| 1 |
Hello |
| 2 |
|
| 3 |
I would like to implement a configuration management system specially |
| 4 |
tailored to Gentoo. Ever since I started using Gentoo I expected this |
| 5 |
to be implemented anytime soon as it seams to me like such an obvious |
| 6 |
extension of the current config protection. I am still surprised that |
| 7 |
this has not happened yet. |
| 8 |
|
| 9 |
Since I have given this a lot of thought over the time I have used |
| 10 |
Gentoo but never found the time to actually implement it I would like |
| 11 |
to use the opportunity that comes with soc. |
| 12 |
|
| 13 |
While protecting modified config files from being overwritten is an |
| 14 |
indispensable feature in itself, it is also somewhat lacking. To |
| 15 |
overcome some of the limitations of the simple config protection used |
| 16 |
in Gentoo it is advisable to keep the /etc directory under version |
| 17 |
control making it possible to recover older versions of config files. |
| 18 |
|
| 19 |
Used like this the repository in which /etc lives mainly functions as |
| 20 |
a backup of the files it contains. To any programmer who coded using |
| 21 |
some version control system it should be apparent that it isn't the |
| 22 |
vcs sole purpose to serve as a backup. Any vcs gives you powerful |
| 23 |
tools to branch, merge and compare various states of your code among |
| 24 |
other things. |
| 25 |
|
| 26 |
For various reasons "etc-under-version-control" loses much of the |
| 27 |
power and/or ease of use that comes with the underlying vcs. Much of |
| 28 |
this being due to the fact that the files being kept in the repository |
| 29 |
are totally unrelated. |
| 30 |
|
| 31 |
The solution to this obviously is to maintain a separate branch for |
| 32 |
each package. And just as obvious one big problem is that the config |
| 33 |
files of most applications are mangled into the same location namely |
| 34 |
/etc (and elsewhere) making hard to impossible to use normal vc |
| 35 |
commands related to branches. |
| 36 |
|
| 37 |
This can be overcome by using a wrapper around some vcs that can deal |
| 38 |
with the fact that unrelated files are kept in the same location. |
| 39 |
|
| 40 |
Using git this would look like this at it's core. |
| 41 |
|
| 42 |
export GIT_DIR=/var/confsink |
| 43 |
export GIT_WORK_TREE=/ |
| 44 |
mv $GIT_DIR/index.d/$package $GIT_DIR/index |
| 45 |
git symbolic-ref HEAD refs/heads/live/$package |
| 46 |
|
| 47 |
git do something |
| 48 |
|
| 49 |
cp $GIT_DIR/index $GIT_DIR/index.d/$package |
| 50 |
unset GIT_DIR |
| 51 |
unset GIT_WORK_TREE |
| 52 |
|
| 53 |
To those not familiar with git what this basically does is to checkout |
| 54 |
the branch containing the live files of $package without removing any |
| 55 |
files that are not part of the branch - it's faking a checkout without |
| 56 |
actually performing one. It's a bit more complex than that but this |
| 57 |
is what basically has to be done since we can not remove files not |
| 58 |
belonging to a package from /etc. We are on a live system after all |
| 59 |
and these files might be required while we configure $package. |
| 60 |
|
| 61 |
So one could simply write a shell script that extends the above mockup |
| 62 |
to be run before and after work on the config files of $package. |
| 63 |
While this would be an improvement over etc-under-vc it is still very |
| 64 |
impractial to use. |
| 65 |
|
| 66 |
|
| 67 |
What is needed is (1) a sophisticated wrapper around git which among |
| 68 |
other things (2) replaces etc-update and alike and (3) an extension to |
| 69 |
portage that automates the creation and updating of package branches |
| 70 |
while emerging packages mainly by (but not limited to ) modifying the |
| 71 |
merge step. |
| 72 |
|
| 73 |
Lets concentrate on a simplified version of (3) first: |
| 74 |
|
| 75 |
After installing $package to ${D} and after optionally performing the |
| 76 |
test step emerge checks if the package contains any config protected |
| 77 |
files. If it does then it checks out the 'vanilla' branch to ${D} or |
| 78 |
creates it if it does not exist yet. Then this is pushed to the |
| 79 |
repository ($GIT_DIR) to be found somewhere in /var. This branch is |
| 80 |
