0 | |
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V3.1//EN"
|
1 | |
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
|
2 | |
|
3 | |
<RefEntry id="metche">
|
4 | |
|
5 | |
<refmeta>
|
6 | |
<refentrytitle>metche</refentrytitle>
|
7 | |
<manvolnum>8</manvolnum>
|
8 | |
</refmeta>
|
9 | |
|
10 | |
<refnamediv>
|
11 | |
<refname>metche</refname>
|
12 | |
<refpurpose>reducing root bus factor</refpurpose>
|
13 | |
</refnamediv>
|
14 | |
|
15 | |
<refsynopsisdiv>
|
16 | |
<cmdsynopsis>
|
17 | |
<command>metche</command>
|
18 | |
<arg>-h <replaceable>vserver</replaceable></arg>
|
19 | |
<group choice="req">
|
20 | |
<arg>report
|
21 | |
<arg choice="opt">
|
22 | |
<group choice="req">
|
23 | |
<arg>stable</arg>
|
24 | |
<arg>testing</arg>
|
25 | |
<arg>unstable</arg>
|
26 | |
</group>-<replaceable>YYYYMMDDHHMM</replaceable>
|
27 | |
</arg>
|
28 | |
</arg>
|
29 | |
<arg>list</arg>
|
30 | |
<arg>stabilize <arg choice="opt">testing-<replaceable>YYYYMMDDHHMM</replaceable></arg></arg>
|
31 | |
</group>
|
32 | |
</cmdsynopsis>
|
33 | |
</refsynopsisdiv>
|
34 | |
|
35 | |
<refsect1 id="description">
|
36 | |
|
37 | |
<title>DESCRIPTION</title>
|
38 | |
|
39 | |
<Para>metche is a tool meant to ease collective system administration by
|
40 | |
monitoring changes in the system configuration.</Para>
|
41 | |
|
42 | |
<Para>metche basic usage is to monitor changes in a directory, usually
|
43 | |
<filename>/etc</filename> ; optionally, metche can also
|
44 | |
monitor:</Para>
|
45 | |
<ItemizedList>
|
46 | |
<ListItem>
|
47 | |
<Para>one or more user maintained changelog files,</Para>
|
48 | |
</ListItem>
|
49 | |
<ListItem>
|
50 | |
<Para>the state of Debian packages and versions.</Para>
|
51 | |
</ListItem>
|
52 | |
</ItemizedList>
|
53 | |
|
54 | |
<Para>metche should be installed with a cronjob that regularly runs to
|
55 | |
automatically save the system state as needed. These states are saved in a
|
56 | |
way similar to the Debian development model:</Para>
|
57 | |
<ItemizedList>
|
58 | |
<ListItem>
|
59 | |
<Para><emphasis>unstable</emphasis> states are saved as soon as
|
60 | |
a change is detected. They are kept until a new
|
61 | |
<emphasis>testing</emphasis> state appears.</Para>
|
62 | |
</ListItem>
|
63 | |
<ListItem>
|
64 | |
<Para><emphasis>testing</emphasis> states is created from the last
|
65 | |
<emphasis>unstable</emphasis> state that has not been changed
|
66 | |
after a short amount of time (by default, one hour). Old
|
67 | |
<emphasis>unstable</emphasis> states are deleted afterwards.</Para>
|
68 | |
</ListItem>
|
69 | |
<ListItem>
|
70 | |
<Para><emphasis>stable</emphasis> states are created from the last
|
71 | |
<emphasis>testing</emphasis> state, either manually, or after a
|
72 | |
long amount of time (by default, 3 days). Old <emphasis
|
73 | |
>testing</emphasis> states are deleted afterwards.</Para>
|
74 | |
</ListItem>
|
75 | |
</ItemizedList>
|
76 | |
|
77 | |
<Para>When a new <emphasis>testing</emphasis> state is saved, an email is
|
78 | |
sent to a configurable address, giving an overwiew of
|
79 | |
the differences with the previous <emphasis>testing</emphasis>.
