| 2 | 2 |
.PP
|
| 3 | 3 |
metche - reducing root bus factor
|
| 4 | 4 |
.SH SYNOPSIS
|
| 5 | |
.PP
|
| 6 | |
\f[CR]
|
| 7 | |
metche\ [-h\ VSERVER]\ report\ (stable|testing|unstable)-YYYYMMDDHHMM
|
| 8 | |
metche\ [-h\ VSERVER]\ list
|
| 9 | |
metche\ [-h\ VSERVER]\ stabilize\ testing-YYYYMMDDHHMM
|
|
5 |
.IP
|
|
6 |
.nf
|
|
7 |
\f[C]
|
|
8 |
metche\ [-h\ VSERVER]\ report\ (stable|testing|unstable)-YYYYMMDDHHMM
|
|
9 |
metche\ [-h\ VSERVER]\ list
|
|
10 |
metche\ [-h\ VSERVER]\ stabilize\ testing-YYYYMMDDHHMM
|
| 10 | 11 |
\f[]
|
|
12 |
.fi
|
| 11 | 13 |
.SH DESCRIPTION
|
| 12 | 14 |
.PP
|
| 13 | 15 |
metche is a tool meant to ease collective system administration by
|
| 14 | 16 |
monitoring changes in the system configuration.
|
| 15 | 17 |
.PP
|
| 16 | 18 |
metche basic usage is to monitor changes in a directory, usually
|
| 17 | |
\f[B]/etc\f[]; optionally, metche can also monitor:
|
|
19 |
\f[C]/etc\f[]; optionally, metche can also monitor:
|
| 18 | 20 |
.IP \[bu] 2
|
| 19 | 21 |
one or more user maintained changelog files,
|
| 20 | 22 |
.IP \[bu] 2
|
|
| 22 | 24 |
.PP
|
| 23 | 25 |
metche should be installed with a cronjob that regularly runs to
|
| 24 | 26 |
automatically save the system state as needed.
|
| 25 | |
These states are saved in a way similar to the Debian development
|
| 26 | |
model:
|
|
27 |
These states are saved in a way similar to the Debian development model:
|
| 27 | 28 |
.IP \[bu] 2
|
| 28 | 29 |
\f[I]unstable\f[] states are saved as soon as a change is detected.
|
| 29 | 30 |
They are kept until a new \f[I]testing\f[] state appears.
|
| 30 | 31 |
.IP \[bu] 2
|
| 31 | |
\f[I]testing\f[] states is created from the last \f[I]unstable\f[]
|
| 32 | |
state that has not been changed after a short amount of time (by
|
| 33 | |
default, one hour).
|
|
32 |
\f[I]testing\f[] states is created from the last \f[I]unstable\f[] state
|
|
33 |
that has not been changed after a short amount of time (by default, one
|
|
34 |
hour).
|
| 34 | 35 |
Old \f[I]unstable\f[] states are deleted afterwards.
|
| 35 | 36 |
.IP \[bu] 2
|
| 36 | |
\f[I]stable\f[] states are created from the last \f[I]testing\f[]
|
| 37 | |
state, either manually, or after a long amount of time (by default,
|
| 38 | |
3 days).
|
|
37 |
\f[I]stable\f[] states are created from the last \f[I]testing\f[] state,
|
|
38 |
either manually, or after a long amount of time (by default, 3 days).
|
| 39 | 39 |
Old \f[I]testing\f[] states are deleted afterwards.
|
| 40 | 40 |
.PP
|
| 41 | 41 |
When a new \f[I]testing\f[] state is saved, an email is sent to a
|
| 42 | |
configurable address, giving an overwiew of the differences with
|
| 43 | |
the previous \f[I]testing\f[].
|
| 44 | |
A notification is also sent when a new \f[I]stable\f[] state is
|
| 45 | |
saved.
|
|
42 |
configurable address, giving an overwiew of the differences with the
|
|
43 |
previous \f[I]testing\f[].
|
|
44 |
A notification is also sent when a new \f[I]stable\f[] state is saved.
|
| 46 | 45 |
.PP
|
| 47 | |
metche's configuration is read from \f[B]/etc/metche.conf\f[].
|
| 48 | |
Various settings like changelog monitoring or time between system
|
| 49 | |
state switches are described there.
|
|
46 |
metche\[aq]s configuration is read from \f[C]/etc/metche.conf\f[].
|
|
47 |
Various settings like changelog monitoring or time between system state
|
|
48 |
switches are described there.
|
| 50 | 49 |
.SH OPTIONS
|
| 51 | 50 |
.PP
|
| 52 | |
If \f[B]-h\ VSERVER\f[] is specified, the VServer \f[I]VSERVER\f[]
|
| 53 | |
is operated on instead of the host system.
