Codebase list metche / f0498b5 metche-manpage.sgml
f0498b5

Tree @f0498b5 (Download .tar.gz)

metche-manpage.sgml @f0498b5raw · history · blame 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V3.1//EN"
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">

<RefEntry id="metche">

  <refmeta>
    <refentrytitle>metche</refentrytitle>
    <manvolnum>8</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>metche</refname>
    <refpurpose>reducing root bus factor</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <cmdsynopsis>
      <command>metche</command>
      <arg>-h <replaceable>host</replaceable></arg>
      <group choice="req">
	<arg>cron</arg>
	<arg>report
          <arg choice="opt">
            <group choice="req">
	      <arg>stable</arg>
	      <arg>testing</arg>
	      <arg>unstable</arg>
	    </group>-<replaceable>YYYYMMDDHHMM</replaceable>
          </arg>
        </arg>
	<arg>list</arg>
	<arg>stabilize <arg choice="opt">testing-<replaceable>YYYYMMDDHHMM</replaceable></arg></arg>
      </group>
    </cmdsynopsis>
  </refsynopsisdiv>
  
  <refsect1 id="description">

    <title>DESCRIPTION</title>

    <Para>metche is a tool meant to facilitate collective sysadmin by
    monitoring changes in the system configuration.</Para>
    
    <Para>At least, metche monitors one directory, usually
    <filename>/etc</filename> ; optionally, metche can also
    monitor:</Para>
    <ItemizedList>
      <ListItem>
	<Para>one ore more user maintained changelog files,
      </ListItem>
      <ListItem>
	<Para>Debian packages states and versions.</Para>
      </ListItem>
    </ItemizedList>

    <Para>metche should be installed with a cronjob regularly running to
    automatically save the system state as needed. These states are saved in a
    way looking like the Debian development model:</Para>
    <ItemizedList>
      <ListItem>
        <Para><emphasis>unstable</emphasis> states are saved as soon as
        a change is detected.  They are kept until a new
        <emphasis>testing</emphasis> state appears.</Para>
      </ListItem>
      <ListItem>
        <Para><emphasis>testing</emphasis> states is created from the last
        <emphasis>unstable</emphasis> state that has not been changed
        after a short amount of time (by default, one hour). Old
        <emphasis>unstable</emphasis> states are deleted afterwards.</Para>
      </ListItem>
      <ListItem>
        <Para><emphasis>stable</emphasis> states are created from the last
        <emphasis>testing</emphasis> state, either manually, or after a
        long amount of time (by default, 3 days). Old <emphasis
        >testing</emphasis> states are deleted afterwards.</Para>
      </ListItem>
    </ItemizedList>

    <Para>When a new <emphasis>testing</emphasis> state is saved, an email is
    sent to a configurable address, giving an overwiew of
    the differences with the previous <emphasis>testing</emphasis>.
    A notification is also sent when a new <emphasis>stable</emphasis> state is
    saved.</Para>

    <!-- XXX: add a CONFIGURATION section -->
    <Para><envar>WATCHED_DIR</envar> and <envar>CHANGELOG_DIR</envar> options
    can me customized in metche's configuration file, as well as a few other
    ones.</Para>

  </refsect1>
  <refsect1 id="options">

    <title>OPTIONS</title>

    <Para>If <command>-h</command> <emphasis>HOST</emphasis> is specified,
    <filename>/etc/metche/HOST.conf</filename> is used instead of
    <filename>/etc/metche.conf</filename>. This, along with the
    <envar>VSERVER_EXEC_PREFIX</envar> option, allows to monitor several
    vservers running on a system.</Para>

    <Para>One of the following commands must be specified on the
    command line:</Para>

    <VariableList>

    <VarListEntry><Term><command>report</command></Term>
	<ListItem>
	  <Para>When run with the <command>report</command> command, metche
	  displays a report against a given saved state, if specified, or
	  against the latest testing state, otherwise. This is useful when you
	  have broken your system and want to know which changes have been made
	  since a given, known working, system state.
	</ListItem>

      <VarListEntry><Term><command>list</command></Term>
	<ListItem>
	  <Para>When run with the <command>list</command> command, metche
	  displays the full saved states list.</Para>
	</ListItem>

      <VarListEntry><Term><command>stabilize</command></Term>
	<ListItem>
	  <Para>When run with the <command>stabilize</command> command, metche
	  turns a "testing state" into a "stable state". By default, it will
          use the last "testing state", but this can be overriden by giving
          a specific state as argument.</Para>
	</ListItem>

      <VarListEntry><Term><command>cron</command></Term>
	<ListItem>
	  <Para>This command should not be called manually, but used from
          a cronjob. When called, it can perform various operations like:
	  saving "unstable", "testing" or "stable" states as needed and
          sending reports and notification if configured to do so.</Para>
	</ListItem>

    </VariableList>

  </refsect1>

  <refsect1 id="files"><title>FILES</title>
    <Para><filename>/etc/metche.conf</filename> or
    <filename>/etc/metche/*.conf</filename> : configuration file(s)</Para>

    <Para><filename><envar>CHANGELOG_DIR</envar>/*/Changelog</filename>
    (default : <filename>/root/changelogs</filename>), if Changelog monitoring
    is enabled : Changelog files location</Para>

    <Para><filename><envar>BACKUP_DIR</envar></filename> : directory containing
    the backups</Para>
  </refsect1>

  <refsect1 id="security"><title>SECURITY</title>
    <Para>metche is able to use GnuPG to encrypt the email it sends, but does
    not by default ; just enable the <envar>ENCRYPT_EMAIL</envar> configuration
    option, and make sure <envar>EMAIL_ADDRESS</envar>' public key is in root's
    keyring, trusted enough to be used blindly by metche.</Para>

    <Para>In its default setup (<envar>ENCRYPT_EMAIL</envar> configuration
    option disabled) metche sends in <emphasis>clear text email</emphasis> the
    changes made to the watched directory... either make sure that the
    <envar>TAR_OPTS</envar> configuration variable prevents it to send sensitive
    information, or triple check that secure connections will be used end-to-end
    on the email path. If unsure, set <envar>EMAIL_ADDRESS</envar> configuration
    variable to a local mailbox.</Para>

    <Para>metche stores, in <envar>BACKUP_DIR</envar> (default :
    <filename>/var/lib/metche</filename>), various backups of
    <envar>WATCHED_DIR</envar>. Make sure that this backup place is at least as
    secured as the source.
  </refsect1>

  <refsect1 id="bugs"><title>BUGS</title>
    <Para>See <ulink url="https://poivron.org/dev/metche/">metche's ticket
    system</ulink> to see the bugs, missing features, and development
    road-map.</Para> 
  </refsect1>

  <refsect1 id="author"><title>AUTHOR</title>
    <Para>This manual page was written by the boum collective 
    <email>boum@anargeek.net</email>.</Para>
  </refsect1>

</RefEntry>