[SATLUG] etc and home in version control

[Channing]

Daniel Givens wrote:
> I'm in the process of setting up a couple new systems, one is my new
> desktop and the other my home server. I've been considering setting up
> some sort of version control system to aid me in tracking changes to
> my /etc and /home directories. I know this isn't exactly what a VCS is
> made for, but I think it would be a good way to save my butt in those
> times that I accidentally fsck up a config or decide I need to roll
> back some changes I made to a document. Yes, I saw the article on
> Slashdot yesterday talking about the Linux equivalent of Time Machine.
>
> I know most VCS's don't handle permissions and ownership, so that
> would be a problem. I've considered writing a hook script to take an
> inventory of the permissions, ACLs, and ownership at commit for easier
> restoration. While not a major limitation these days for any modern
> VCS, it would need to support binary files as well. Ideally, I would
> like to be able to do an auto-commit of sorts on certain files or
> directories.
>
> I would also like to be able to do something like this with my media
> storage. The only problem is that ~900GiB is a lot of data to backup
> short of spending even more than I already have on disk space. While I
> have that stuff stored on a RAID 5 volume, that doesn't protect me
> from an accidental rm -rf /srv/nfs/media/ when I meant
> /srv/nfs/media/pr0n/. If I were to use a VCS in this instance, I could
> easily restore the accidentally deleted files. The downside being I
> wouldn't free up any disk space when I delete something because of it
> still be held in the repo history. A good workaround for that would be
> an option to drop old repository data after a certain span of time.
>
> So am I asking too much? Do I need to get to work putting together
> something to fit my needs (and does anyone feel like helping)? This
> seems like something that wouldn't be too much to ask for and crazy
> useful.
>
> Thanks!
>
> Daniel
>   
Not having given this a lot of thought, but something that you could try 
is to use an IDS (tripwire, or OSSEC for example) and key off their 
alerts, or event hook into their system to trigger your check in 
process.  This would have the added benefit of capturing if you made 
permission/ownership changes, however it would not be able to preserve 
those as part of the version control, you could do something on your end 
for that.  For that matter, a simple file keeping track of 
file:owner:group:acls:directory:... could easily appended to as this 
information changed and checked-in.  That some file would be really 
simple to write a script to use for restoring the information once a 
checkout of one of those files took place.  As I type this, what comes 
to mind is not too dissimilar to how SVR4 packaging works (a cpio + 
pre/post shells + inventory with owner/group/yadda defined).

HTH,
Channing