|
| 54 | |
This, along with the \f[B]VSNAMES\f[] option, allows to monitor
|
|
51 |
If \f[C]-h\ VSERVER\f[] is specified, the VServer \f[I]VSERVER\f[] is
|
|
52 |
operated on instead of the host system.
|
|
53 |
This, along with the \f[C]VSNAMES\f[] option, allows one to monitor
|
| 55 | 54 |
several VServers running on the system.
|
| 56 | 55 |
.PP
|
| 57 | |
One of the following commands must be specified on the command
|
| 58 | |
line:
|
|
56 |
One of the following commands must be specified on the command line:
|
| 59 | 57 |
.TP
|
| 60 | 58 |
.B report
|
| 61 | 59 |
When run with the \f[I]report\f[] command, metche displays a report
|
| 62 | |
against the specified saved state, or if unspecified, against the
|
| 63 | |
latest testing state.
|
| 64 | |
This is useful when you have broken your system and want to know
|
| 65 | |
which changes have been made since a given, known working, system
|
| 66 | |
state.
|
|
60 |
against the specified saved state, or if unspecified, against the latest
|
|
61 |
testing state.
|
|
62 |
This is useful when you have broken your system and want to know which
|
|
63 |
changes have been made since a given, known working, system state.
|
| 67 | 64 |
.RS
|
| 68 | 65 |
.RE
|
| 69 | 66 |
.TP
|
| 70 | 67 |
.B list
|
| 71 | |
When run with the \f[I]list\f[] command, metche displays a list of
|
| 72 | |
all the saved states.
|
|
68 |
When run with the \f[I]list\f[] command, metche displays a list of all
|
|
69 |
the saved states.
|
| 73 | 70 |
.RS
|
| 74 | 71 |
.RE
|
| 75 | 72 |
.TP
|
| 76 | 73 |
.B stabilize
|
| 77 | |
When run with the \f[I]stabilize\f[] command, metche turns a
|
| 78 | |
\[lq]testing state\[rq] into a \[lq]stable state\[rq].
|
| 79 | |
By default, it will use the last \[lq]testing state\[rq], but this
|
| 80 | |
can be overriden by giving a specific state as argument.
|
|
74 |
When run with the \f[I]stabilize\f[] command, metche turns a "testing
|
|
75 |
state" into a "stable state".
|
|
76 |
By default, it will use the last "testing state", but this can be
|
|
77 |
overridden by giving a specific state as argument.
|
| 81 | 78 |
.RS
|
| 82 | 79 |
.RE
|
| 83 | 80 |
.TP
|
| 84 | 81 |
.B cron
|
| 85 | |
This command should not be called manually, but used from a
|
| 86 | |
cronjob.
|
| 87 | |
When called, it can perform various operations like: saving
|
| 88 | |
\[lq]unstable\[rq], \[lq]testing\[rq] or \[lq]stable\[rq] states as
|
| 89 | |
needed and sending reports and notification if configured to do so.
|
| 90 | |
This command does not support the \f[B]-h\f[] option.
|
|
82 |
This command should not be called manually, but used from a cronjob.
|
|
83 |
When called, it can perform various operations like: saving "unstable",
|
|
84 |
"testing" or "stable" states as needed and sending reports and
|
|
85 |
notification if configured to do so.
|
|
86 |
This command does not support the \f[C]-h\f[] option.
|
| 91 | 87 |
.RS
|
| 92 | 88 |
.RE
|
| 93 | 89 |
.SH FILES
|
| 94 | 90 |
.PP
|
| 95 | |
\f[B]/etc/metche.conf\f[] contains metche configuration.
|
|
91 |
\f[C]/etc/metche.conf\f[] contains metche configuration.
|
| 96 | 92 |
.PP
|
| 97 | |
When configured to monitor one changelog, \f[B]CHANGELOG_FILE\f[]
|
| 98 | |
(default: \f[B]/root/Changelog\f[]).
|
|
93 |
When configured to monitor one changelog, \f[C]CHANGELOG_FILE\f[]
|
|
94 |
(default: \f[C]/root/Changelog\f[]).
|
| 99 | 95 |
.PP
|
| 100 | 96 |
When configured to monitor multiple changelogs,
|
| 101 | |
\f[B]CHANGELOG_DIR/*/Changelog\f[] (default:
|
| 102 | |
\f[B]/root/changelogs\f[]).
|
|
97 |
\f[C]CHANGELOG_DIR/*/Changelog\f[] (default: \f[C]/root/changelogs\f[]).
|
| 103 | 98 |
.PP
|
| 104 | |
System states are saved in \f[B]BACKUP_DIR\f[] (default:
|
| 105 | |
\f[B]/var/lib/metche\f[]).
|
|
99 |
System states are saved in \f[C]BACKUP_DIR\f[] (default:
|
|
100 |
\f[C]/var/lib/metche\f[]).
