<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V3.1//EN"
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
<RefEntry id="metche">
<refmeta>
<refentrytitle>metche</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv>
<refname>metche</refname>
<refpurpose>reducing root bus factor</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>metche</command>
<arg>-h <replaceable>host</replaceable></arg>
<group choice="req">
<arg>cron</arg>
<arg>report
<arg choice="opt">
<group choice="req">
<arg>stable</arg>
<arg>testing</arg>
<arg>unstable</arg>
</group>-<replaceable>YYYYMMDDHHMM</replaceable>
</arg>
</arg>
<arg>list</arg>
<arg>stabilize <arg choice="opt">testing-<replaceable>YYYYMMDDHHMM</replaceable></arg></arg>
</group>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id="description">
<title>DESCRIPTION</title>
<Para>metche is a tool meant to facilitate collective sysadmin, by
monitoring changes in the system configuration. At least
<envar>WATCHED_DIR</envar> (default: <filename>/etc</filename>) is
monitored ; optionally, metche can also monitor :</Para>
<ItemizedList>
<ListItem>
<Para>system Changelog files located in <filename><envar>CHANGELOG_DIR</envar>/*/Changelog</filename> (default:
<filename>/root/changelogs/*/Changelog</filename>)</Para>
</ListItem>
<ListItem>
<Para>Debian packages states and versions</Para>
</ListItem>
</ItemizedList>
<Para><envar>WATCHED_DIR</envar> and <envar>CHANGELOG_DIR</envar> options
can me customized in metche's configuration file, as well as a few other
ones.</Para>
<Para>If <command>-h</command> <emphasis>HOST</emphasis> is specified,
<filename>/etc/metche/HOST.conf</filename> is used instead of
<filename>/etc/metche.conf</filename>. This, along with the
<envar>VSERVER_EXEC_PREFIX</envar> option, allows to monitor several
vservers running on a system.</Para>
<Para>Anyway, one of the following commands has to be specified on the
command line :</Para>
<VariableList>
<VarListEntry><Term><command>report</command></Term>
<ListItem>
<Para>When run with the <command>report</command> command, metche
displays a report against a given saved state, if specified, or
against the latest testing state, otherwise. This is useful when you
have broken your system and want to know which changes have been made
since a given, known working, system state.
</ListItem>
<VarListEntry><Term><command>list</command></Term>
<ListItem>
<Para>When run with the <command>list</command> command, metche
displays the full saved states list.</Para>
</ListItem>
<VarListEntry><Term><command>stabilize</command></Term>
<ListItem>
<Para>When run with the <command>stabilize</command> command, metche
turns the given "testing state", if specified, or the latest one,
otherwise, into a "stable state".</Para>
</ListItem>
<VarListEntry><Term><command>cron</command></Term>
<ListItem>
<Para>When run (usually by a cronjob) with the <command>cron</command> command, metche :
<ItemizedList>
<ListItem>
<Para>saves a "unstable", "testing", "stable" state, or none, as
needed ;</Para>
</ListItem>
<ListItem>
<Para>sends you a report if needed (see <ulink
url="https://poivron.org/dev/metche/">metche's homepage</ulink>
for an example) ;</Para>
</ListItem>
</ItemizedList>
The following algorithm is used to decide exactly what to do :
<screen>
if (no change happened for TESTING_TIME) then
if (something has changed since the last testing) then
send a report against last testing
save a new testing state
delete all saved unstable states
elif (no change happened for STABLE_TIME) then
if (something has changed since the last stable) then
save a new stable state and notify EMAIL_ADDRESS
delete all saved testing states older than STABLE_TIME
fi
fi
elif (last unstable exists) then
if (something has changed since the last unstable) then
save a new unstable state
fi
else
save a new unstable state
fi
</screen>
</Para>
</ListItem>
</VariableList>
</refsect1>
<refsect1 id="files"><title>FILES</title>
<Para><filename>/etc/metche.conf</filename> or
<filename>/etc/metche/*.conf</filename> : configuration file(s)</Para>
<Para><filename><envar>CHANGELOG_DIR</envar>/*/Changelog</filename>
(default : <filename>/root/changelogs</filename>), if Changelog monitoring
is enabled : Changelog files location</Para>
<Para><filename><envar>BACKUP_DIR</envar></filename> : directory containing
the backups</Para>
</refsect1>
<refsect1 id="security"><title>SECURITY</title>
<Para>metche is able to use GnuPG to encrypt the email it sends, but does
not by default ; just enable the <envar>ENCRYPT_EMAIL</envar> configuration
option, and make sure <envar>EMAIL_ADDRESS</envar>' public key is in root's
keyring, trusted enough to be used blindly by metche.</Para>
<Para>In its default setup (<envar>ENCRYPT_EMAIL</envar> configuration
option disabled) metche sends in <emphasis>clear text email</emphasis> the
changes made to the watched directory... either make sure that the
<envar>TAR_OPTS</envar> configuration variable prevents it to send sensitive
information, or triple check that secure connections will be used end-to-end
on the email path. If unsure, set <envar>EMAIL_ADDRESS</envar> configuration
variable to a local mailbox.</Para>
<Para>metche stores, in <envar>BACKUP_DIR</envar> (default :
<filename>/var/lib/metche</filename>), various backups of
<envar>WATCHED_DIR</envar>. Make sure that this backup place is at least as
secured as the source.
</refsect1>
<refsect1 id="bugs"><title>BUGS</title>
<Para>See <ulink url="https://poivron.org/dev/metche/">metche's ticket
system</ulink> to see the bugs, missing features, and development
road-map.</Para>
</refsect1>
<refsect1 id="author"><title>AUTHOR</title>
<Para>This manual page was written by Ben Voui
<email>intrigeri@boum.org</email>.</Para>
</refsect1>
</RefEntry>