diff --git a/Changelog b/Changelog index e8cb9da..fc6250c 100644 --- a/Changelog +++ b/Changelog @@ -1,3 +1,11 @@ +1.2.1 (2011 06 05) + + * Support more mailers than just mutt. + Thanks to Kan-Ru Chen for the preliminary patch. + * EXCLUDES: add a bunch of VCS directories. + * documentation: add a few Q&A to the FAQ, update website and VCS + information. + 1.2 (2009 12 16) * stabilize: manual "metche stabilize" invocation and metche first run diff --git a/FAQ b/FAQ index 6922378..a32925b 100644 --- a/FAQ +++ b/FAQ @@ -86,8 +86,27 @@ contains changed files you don't want to monitor, such as status files, add them to your EXCLUDES option in metche.conf, and wait. -8. How do I configure e-mail encryption when sending metche reports to my +8. metche sends us empty reports + + The change detection method is quick but not very accurate. E.g. a + change to the mtime of a monitored file makes metche think changes + need to be reported. In case you are receiving empty reports really + often such as once every hour: most probably one of your installed + programs frequently changes the ctime or mtime of a file in /etc + without actually modifying its content. See the answer to question + #7 for details. + +9. How do I configure e-mail encryption when sending metche reports to my sysadmin collective? See the SECURITY section of metche(8). + You might also be interested in Schleuder (http://schleuder.nadir.org/). +10. Why am I receiving metche reports as attachments with + Content-Type: application/octet-stream? + + You are probably using heirloom-mailx as /usr/bin/mail. That program's + charset conversion features depend on the current locale. You may + either switch to bsd-mailx or set the LOCALE variable in metche.conf to + something better suited than "C" to the charset(s) used in the Changelog + and other monitored files. diff --git a/Makefile b/Makefile index b324467..bbbeb76 100644 --- a/Makefile +++ b/Makefile @@ -1,15 +1,11 @@ all: doc -metche-manpage.xml: metche-manpage.sgml - sgml2xml -xlower -xid $< > $@ - -metche.8: metche-manpage.xml - db2x_xsltproc -s /usr/share/sgml/docbook/stylesheet/xsl/nwalsh/manpages/docbook.xsl $< +metche.8: metche.8.markdown + pandoc --read=markdown --write=man --output=metche.8 --standalone $< doc: metche.8 clean: - rm -f metche-manpage.xml distclean: clean rm -f metche.8 diff --git a/README b/README index bd91f78..ff23349 100644 --- a/README +++ b/README @@ -1,9 +1,11 @@ metche - reducing root bus factor -homepage: https://dev.potager.org/metche/ +homepage: https://labs.riseup.net/code/projects/metche +Git repository: git://labs.riseup.net/metche.git dev team: metche AT lists DOT riseup DOT net ,------------------------------------------------------------------------------- | Copyright (C) 2004-2006 boum.org collective - property is theft ! +| Copyright (C) 2009-2011 metche developers `------------------------------------------------------------------------------- This program is free software; you can redistribute it and/or modify it under @@ -29,11 +31,12 @@ . $WATCHED_DIR (default: /etc) . $CHANGELOG_FILE (default /root/Changelog) or $CHANGELOG_DIR/*/Changelog (default: /root/changelogs/*/Changelog) - . Debian packages states and versions (using apt-show-versions) + . Debian packages states and versions if $DO_PACKAGES is set to "yes" + (default: no) to $BACKUP_DIR (default: /var/lib/metche). - send a nicely formatted email to a defined email address, listing the last changes that have been made to the system. - See https://dev.potager.org/metche/ for an example. + See https://labs.riseup.net/code/projects/metche for an example. ,------------------------------------------------------------------------------- | BASIC USAGE @@ -57,7 +60,7 @@ * Debian GNU/Linux and apt-show-versions (if Debian package monitoring is enabled) - * mutt + * mutt or mail or sendmail * bzip2 * If you want metche to encrypt the email it sends: gnupg * If you want metche to monitor your vservers as well: util-vserver tools diff --git a/metche b/metche index 5fa1cb3..617ef32 100755 --- a/metche +++ b/metche @@ -1,11 +1,9 @@ #! /bin/bash # -*- mode: sh; sh-basic-offset: 4; indent-tabs-mode: nil; -*- # -# SVN version: $Id: metche 210 2009-12-01 11:21:51Z intrigeri $ -# $URL: https://dev.potager.org/svn/metche/upstream/trunk/metche $ -# # metche: reducing root