Linux distributions from the standard repository. To follow along, you’ll need a running instance of Ubuntu server and a user with sudo privileges.
That’s it. Let’s install.
Installing etckeeper
Log in to your Ubuntu instance and open a terminal window (if necessary). Install the application with the command:
sudo apt-get install etckeeper git -y
If you’re using a Fedora-based distribution, the installation command would be:
sudo dnf install etckeeper git -y
For distributions based on Arch Linux, the command would be:
sudo pacman -Sy etckeeper git
We’ve installed Git alongside etckeeper because that’s the tool we’ll use to monitor changes.
Configure Git
You’ll next need to configure your username and email address for Git so the system knows who you are.
First, configure your full name with:
git config --global user.name "YOUR NAME"
Where YOUR NAME is your full name.
Next, configure your email address with:
git config --global user.email "EMAIL"
Where EMAIL is your email address.
You can verify the configurations with:
git config --global --list
The output should include the full name and email address you just configured.
Configure etckeeper
We can now configure etckeeper. Open the configuration file with the command:
sudo nano /etc/etckeeper/etckeeper.conf
In that file, look for the following section:
# The VCS to use.
#VCS=”hg”
VCS=”git”
#VCS=”bzr”
#VCS=”darcs”
Make sure the line VCS=”git” is uncommitted (doesn’t contain a leading # character). Once you’ve taken care of that, save and close the file with the Ctrl+X keyboard combination.
Initialize etckeeper
The next step is to initialize etckeeper with the command:
sudo etckeeper init
You may or may not see any output. If you do see output, it will be:
Initialized empty Git repository in /etc/.git/
Next, you’ll need to make an initial commit with the command:
sudo etckeeper commit "Initial commit."
You will most likely see output from the above command that looks like this:
6 files changed, 6 insertions(+), 6 deletions(-)
delete mode 120000 systemd/system/multi-user.target.wants/snap-core22-1380.mount
create mode 120000 systemd/system/multi-user.target.wants/snap-core22-1612.mount
rename systemd/system/{snap-core22-1380.mount => snap-core22-1612.mount} (64%)
delete mode 120000 systemd/system/snapd.mounts.target.wants/snap-core22-1380.mount
create mode 120000 systemd/system/snapd.mounts.target.wants/snap-core22-1612.mount
Test the System
We’re now going to test etckeeper to see how it works. Let’s run a quick update/upgrade and see what happens.
Back at the terminal window, issue the command:
sudo apt-get update && sudo apt-get upgrade -y
After the above commands are completed, let’s check the git log with the command:
sudo git log --summary -1
The output from the above command should include any changes that were made to the /etc/ directory in diff format, such as:
Packages with configuration changes:
-base-files 12ubuntu4.6 amd64
+base-files 12ubuntu4.7 amd64
etc…
Let’s try something else. Edit the /etc/hosts file with the command:
sudo nano /etc/hosts
At the bottom of that file, add a new line mapping an IP address to a hostname of a machine on your network like this:
192.168.1.176 hive
Make sure to use an IP address and hostname from a computer on your LAN.
Save and close the file.
Create another commit like this:
sudo etckeeper commit "Edited hosts file"
Run the log command again:
sudo git log --summary -1
This time you should see the following in the output:
Edited hosts file
You don’t have to run the commit if you don’t want to. You can also check the status with:
sudo git status
You should see something like modified: ../hosts in the output.
I would, however, suggest that every time you make a change to anything in /etc/ that you issue a commit so Git knows about everything that’s gone on.
And that’s all there is to keeping a revision history of your Linux machine’s /etc directory. Given how crucial this directory is to the functioning of your server and all of the installed services, it should be clear why this should be considered a necessity.
The post Etckeeper: Back Your/etc/Files to Git for Safekeeping appeared first on The New Stack.
Leave a Reply