On Mon, Aug 24, 2009 at 11:57:25AM -0400, Maxim Khitrov wrote: > Hello all, > > I'm setting up a firewall using FreeBSD 7.2 and thought that it may > not be a bad idea to have a continuous backup for important files like > pf and dnsmasq configurations. <snip> > My initial thought was to create a mercurial repository at the file > system root and exclude everything except for explicitly added files. > I'd then run something like "hg commit -m `date`" from cron every 10 > minutes to record the changes automatically.
Isn't this ass-backwards? Configuration files shouldn't change suddenly. My system is to keep all configuration files that I have changed from their defaults in a revision control system repository. That is where I add and (after testing) commit changes to those files. I then use an install script to copy changed files (based on SHA1 checksum) to their correct location in /etc or /usr/local/etc and run restart commands if necessary. So installation is always done from the repository to the filesystem. If a change doesn't work I just check out the last good version of the file(s), re-run the install script and we're back to normal. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
Description: PGP signature