not intended to be modified by the user so emerge can safely commit |
| 81 |
any changes. |
| 82 |
|
| 83 |
The merge step has to be modified so no ._cfgxxxx_file files are |
| 84 |
created. Instead: |
| 85 |
|
| 86 |
After the files are copied to the live system and if there are no |
| 87 |
conflicts git can not resolve (there will be less conflicts than |
| 88 |
currently) the 'vanilla' branch is merged into the 'live' branch. |
| 89 |
|
| 90 |
If on the other hand automatic merging is not possible for all files |
| 91 |
then only the conflict-free files are copied to the live system and |
| 92 |
the package is added to a list of packages that have to be later |
| 93 |
merged. |
| 94 |
|
| 95 |
The live system now looks exactly the same as without confsink only |
| 96 |
that the ._cfgxxxx_file files are missing. |
| 97 |
|
| 98 |
After emerge is done it indicating what packages have to be merged. |
| 99 |
Instead of etc-update or alike the confsink command-line client has to |
| 100 |
be used to do the merge. (2) |
| 101 |
|
| 102 |
This tool won't be limited to the task of replacing etc-update. It is |
| 103 |
also used to commit changes to configuration files made during daily |
| 104 |
use. It should also support many of the operations that the |
| 105 |
underlying git supports while providing something like the above |
| 106 |
mockup split in the two obvious parts so that git can be used directly |
| 107 |
in hairy cases. This tool should feature an expert (plumbing) mode as |
| 108 |
well as a simple (porcelain) mode suitable for people not willing to |
| 109 |
learn about git. Generally the interface will be similar to that of |
| 110 |
git. |
| 111 |
|
| 112 |
|
| 113 |
I have left out many important details in above description but it |
| 114 |
should be sufficient to get an understanding of what I plan to |
| 115 |
implement and show that I have already given this idea and also it's |
| 116 |
implementation a lot thought. If something is missing don't assume I |
| 117 |
am not aware of it, but it can't hurt if you point it out anyway. For |
| 118 |
example I am well aware that a package/branch has to be in a clean |
| 119 |
state before files can be copied to the live system, and that it is |
| 120 |
critical when this test is performed. Or a user might wish to add |
| 121 |
additional files to a package. |
| 122 |
|
| 123 |
Not only does above description not contain all relevant details it |
| 124 |
also does not list most benefits that confsink offers. For one, |
| 125 |
confsink would allow easier sharing of configuration between multiple |
| 126 |
machines and even users. |
| 127 |
|
| 128 |
|
| 129 |
In summary this project involves three tasks: |
| 130 |
|
| 131 |
1. Create the confsink command-line tool as a package aware wrapper |
| 132 |
around git and as a replacement for etc-update. |
| 133 |
2. Patch emerge as required by confsink and in part making use of |
| 134 |
the confsink tool. |
| 135 |
3. Allow converting a pre-confsink installation to use confsink. |
| 136 |
|
| 137 |
And if there is enough time some extensions could be implemented: |
| 138 |
|
| 139 |
4. Provide easy way to share package configuration. |
| 140 |
5. Extend catalyst and/or metro to build a stage5 (sic) which includes |
| 141 |
configuration of selected packages. |
| 142 |
6. Emacs interface. |
| 143 |
7. Document it so that other people can implement support in other package |
| 144 |
managers not necessarly limited to paludis and pkgcore. |
| 145 |
|
| 146 |
Confsink will be implemented in python and bash, similar to portage. |
| 147 |
While I haven't used python much lately that will not be a problem. I |
| 148 |
have done a lot of git surgery lately and enjoy learning about it's |
| 149 |
internals so am able to deal with that too. (I am working on a package |
| 150 |
manager for Emacs Lisp packages making extensive use of git. And I |
| 151 |
have written some tools to import data into git from rsync and files |
| 152 |
linked on webpages.) I have also read some of portage's and git's |
| 153 |
source code in the past. |
| 154 |
|
| 155 |
|
| 156 |
Hopefully I got you interested in this idea. |
| 157 |
|
| 158 |
Best Regards, |
| 159 |
|
| 160 |
Jonas |
Archives