Codebase list metche / 825f6f9 metche.8
825f6f9

Tree @825f6f9 (Download .tar.gz)

metche.8 @825f6f9raw · history · blame 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
.TH METCHE 8 "June 5, 2011" "metche user manual"
.SH NAME
.PP
metche - reducing root bus factor
.SH SYNOPSIS
.PP
\f[CR]
      metche\ [-h\ VSERVER]\ report\ (stable|testing|unstable)-YYYYMMDDHHMM
      metche\ [-h\ VSERVER]\ list
      metche\ [-h\ VSERVER]\ stabilize\ testing-YYYYMMDDHHMM
\f[]
.SH DESCRIPTION
.PP
metche is a tool meant to ease collective system administration by
monitoring changes in the system configuration.
.PP
metche basic usage is to monitor changes in a directory, usually
\f[B]/etc\f[]; optionally, metche can also monitor:
.IP \[bu] 2
one or more user maintained changelog files,
.IP \[bu] 2
the state of Debian packages and versions.
.PP
metche should be installed with a cronjob that regularly runs to
automatically save the system state as needed.
These states are saved in a way similar to the Debian development
model:
.IP \[bu] 2
\f[I]unstable\f[] states are saved as soon as a change is detected.
They are kept until a new \f[I]testing\f[] state appears.
.IP \[bu] 2
\f[I]testing\f[] states is created from the last \f[I]unstable\f[]
state that has not been changed after a short amount of time (by
default, one hour).
Old \f[I]unstable\f[] states are deleted afterwards.
.IP \[bu] 2
\f[I]stable\f[] states are created from the last \f[I]testing\f[]
state, either manually, or after a long amount of time (by default,
3 days).
Old \f[I]testing\f[] states are deleted afterwards.
.PP
When a new \f[I]testing\f[] state is saved, an email is sent to a
configurable address, giving an overwiew of the differences with
the previous \f[I]testing\f[].
A notification is also sent when a new \f[I]stable\f[] state is
saved.
.PP
metche's configuration is read from \f[B]/etc/metche.conf\f[].
Various settings like changelog monitoring or time between system
state switches are described there.
.SH OPTIONS
.PP
If \f[B]-h\ VSERVER\f[] is specified, the VServer \f[I]VSERVER\f[]
is operated on instead of the host system.
This, along with the \f[B]VSNAMES\f[] option, allows to monitor
several VServers running on the system.
.PP
One of the following commands must be specified on the command
line:
.TP
.B report
When run with the \f[I]report\f[] command, metche displays a report
against the specified saved state, or if unspecified, against the
latest testing state.
This is useful when you have broken your system and want to know
which changes have been made since a given, known working, system
state.
.RS
.RE
.TP
.B list
When run with the \f[I]list\f[] command, metche displays a list of
all the saved states.
.RS
.RE
.TP
.B stabilize
When run with the \f[I]stabilize\f[] command, metche turns a
\[lq]testing state\[rq] into a \[lq]stable state\[rq].
By default, it will use the last \[lq]testing state\[rq], but this
can be overriden by giving a specific state as argument.
.RS
.RE
.TP
.B cron
This command should not be called manually, but used from a
cronjob.
When called, it can perform various operations like: saving
\[lq]unstable\[rq], \[lq]testing\[rq] or \[lq]stable\[rq] states as
needed and sending reports and notification if configured to do so.
This command does not support the \f[B]-h\f[] option.
.RS
.RE
.SH FILES
.PP
\f[B]/etc/metche.conf\f[] contains metche configuration.
.PP
When configured to monitor one changelog, \f[B]CHANGELOG_FILE\f[]
(default: \f[B]/root/Changelog\f[]).
.PP
When configured to monitor multiple changelogs,
\f[B]CHANGELOG_DIR/*/Changelog\f[] (default:
\f[B]/root/changelogs\f[]).
.PP
System states are saved in \f[B]BACKUP_DIR\f[] (default:
\f[B]/var/lib/metche\f[]).
.SH SECURITY
.PP
metche is able to use GnuPG to encrypt the email it sends, but does
not by default; just enable the \f[B]ENCRYPT_EMAIL\f[]
configuration option, and make sure \f[B]EMAIL_ADDRESS\f[]' public
key is in root's keyring, trusted enough to be used blindly by
metche.
If \f[B]EMAIL_ADDRESS\f[] is an email alias or mailing-list's
address, you probably want to use the \f[B]group\f[] option in
\f[B]/root/.gnupg/gpg.conf\f[] so that metche reports are encrypted
for every person subscribed to this alias or mailing-list; for more
information, see \f[B]gpg(1)\f[].
.PP
When \f[B]DO_DETAILS\f[] is enabled and \f[B]ENCRYPT_EMAIL\f[] is
disabled, metche sends in \f[I]clear text email\f[] the changes
made to the watched directory\&... either make sure that the
\f[B]EXCLUDES\f[] configuration variable prevents it to send
sensitive information, or triple check that secure connections will
be used end-to-end on the email path.
If unsure, set \f[B]EMAIL_ADDRESS\f[] configuration variable to a
local mailbox.
Please note that \f[B]EMAIL_ADDRESS\f[] is not used for VServers: a
VServer's report messages are sent to its root email address.
.PP
metche stores, in \f[B]BACKUP_DIR\f[] (default:
\f[B]/var/lib/metche\f[]), various backups of \f[B]WATCHED_DIR\f[].
Make sure that this backup place is at least as secured as the
source.
.SH BUGS
.PP
See
metche's ticket system (https://labs.riseup.net/code/projects/metche/issues)
for known bugs, missing features, and the development road-map.
.SH AUTHORS
metche and this manual page were written by the boum.org collective, and are now maintained by the metche developers collective <metche@lists.riseup.net>.