bus factor # Copyright (C) 2004-2006 boum.org collective - property is theft ! +# Copyright (C) 2009-2011 metche developers # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -73,15 +71,34 @@ fi } +add_header() { + local subject="$1" + echo "Subject: $subject" + echo "To: $EMAIL_ADDRESS" + echo + cat +} + +_mail() { + local subject="$1" + if which mutt > /dev/null ; then + LC_ALL="$LOCALE" mutt -s "$subject" "$EMAIL_ADDRESS" + elif which mail > /dev/null ; then + LC_ALL="$LOCALE" mail -s "$subject" "$EMAIL_ADDRESS" + elif [ -x /usr/sbin/sendmail ]; then + LC_ALL="$LOCALE" add_header "$subject"|/usr/sbin/sendmail "$EMAIL_ADDRESS" + fi +} + email() { debug "* email $@ to $EMAIL_ADDRESS" local subject="`current_system` - $_MAIL_SUBJECT : $1" if [ $ENCRYPT_EMAIL = "yes" ]; then LC_ALL="$LOCALE" gpg --batch --armor --encrypt \ --recipient "$EMAIL_ADDRESS" | - LC_ALL="$LOCALE" mutt -s "$subject" "$EMAIL_ADDRESS" + LC_ALL="$LOCALE" _mail "$subject" else - LC_ALL="$LOCALE" mutt -s "$subject" "$EMAIL_ADDRESS" + LC_ALL="$LOCALE" _mail "$subject" fi } @@ -107,7 +124,8 @@ EMAIL_ADDRESS="root@`hostname -f`" ENCRYPT_EMAIL="no" SEND_STABLE_REPORTS="yes" -EXCLUDES="*.swp #* *~ *.gpg *.key ifstate adjtime ld.so.cache shadow* \ +EXCLUDES=".git _darcs .svn .bzr CVS .hg _FOSSIL_ \ + *.swp #* *~ *.gpg *.key ifstate adjtime ld.so.cache shadow* \ .cache .gnupg blkid.tab* aumixrc net.enable mtab backup.d \ vdirbase run.rev vdir run.rev \ prng_exch smtp_scache.pag smtpd_scache.pag \ diff --git a/metche.8 b/metche.8 index c464e6a..045683f 100644 --- a/metche.8 +++ b/metche.8 @@ -1,228 +1,142 @@ -'\" t -.\" Title: metche -.\" Author: [see the "AUTHOR" section] -.\" Generator: DocBook XSL Stylesheets v1.75.2 -.\" Date: 12/16/2009 -.\" Manual: [FIXME: manual] -.\" Source: [FIXME: source] -.\" Language: English -.\" -.TH "METCHE" "8" "12/16/2009" "[FIXME: source]" "[FIXME: manual]" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -metche \- reducing root bus factor -.SH "SYNOPSIS" -.HP \w'\fBmetche\fR\ 'u -\fBmetche\fR [\-h\ \fIvserver\fR] {[report\ [\ {[stable]\ |\ [testing]\ |\ [unstable]}\-\fIYYYYMMDDHHMM\fR\ ]] | [list] | [stabilize\ [testing\-\fIYYYYMMDDHHMM\fR]]} -.SH "DESCRIPTION" +.TH METCHE 8 "June 5, 2011" "metche user manual" +.SH NAME .PP -metche is a tool meant to ease collective system administration by monitoring changes in the system configuration\&. +metche - reducing root bus factor +.SH SYNOPSIS +.PP +\f[CR] + metche\ [-h\ VSERVER]\ report\ (stable|testing|unstable)-YYYYMMDDHHMM + metche\ [-h\ VSERVER]\ list + metche\ [-h\ VSERVER]\ stabilize\ testing-YYYYMMDDHHMM +\f[] +.SH DESCRIPTION +.PP +metche is a tool meant to ease collective system administration by +monitoring changes in the system configuration. .PP metche basic usage is to monitor changes in a directory, usually -/etc -; optionally, metche can also monitor: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} +\f[B]/etc\f[]; optionally, metche can also monitor: +.IP \[bu] 2 one or more user maintained changelog files, +.IP \[bu] 2 +the state of Debian packages and versions. +.PP +metche should be installed with a cronjob that regularly runs to +automatically save the system state as needed. +These states are saved in a way similar to the Debian development +model: +.IP \[bu] 2 +\f[I]unstable\f[] states are saved as soon as a change is detected. +They are kept until a new \f[I]testing\f[] state appears. +.IP \[bu] 2 +\f[I]testing\f[] states is created from the last \f[I]unstable\f[] +state that has not been changed after a short amount of time (by +default, one hour). +Old \f[I]unstable\f[] states are deleted afterwards. +.IP \[bu] 2 +\f[I]stable\f[] states are created from the last \f[I]testing\f[] +state, either manually, or after a long amount of time (by default, +3 days). +Old \f[I]testing\f[] states are deleted afterwards. +.PP +When a new \f[I]testing\f[] state is saved, an email is sent to a +configurable address, giving an overwiew of the differences with +the previous \f[I]testing\f[]. +A notification is also sent when a new \f[I]stable\f[] state is +saved. +.PP +metche's configuration is read from \f[B]/etc/metche.conf\f[]. +Various settings like changelog monitoring or time between system +state switches are described there. +.SH OPTIONS +.PP +If \f[B]-h\ VSERVER\f[] is specified, the VServer \f[I]VSERVER\f[] +is operated on instead of the host system. +This, along with the \f[B]VSNAMES\f[] option, allows to monitor +several VServers running on the system. +.PP +One of the following commands must be specified on the command +line: +.TP +.B report +When run with the \f[I]report\f[] command, metche displays a report +against the specified saved state, or if unspecified, against the +latest testing state. +This is useful when you have broken your system and want to know +which changes have been made since a given, known working, system +state. +.RS .RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -the state of Debian packages and versions\&. +.TP +.B list +When run with the \f[I]list\f[] command, metche displays a list of +all the saved states. +.RS .RE +.TP +.B stabilize +When run with the \f[I]stabilize\f[] command, metche turns a +\[lq]testing state\[rq] into a \[lq]stable state\[rq]. +By default, it will use the last \[lq]testing state\[rq], but this +can be overriden by giving a specific state as argument. +.RS +.RE +.TP +.B cron +This command should not be called manually, but used from a +cronjob. +When called, it can perform various operations like: saving +\[lq]unstable\[rq], \[lq]testing\[rq] or \[lq]stable\[rq] states as +needed and sending reports and notification if configured to do so. +This command does not support the \f[B]-h\f[] option. +.RS +.RE +.SH FILES .PP -metche should be installed with a cronjob that regularly runs to automatically save the system state as needed\&. These states are saved in a way similar to the Debian development model: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -\fIunstable\fR -states are saved as soon as a change is detected\&. They are kept until a new -\fItesting\fR -state appears\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -\fItesting\fR -states is created from the last -\fIunstable\fR -state that has not been changed after a short amount of time (by default, one hour)\&. Old -\fIunstable\fR -states are deleted afterwards\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -\fIstable\fR -states are created from the last -\fItesting\fR -state, either manually, or after a long amount of time (by default, 3 days)\&. Old -\fItesting\fR -states are deleted afterwards\&. -.RE +\f[B]/etc/metche.conf\f[] contains metche configuration. .PP -When a new -\fItesting\fR -state is saved, an email is sent to a configurable address, giving an overwiew of the differences with the previous -\fItesting\fR\&. A notification is also sent when a new -\fIstable\fR -state is saved\&. -.PP -metche\*(Aqs configuration is read from -/etc/metche\&.conf\&. Various settings like changelog monitoring or time between system state switches are described there\&. -.SH "OPTIONS" -.PP -If -\fB\-h\fR -\fIVSERVER\fR -is specified, the VServer -\fIVSERVER\fR -is operated on instead of the host system\&. This, along with the -\fBVSNAMES\fR -option, allows to monitor several VServers running on the system\&. -.PP -One of the following commands must be specified on the command line: -.PP -\fBreport\fR -.RS 4 -When run with the -\fBreport\fR -command, metche displays a report against the specified saved state, or if unspecified, against the latest testing state\&. This is useful when you have broken your system and want to know which changes have been made since a given, known working, system state\&. -.RE -.PP -\fBlist\fR -.RS 4 -When run with the -\fBlist\fR -command, metche displays a list of all the saved states\&. -.RE -.PP -\fBstabilize\fR -.RS 4 -When run with the -\fBstabilize\fR -command, metche turns a "testing state" into a "stable state"\&. By default, it will use the last "testing state", but this can be overriden by giving a specific state as argument\&. -.RE -.PP -\fBcron\fR -.RS 4 -This command should not be called manually, but used from a cronjob\&. When called, it can perform various operations like: saving "unstable", "testing" or "stable" states as needed and sending reports and notification if configured to do so\&. This command does not support the -\fB\-h\fR -option\&. -.RE -.SH "FILES" -.PP -/etc/metche\&.conf -contains metche configuration\&. -.PP -When configured to monitor one changelog, -\fBCHANGELOG_FILE\fR -(default: -/root/Changelog)\&. +When configured to monitor one changelog, \f[B]CHANGELOG_FILE\f[] +(default: \f[B]/root/Changelog\f[]). .PP When configured to monitor multiple changelogs, -CHANGELOG_DIR/*/Changelog -(default: -/root/changelogs)\&. +\f[B]CHANGELOG_DIR/*/Changelog\f[] (default: +\f[B]/root/changelogs\f[]). .PP -System states are saved in -\fBBACKUP_DIR\fR -(default: -/var/lib/metche)\&. -.SH "SECURITY" +System states are saved in \f[B]BACKUP_DIR\f[] (default: +\f[B]/var/lib/metche\f[]). +.SH SECURITY .PP -metche is able to use GnuPG to encrypt the email it sends, but does not by default; just enable the -\fBENCRYPT_EMAIL\fR -configuration option, and make sure -\fBEMAIL_ADDRESS\fR\*(Aq public key is in root\*(Aqs keyring, trusted enough to be used blindly by metche\&. If -\fBEMAIL_ADDRESS\fR -is an email alias or mailing\-list\*(Aqs address, you probably want to use the -\fBgroup\fR -option in -/root/\&.gnupg/gpg\&.conf -so that metche reports are encrypted for every person subscribed to this alias or mailing\-list; for more information, see -gpg(1)\&. +metche is able to use GnuPG to encrypt the email it sends, but does +not by default; just enable the \f[B]ENCRYPT_EMAIL\f[] +configuration option, and make sure \f[B]EMAIL_ADDRESS\f[]' public +key is in root's keyring, trusted enough to be used blindly by +metche. +If \f[B]EMAIL_ADDRESS\f[] is an email alias or mailing-list's +address, you probably want to use the \f[B]group\f[] option in +\f[B]/root/.gnupg/gpg.conf\f[] so that metche reports are encrypted +for every person subscribed to this alias or mailing-list; for more +information, see \f[B]gpg(1)\f[]. .PP -When -\fBDO_DETAILS\fR -is enabled and -\fBENCRYPT_EMAIL\fR -is disabled, metche sends in -\fIclear text email\fR -the changes made to the watched directory\&.\&.\&. either make sure that the -\fBEXCLUDES\fR -configuration variable prevents it to send sensitive information, or triple check that secure connections will be used end\-to\-end on the email path\&. If unsure, set -\fBEMAIL_ADDRESS\fR -configuration variable to a local mailbox\&. Please note that -\fBEMAIL_ADDRESS\fR -is not used for VServers: a VServer\*(Aqs report messages are sent to its root email address\&. +When \f[B]DO_DETAILS\f[] is enabled and \f[B]ENCRYPT_EMAIL\f[] is +disabled, metche sends in \f[I]clear text email\f[] the changes +made to the watched directory\&... either make sure that the +\f[B]EXCLUDES\f[] configuration variable prevents it to send +sensitive information, or triple check that secure connections will +be used end-to-end on the email path. +If unsure, set \f[B]EMAIL_ADDRESS\f[] configuration variable to a +local mailbox. +Please note that \f[B]EMAIL_ADDRESS\f[] is not used for VServers: a +VServer's report messages are sent to its root email address. .PP -metche stores, in -\fBBACKUP_DIR\fR -(default : -/var/lib/metche), various backups of -\fBWATCHED_DIR\fR\&. Make sure that this backup place is at least as secured as the source\&. -.SH "BUGS" +metche stores, in \f[B]BACKUP_DIR\f[] (default: +\f[B]/var/lib/metche\f[]), various backups of \f[B]WATCHED_DIR\f[]. +Make sure that this backup place is at least as secured as the +source. +.SH BUGS .PP See -\m[blue]\fBmetche\*(Aqs ticket system\fR\m[]\&\s-2\u[1]\d\s+2 -for known bugs, missing features, and the development road\-map\&. -.SH "AUTHOR" -.PP -metche and this manual page were written by the boum\&.org collective -metche@lists\&.riseup\&.net\&. -.SH "NOTES" -.IP " 1." 4 -metche's ticket system -.RS 4 -\%https://dev.potager.org/metche/ -.RE +metche's ticket system (https://labs.riseup.net/code/projects/metche/issues) +for known bugs, missing features, and the development road-map. +.SH AUTHORS +metche and this manual page were written by the boum.org collective, and are now maintained by the metche developers collective . + diff --git a/metche.conf.default b/metche.conf.default index bcf5a35..c0dc3fe 100644 --- a/metche.conf.default +++ b/metche.conf.default @@ -51,7 +51,8 @@ # - "printcap" when cups browsing feature are used. # # Example (default value): -#EXCLUDES="*.swp #* *~ *.gpg *.key ifstate adjtime ld.so.cache shadow* \ +#EXCLUDES=".git _darcs .svn .bzr CVS .hg _FOSSIL_ \ +# *.swp #* *~ *.gpg *.key ifstate adjtime ld.so.cache shadow* \ # .cache .gnupg blkid.tab* aumixrc net.enable mtab backup.d \ # vdirbase run.rev vdir run.rev \ # prng_exch smtp_scache.pag smtpd_scache.pag \