|
| 106 | 101 |
.SH SECURITY
|
| 107 | 102 |
.PP
|
| 108 | |
metche is able to use GnuPG to encrypt the email it sends, but does
|
| 109 | |
not by default; just enable the \f[B]ENCRYPT_EMAIL\f[]
|
| 110 | |
configuration option, and make sure \f[B]EMAIL_ADDRESS\f[]' public
|
| 111 | |
key is in root's keyring, trusted enough to be used blindly by
|
| 112 | |
metche.
|
| 113 | |
If \f[B]EMAIL_ADDRESS\f[] is an email alias or mailing-list's
|
| 114 | |
address, you probably want to use the \f[B]group\f[] option in
|
| 115 | |
\f[B]/root/.gnupg/gpg.conf\f[] so that metche reports are encrypted
|
| 116 | |
for every person subscribed to this alias or mailing-list; for more
|
| 117 | |
information, see \f[B]gpg(1)\f[].
|
|
103 |
metche is able to use GnuPG to encrypt the email it sends, but does not
|
|
104 |
by default; just enable the \f[C]ENCRYPT_EMAIL\f[] configuration option,
|
|
105 |
and make sure \f[C]EMAIL_ADDRESS\f[]\[aq] public key is in root\[aq]s
|
|
106 |
keyring, trusted enough to be used blindly by metche.
|
|
107 |
If \f[C]EMAIL_ADDRESS\f[] is an email alias or mailing-list\[aq]s
|
|
108 |
address, you probably want to use the \f[C]group\f[] option in
|
|
109 |
\f[C]/root/.gnupg/gpg.conf\f[] so that metche reports are encrypted for
|
|
110 |
every person subscribed to this alias or mailing-list; for more
|
|
111 |
information, see \f[C]gpg(1)\f[].
|
| 118 | 112 |
.PP
|
| 119 | |
When \f[B]DO_DETAILS\f[] is enabled and \f[B]ENCRYPT_EMAIL\f[] is
|
| 120 | |
disabled, metche sends in \f[I]clear text email\f[] the changes
|
| 121 | |
made to the watched directory\&... either make sure that the
|
| 122 | |
\f[B]EXCLUDES\f[] configuration variable prevents it to send
|
| 123 | |
sensitive information, or triple check that secure connections will
|
| 124 | |
be used end-to-end on the email path.
|
| 125 | |
If unsure, set \f[B]EMAIL_ADDRESS\f[] configuration variable to a
|
| 126 | |
local mailbox.
|
| 127 | |
Please note that \f[B]EMAIL_ADDRESS\f[] is not used for VServers: a
|
| 128 | |
VServer's report messages are sent to its root email address.
|
|
113 |
When \f[C]DO_DETAILS\f[] is enabled and \f[C]ENCRYPT_EMAIL\f[] is
|
|
114 |
disabled, metche sends in \f[I]clear text email\f[] the changes made to
|
|
115 |
the watched directory...
|
|
116 |
either make sure that the \f[C]EXCLUDES\f[] configuration variable
|
|
117 |
prevents it to send sensitive information, or triple check that secure
|
|
118 |
connections will be used end-to-end on the email path.
|
|
119 |
If unsure, set \f[C]EMAIL_ADDRESS\f[] configuration variable to a local
|
|
120 |
mailbox.
|
|
121 |
Please note that \f[C]EMAIL_ADDRESS\f[] is not used for VServers: a
|
|
122 |
VServer\[aq]s report messages are sent to its root email address.
|
| 129 | 123 |
.PP
|
| 130 | |
metche stores, in \f[B]BACKUP_DIR\f[] (default:
|
| 131 | |
\f[B]/var/lib/metche\f[]), various backups of \f[B]WATCHED_DIR\f[].
|
| 132 | |
Make sure that this backup place is at least as secured as the
|
| 133 | |
source.
|
|
124 |
metche stores, in \f[C]BACKUP_DIR\f[] (default:
|
|
125 |
\f[C]/var/lib/metche\f[]), various backups of \f[C]WATCHED_DIR\f[].
|
|
126 |
Make sure that this backup place is at least as secured as the source.
|
| 134 | 127 |
.SH BUGS
|
| 135 | 128 |
.PP
|
| 136 | |
See
|
| 137 | |
metche's ticket system (https://labs.riseup.net/code/projects/metche/issues)
|
| 138 | |
for known bugs, missing features, and the development road-map.
|
|
129 |
See metche\[aq]s ticket
|
|
130 |
system (https://labs.riseup.net/code/projects/metche/issues) for known
|
|
131 |
bugs, missing features, and the development road-map.
|
| 139 | 132 |
.SH AUTHORS
|
| 140 | |
metche and this manual page were written by the boum.org collective, and are now maintained by the metche developers collective <metche@lists.riseup.net>.
|
| 141 | |
|
|
133 |
metche and this manual page were written by the boum.org collective, and
|
|
134 |
are now maintained by the metche developers collective
|
|
135 |
<metche@lists.riseup.net>.
|