Feature changed by: Christoph Obexer (cobexer) Feature #310713, revision 4 Title: put /etc under (git) version control openSUSE-11.4: Unconfirmed Priority Requester: Important Requested by: Christoph Obexer (cobexer) Partner organization: openSUSE.org Description: put /etc under (git) version control to track changes made to the configuration, merge new configuration options coming from package updates / security fixes an handle the case where RPM decides to create a .rpmsave - where a administrator would need to migrate all changes from the old version to the new one in order to not end up with an unusable system upon reboot. Integration in YaST would be very cool, you could have a look at what an update changed in your system, and YaST could force you to migrate changes to configuration files that are no longer in effect. there are a fewsilly things in /etc (CUPS, alsa, ld.so.cache, and the bootsplash images i recall) that cause a lot of "fake" changes, but they would be easy to "fix". - checking differences in configurations between multiple systems(to diagnose problems...) would be easy too, simply clone them and diff them, very efficient ;) . making backups of the system configuration would be easy too (simply back up /etc/.git and restoring would be non destructive in that you could check what changes will be restored) - (subversion would not work well, for example because of gconf IIRC) + -- edit: + since a related mail showed up on the opensuse-factory ml + the default fonfig files and the default system config should be put + into /usr/etc with a linear git history that tracks system updates. + when updates are done the new config should be auto merged to /etc and + conflict resolution should be done graphically by the admin (with + options to take default system config and such for inexperienced users + for example). + all tools that modify files in /etc should be updated to handle git + checkins and log messages there Use Case: there was a security update once concerning session entropy in PHP, since the php.ini has been modified on the system in question the update process created a .rpmnew file, a file i would have never found it if I had not put /etc under git version control. With git however it was easy to see the file, I moved it over the php.ini and had a look at the changes, merged them in and committed the changes. Discussion: #1: Rémy Marquis (spyhawk) (2010-10-17 17:43:04) This looks as an übercomplexified solution. Wouldn't be easier to have a script that detects .rpmnew file, runs diff over the original file and then show the results to the (advanced) user? #2: Christoph Obexer (cobexer) (2010-10-17 22:57:31) and a normal user ends up with an insecure / broken system and needs to reinstall(current situation)? the "compare the files and look at the diff" script will already exist for sure, but an improvement would be having that built right into the package management. -- openSUSE Feature: https://features.opensuse.org/310713