Junio C Hamano wrote: > Adam Hunt writes: > > >>Do you have any more details by chance? Does it work? Does it work >>well? How does one do it? > > > I personally feel it is a horrible and stupid thing to do, if by > "version control /etc" you mean to have /.git which controls > /etc/hosts and stuff in place. It would work (git does not > refuse to run as root). But being a *source* control system, we > deliberately refuse to store the full permission bits, so if > your /etc/shadow is mode 0600 while /etc/hosts is mode 0644, you > have to make sure they stay that way after checking things out. This is, admittedly, a major problem. If you instead take the viewpoint that the /etc/.git/ repository is for tracking textual diffs and not for serving as a backup, it should be an acceptable tool however. In my opinion, to be truly useful, it would need to also automatically commit changes during package installation, upgrade, and removal. (To be incredibly useful, it would 3-way merge changes. That, I think, is a fantasy at this time.) > > You are much better off to keep /usr/src/rootstuff/.git (and > working tree files are /usr/src/rootstuff/etc/hosts and > friends), have a build procedure (read: Makefile) there, and > version control that source directory. I usually have 'install' > and 'diff' target in that Makefile, so that I can do this: > > $ cd /usr/src/rootstuff > $ make diff ;# to see if somebody edited any targets by hand > $ edit etc/hosts > $ git diff ;# to see the source change > $ make diff ;# to see the change I am going to install > $ su > # make install; exit > $ git commit -a -m 'Add a new host.' > > Being able to run "diff" before actually doing it is very handy > and useful safety/sanity measure. > > Obviously, /usr/src/rootstuff/ should be mode 0770 or stricter, > owned by the operator group; it would contain some sensitive > information. If you're doing this, especially if you're doing this on multiple machines, creating a package is probably a worthwhile thing to contemplate as well.