From: Ryan Anderson <ryan@michonline.com>
To: Junio C Hamano <junkio@cox.net>
Cc: Adam Hunt <kinema@gmail.com>, git@vger.kernel.org
Subject: Re: /etc in git?
Date: Thu, 19 Jan 2006 01:23:29 -0500 [thread overview]
Message-ID: <43CF3061.2030504@michonline.com> (raw)
In-Reply-To: <7v64ogkdtu.fsf@assigned-by-dhcp.cox.net>
[-- Attachment #1: Type: text/plain, Size: 2117 bytes --]
Junio C Hamano wrote:
> Adam Hunt <kinema@gmail.com> writes:
>
>
>>Do you have any more details by chance? Does it work? Does it work
>>well? How does one do it?
>
>
> I personally feel it is a horrible and stupid thing to do, if by
> "version control /etc" you mean to have /.git which controls
> /etc/hosts and stuff in place. It would work (git does not
> refuse to run as root). But being a *source* control system, we
> deliberately refuse to store the full permission bits, so if
> your /etc/shadow is mode 0600 while /etc/hosts is mode 0644, you
> have to make sure they stay that way after checking things out.
This is, admittedly, a major problem.
If you instead take the viewpoint that the /etc/.git/ repository is for
tracking textual diffs and not for serving as a backup, it should be an
acceptable tool however. In my opinion, to be truly useful, it would
need to also automatically commit changes during package installation,
upgrade, and removal. (To be incredibly useful, it would 3-way merge
changes. That, I think, is a fantasy at this time.)
>
> You are much better off to keep /usr/src/rootstuff/.git (and
> working tree files are /usr/src/rootstuff/etc/hosts and
> friends), have a build procedure (read: Makefile) there, and
> version control that source directory. I usually have 'install'
> and 'diff' target in that Makefile, so that I can do this:
>
> $ cd /usr/src/rootstuff
> $ make diff ;# to see if somebody edited any targets by hand
> $ edit etc/hosts
> $ git diff ;# to see the source change
> $ make diff ;# to see the change I am going to install
> $ su
> # make install; exit
> $ git commit -a -m 'Add a new host.'
>
> Being able to run "diff" before actually doing it is very handy
> and useful safety/sanity measure.
>
> Obviously, /usr/src/rootstuff/ should be mode 0770 or stricter,
> owned by the operator group; it would contain some sensitive
> information.
If you're doing this, especially if you're doing this on multiple
machines, creating a package is probably a worthwhile thing to
contemplate as well.
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2006-01-19 6:23 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-01-19 3:43 /etc in git? Adam Hunt
2006-01-19 4:35 ` Junio C Hamano
2006-01-19 4:40 ` Adam Hunt
2006-01-19 4:59 ` H. Peter Anvin
2006-01-19 5:05 ` Junio C Hamano
2006-01-19 6:23 ` Ryan Anderson [this message]
2006-01-19 7:50 ` Junio C Hamano
2006-01-19 9:41 ` [PATCH] Support precise tracking of file modes Petr Baudis
2006-01-19 18:25 ` Junio C Hamano
2006-01-19 18:46 ` Petr Baudis
2006-01-20 15:27 ` Alex Riesen
2006-01-20 14:16 ` Peter Baumann
2006-01-20 13:50 ` /etc in git? Ryan Anderson
2006-01-20 17:55 ` Junio C Hamano
2006-01-19 16:54 ` Joel Becker
2006-01-19 22:22 ` Daniel Barkalow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43CF3061.2030504@michonline.com \
--to=ryan@michonline.com \
--cc=git@vger.kernel.org \
--cc=junkio@cox.net \
--cc=kinema@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.