[packages/etckeeper] do not ignore crucial system configuration data - this made etckeeper pointless, nobody excludes pri

gotar gotar at pld-linux.org
Sun Jul 31 01:01:13 CEST 2016 

commit 83b309717135571f5add81c6883e4a5505239526
Author: Tomasz Pala <gotar at pld-linux.org>
Date:   Sun Jul 31 00:48:39 2016 +0200

    do not ignore crucial system configuration data - this made etckeeper
    pointless, nobody excludes private data from backups; need for securing
    VCS repo is obvious and mentioned in every documentation out there

 update-ignore.patch | 50 +++++++++++++++++---------------------------------
 1 file changed, 17 insertions(+), 33 deletions(-)
---
diff --git a/update-ignore.patch b/update-ignore.patch
index cbeb292..42cc71d 100644
--- a/update-ignore.patch
+++ b/update-ignore.patch
@@ -1,21 +1,5 @@
 --- etckeeper-1.10/update-ignore.d/01update-ignore	2013-11-14 15:33:56.904100141 +0200
 +++ etckeeper-1.10/update-ignore.d/01update-ignore	2014-02-03 11:58:25.578526063 +0000
-@@ -103,11 +103,10 @@
- 	
- 	comment "old versions of files"
- 	ignore "*.old"
--	# Not currently ignored as admins tend to rely on these files.
--	#ignore "passwd-"
--	#ignore "group-"
--	#ignore "shadow-"
--	#ignore "gshadow-"
-+	ignore "passwd-"
-+	ignore "group-"
-+	ignore "shadow-"
-+	ignore "gshadow-"
- 	nl
- 
- 	comment "mount(8) records system state here, no need to store these"
 @@ -146,11 +145,80 @@
  	ignore "cups/subscriptions.conf.O"
  	ignore "fake-hwclock.data"
@@ -24,15 +8,15 @@
 +	comment "PLD Linux addons"
 +	comment "ca-certificates: generated content"
 +	ignore "certs/ca-certificates.crt"
-+	ignore "openssl/certs/*"
++	#ignore "openssl/certs/*"
 +	ignore "udev/hwdb*"
 +
 +	comment "bash-completion"
 +	ignore "bash_completion.d/*"
 +	ignore "bash_completion"
 +
-+	comment "openldap"
-+	ignore "ldap.secret"
++	#comment "openldap"
++	#ignore "ldap.secret"
 +
 +	comment "postfix"
 +	ignore "mail/*.db"
@@ -51,28 +35,28 @@
 +	comment "zsh compiled"
 +	ignore "*.zwc"
 +
-+	comment "sshd keys"
-+	ignore "ssh/ssh_*_key*"
++	#comment "sshd keys"
++	#ignore "ssh/ssh_*_key*"
 +
-+	comment "bacula passwords"
-+	ignore "bacula/*-password"
++	#comment "bacula passwords"
++	#ignore "bacula/*-password"
 +
-+	comment "chef secret"
-+	ignore "chef/encrypted_data_bag_secret"
++	#comment "chef secret"
++	#ignore "chef/encrypted_data_bag_secret"
 +
 +	comment "visudo tmp"
 +	ignore "sudoers.tmp"
 +
-+	comment "secrets"
-+	ignore "crypttab"
-+	ignore "shadow"
-+	ignore "passwd"
++	#comment "secrets"
++	#ignore "crypttab"
++	#ignore "shadow"
++	#ignore "passwd"
 +
-+	comment "certificates"
-+	ignore "httpd/ssl/"
++	#comment "certificates"
++	#ignore "httpd/ssl/"
 +
-+	comment "ntp keys"
-+	ignore "ntp/keys"
++	#comment "ntp keys"
++	#ignore "ntp/keys"
 +
 +	comment "ssh-blacklists"
 +	ignore "ssh/blacklist.DSA-1024"
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/etckeeper.git/commitdiff/b149b6f0a7527e7201b7a6e97a1e9df521503728

More information about the pld-cvs-commit mailing list