|
80 | |
A notification is also sent when a new <emphasis>stable</emphasis> state is
|
81 | |
saved.</Para>
|
82 | |
|
83 | |
<Para>metche's configuration is read from
|
84 | |
<filename>/etc/metche.conf</filename>. Various settings like changelog
|
85 | |
monitoring or time between system state switches are described
|
86 | |
there.</Para>
|
87 | |
|
88 | |
</refsect1>
|
89 | |
<refsect1 id="options">
|
90 | |
|
91 | |
<title>OPTIONS</title>
|
92 | |
|
93 | |
<Para>If <command>-h</command> <emphasis>VSERVER</emphasis> is specified,
|
94 | |
the VServer <emphasis>VSERVER</emphasis> is operated on instead of
|
95 | |
the host system. This, along with the <envar>VSNAMES</envar> option,
|
96 | |
allows to monitor several VServers running on the system.</Para>
|
97 | |
|
98 | |
<Para>One of the following commands must be specified on the
|
99 | |
command line:</Para>
|
100 | |
|
101 | |
<VariableList>
|
102 | |
|
103 | |
<VarListEntry><Term><command>report</command></Term>
|
104 | |
<ListItem>
|
105 | |
<Para>When run with the <command>report</command> command, metche
|
106 | |
displays a report against the specified saved state, or if unspecified,
|
107 | |
against the latest testing state. This is useful when you
|
108 | |
have broken your system and want to know which changes have been made
|
109 | |
since a given, known working, system state.</Para>
|
110 | |
</ListItem>
|
111 | |
</VarListEntry>
|
112 | |
|
113 | |
<VarListEntry><Term><command>list</command></Term>
|
114 | |
<ListItem>
|
115 | |
<Para>When run with the <command>list</command> command, metche
|
116 | |
displays a list of all the saved states.</Para>
|
117 | |
</ListItem>
|
118 | |
</VarListEntry>
|
119 | |
|
120 | |
<VarListEntry><Term><command>stabilize</command></Term>
|
121 | |
<ListItem>
|
122 | |
<Para>When run with the <command>stabilize</command> command, metche
|
123 | |
turns a "testing state" into a "stable state". By default, it will
|
124 | |
use the last "testing state", but this can be overriden by giving
|
125 | |
a specific state as argument.</Para>
|
126 | |
</ListItem>
|
127 | |
</VarListEntry>
|
128 | |
|
129 | |
<VarListEntry><Term><command>cron</command></Term>
|
130 | |
<ListItem>
|
131 | |
<Para>This command should not be called manually, but used from
|
132 | |
a cronjob. When called, it can perform various operations like:
|
133 | |
saving "unstable", "testing" or "stable" states as needed and
|
134 | |
sending reports and notification if configured to do so. This command
|
135 | |
does not support the <command>-h</command> option.</Para>
|
136 | |
</ListItem>
|
137 | |
</VarListEntry>
|
138 | |
|
139 | |
</VariableList>
|
140 | |
|
141 | |
</refsect1>
|
142 | |
|
143 | |
<refsect1 id="files"><title>FILES</title>
|
144 | |
<Para><filename>/etc/metche.conf</filename> contains metche configuration.
|
145 | |
</Para>
|
146 | |
|
147 | |
<Para>When configured to monitor one changelog,
|
148 | |
<envar>CHANGELOG_FILE</envar> (default:
|
149 | |
<filename>/root/Changelog</filename>).
|
150 | |
</Para>
|
151 | |
|
152 | |
<Para>When configured to monitor multiple changelogs,
|
153 | |
<filename>CHANGELOG_DIR/*/Changelog</filename>
|
154 | |
(default: <filename>/root/changelogs</filename>).</Para>
|
155 | |
|
156 | |
<Para>System states are saved in
|
157 | |
<envar>BACKUP_DIR</envar> (default:
|
158 | |
<filename>/var/lib/metche)</filename>.</Para>
|
159 | |
</refsect1>
|
160 | |
|
161 | |
<refsect1 id="security"><title>SECURITY</title>
|
162 | |
<Para>metche is able to use GnuPG to encrypt the email it sends, but does
|
163 | |
not by default; just enable the <envar>ENCRYPT_EMAIL</envar> configuration
|
164 | |
option, and make sure <envar>EMAIL_ADDRESS</envar>' public key is in root's
|
165 | |
keyring, trusted enough to be used blindly by metche.
|
166 | |
If <envar>EMAIL_ADDRESS</envar> is an email alias or mailing-list's address,
|
167 | |
you probably want to use the <envar>group</envar> option
|
168 | |
in <filename>/root/.gnupg/gpg.conf</filename> so that metche reports are
|
169 | |
encrypted for every person subscribed to this alias or mailing-list; for
|
170 | |
more information, see <literal>gpg</literal>(1).</Para>
|
171 | |
|
172 | |
<Para>When <envar>DO_DETAILS</envar> is enabled and
|
173 | |
<envar>ENCRYPT_EMAIL</envar> is disabled, metche sends in <emphasis>clear
|
174 | |
text email</emphasis> the changes made to the watched directory... either
|
175 | |
make sure that the <envar>EXCLUDES</envar> configuration variable prevents
|
176 | |
it to send sensitive information, or triple check that secure connections
|
177 | |
will be used end-to-end on the email path. If unsure, set
|
178 | |
<envar>EMAIL_ADDRESS</envar> configuration variable to a local mailbox.
|
179 | |
Please note that <envar>EMAIL_ADDRESS</envar> is not used for VServers:
|
180 | |
a VServer's report messages are sent to its root email address.</Para>
|
181 | |
|
182 | |
<Para>metche stores, in <envar>BACKUP_DIR</envar> (default :
|
183 | |
<filename>/var/lib/metche</filename>), various backups of
|
184 | |
<envar>WATCHED_DIR</envar>. Make sure that this backup place is at least as
|
185 | |
secured as the source.</Para>
|
186 | |
</refsect1>
|
187 | |
|
188 | |
<refsect1 id="bugs"><title>BUGS</title>
|
189 | |
<Para>See <ulink url="https://labs.riseup.net/code/projects/metche/issues">metche's
|
190 | |
ticket system</ulink> for known bugs, missing features, and the development
|
191 | |
road-map.</Para>
|
192 | |
</refsect1>
|
193 | |
|
194 | |
<refsect1 id="author"><title>AUTHOR</title>
|
195 | |
<Para>metche and this manual page were written by the boum.org collective,
|
196 | |
and are now maintained by the metche developers collective
|
197 | |
<email>metche@lists.riseup.net</email>.</Para>
|
198 | |
</refsect1>
|
199 | |
|
200 | |
</RefEntry>
|
201 | |
|