It is a good idea to “version control” everything in /etc directory, so that you can track configuration changes, or recover from a previous configuration state if need be.
etckeeper is a collection of tools for versioning content, specifically in /etc directory. Uses existing revision control systems (e.g., git, bzr, mercurial, or darcs) to store version history in a corresponding backend repository. It integrates with package managers (e.g., apt, yum) to automatically commit any changes made to /etc directory during package installation, upgrade or removal. It tracks file metadata that revison control systems do not normally support, but that is important for /etc, such as the permissions of /etc/shadow.
# install w/ git the default $ (el/centos) sudo yum install etckeeper git-core | (debian/ubuntu) sudo aptitude install etckeeper git-core # or w/ bzr $ (el/centos) sudo yum install etckeeper bzr | (debian/ubuntu) sudo aptitude install etckeeper etckeeper-bzr $ cat /etc/etckeeper/etckeeper.conf VCS="bzr" # setup $ etckeeper init $ etckeeper commit "initial commit" # now can use regular git/bzr commands to handle further changes, or etckeeper vcs $ etckeeper vcs status | sudo git status $ etckeeper vcs diff /etc | sudo git diff /etc $ etckeeper commit "any comment" | sudo git commit -m "any comment" $ etckeeper vcs log /etc/sysconfig/* $ etckeeper vcs diff -r1..3 $ etckeeper vcs diff -c3 $ etckeeper vcs revert --revision 2 /etc # automatic commit changes made to /etc as part of package installation or upgrade $ yum install httpd $ etckeeper vcs log | git log --summary -1 $ etckeeper vcs diff -c5 # manually commit changes made to /etc by other commands $ passwd someuser $ git status $ git commit -a -m "changed a password" # remove/ignore some files $ git rm --cached printcap # modified by CUPS $ echo printcap >> .gitignore $ git commit -a -m "don't track printcap" # checkout a different /etc branch $ git checkout april_first_joke_etc $ etckeeper init # use clone to backup /etc to a remove server $ ssh server 'mkdir /etc-clone; cd /etc-clone; chmod 700 .; git init --bare' $ git remote add backup ssh://server/etc-clone $ git push backup --all # multiple machines, start with a etckeeper repository on one machine, then add another machine's etckeeper repository as a git remote and diff/merge them, dont checkout $ git remote add dodo ssh://dodo/etc $ git fetch dodo $ git diff dodo/master group |head