The arrow of time

Ivan Voras' blog

Home · Versioning configuration files with Mercurial

Versioning configuration files with Mercurial

One common administrative problem is how to protect from misconfiguration, or at least have a source of known-good configuration to use when the production breaks. One possible solution for this is to put all configuration files (in /etc) in a VCS like CVS. Of course CVS is not the only one...

Keywords: FreeBSD, Mercurial, hg

By "configuration files" I mean "the contents of /etc and /usr/local/etc". Since I've been in the situation where I'd very much like to know how a file looked like on a particular day or before I started tampering with it, I've started putting my etc directories in Mercurial (hg).

Why Mercurial? No particular reason. At first I used CVS because it's in the base system but then it just became annoying dealing with the little things like doing "import" and then removing the directories and then cheking them out again, finding files that have changed somewhere deep in the directory structures and having all those "CVS" directories around. I still think of the "distributed" VCSes (like Mercurial) to be "VCS lite" since I like the concept of having a central repository, but for having a in-directory backup of the directory's contents, hg is good enough. There's a bit of additional security in having the backups on a remote site, but that can also be done with hg so nothing is lost here. Mercurial is a light-weight VCS so it doesn't contain some of the more advanced features, and it's written in Python so it requires a Python installation to work.

Mercurial (hg) stores everything it needs (literally - the whole "repository") in a directory named .hg in the tracked directory. After doing

# cd /etc
# hg init
# hg add *
# hg commit

everything, including data in subdirectories, will be recorded in the various files in .hg directory. Most of the files are binary (and compressed) so there's nothing viewable there. One important additional thing is to reset the file permissions in /etc/.hg. Since the above "hg add" will record everything, including master.passwd and spwd.db, something like

# chmod -R go-rwx /etc/.hg

will be needed.

For automation (e.g. cron-driven checkins of changed files every day, etc.), two things can be checked. First. the output of "hg add" needs to be examined for new files (it will also check within directories):

hg -q add * |& grep -v "already tracked"

Then "hg status" can be used to see if there are any changed files. If any of these conditions are true, the changes should be committed:

hg commit -m "Changelog message"

The file .hgignore can be used to automatically ignore certain files, just like .cvsignore. The activity log (changelog) can be examined, expectedly, with:

hg log

Checking out the repository and viewing a certain version is a bit specific with distributed VCSes like Mercurial. In effect, another repository needs to be created and changes pulled from the first one, then the repository updated to the desired revision ID:

# cd
# mkdir etc
# cd etc
# hg init
# hg pull /etc
# hg update -r 42

This will pull the repository from /etc and update the working copy to revision 42. In this state, files can be compared to those in /etc, correct action taken, etc.

Posted on 2008-08-30T20:38 by ivoras

#1 You can diff against arbitrary revisions

Added on 2009-02-07T07:16 by Giorgos Keramidas

You can diff the 'working copy' of you hg versioned /etc against any past revision too:

cd /etc
hg diff -r 42 | le

This also works when diff'ing two past revisions:

cd /etc
hg diff -r 42:44 rc.d | le

Post your comment here!

Your name:
Comment title:
Text:
Type "xxx" here:

Comments are subject to moderation and will be deleted if deemed inappropriate. All content is © Ivan Voras. Comments are owned by their authors... who agree to basically surrender all rights by publishing them here :)