1 |
Hello |
2 |
|
3 |
I would like to implement a configuration management system specially |
4 |
tailored to Gentoo. Ever since I started using Gentoo I expected this |
5 |
to be implemented anytime soon as it seams to me like such an obvious |
6 |
extension of the current config protection. I am still surprised that |
7 |
this has not happened yet. |
8 |
|
9 |
Since I have given this a lot of thought over the time I have used |
10 |
Gentoo but never found the time to actually implement it I would like |
11 |
to use the opportunity that comes with soc. |
12 |
|
13 |
While protecting modified config files from being overwritten is an |
14 |
indispensable feature in itself, it is also somewhat lacking. To |
15 |
overcome some of the limitations of the simple config protection used |
16 |
in Gentoo it is advisable to keep the /etc directory under version |
17 |
control making it possible to recover older versions of config files. |
18 |
|
19 |
Used like this the repository in which /etc lives mainly functions as |
20 |
a backup of the files it contains. To any programmer who coded using |
21 |
some version control system it should be apparent that it isn't the |
22 |
vcs sole purpose to serve as a backup. Any vcs gives you powerful |
23 |
tools to branch, merge and compare various states of your code among |
24 |
other things. |
25 |
|
26 |
For various reasons "etc-under-version-control" loses much of the |
27 |
power and/or ease of use that comes with the underlying vcs. Much of |
28 |
this being due to the fact that the files being kept in the repository |
29 |
are totally unrelated. |
30 |
|
31 |
The solution to this obviously is to maintain a separate branch for |
32 |
each package. And just as obvious one big problem is that the config |
33 |
files of most applications are mangled into the same location namely |
34 |
/etc (and elsewhere) making hard to impossible to use normal vc |
35 |
commands related to branches. |
36 |
|
37 |
This can be overcome by using a wrapper around some vcs that can deal |
38 |
with the fact that unrelated files are kept in the same location. |
39 |
|
40 |
Using git this would look like this at it's core. |
41 |
|
42 |
export GIT_DIR=/var/confsink |
43 |
export GIT_WORK_TREE=/ |
44 |
mv $GIT_DIR/index.d/$package $GIT_DIR/index |
45 |
git symbolic-ref HEAD refs/heads/live/$package |
46 |
|
47 |
git do something |
48 |
|
49 |
cp $GIT_DIR/index $GIT_DIR/index.d/$package |
50 |
unset GIT_DIR |
51 |
unset GIT_WORK_TREE |
52 |
|
53 |
To those not familiar with git what this basically does is to checkout |
54 |
the branch containing the live files of $package without removing any |
55 |
files that are not part of the branch - it's faking a checkout without |
56 |
actually performing one. It's a bit more complex than that but this |
57 |
is what basically has to be done since we can not remove files not |
58 |
belonging to a package from /etc. We are on a live system after all |
59 |
and these files might be required while we configure $package. |
60 |
|
61 |
So one could simply write a shell script that extends the above mockup |
62 |
to be run before and after work on the config files of $package. |
63 |
While this would be an improvement over etc-under-vc it is still very |
64 |
impractial to use. |
65 |
|
66 |
|
67 |
What is needed is (1) a sophisticated wrapper around git which among |
68 |
other things (2) replaces etc-update and alike and (3) an extension to |
69 |
portage that automates the creation and updating of package branches |
70 |
while emerging packages mainly by (but not limited to ) modifying the |
71 |
merge step. |
72 |
|
73 |
Lets concentrate on a simplified version of (3) first: |
74 |
|
75 |
After installing $package to ${D} and after optionally performing the |
76 |
test step emerge checks if the package contains any config protected |
77 |
files. If it does then it checks out the 'vanilla' branch to ${D} or |
78 |
creates it if it does not exist yet. Then this is pushed to the |
79 |
repository ($GIT_DIR) to be found somewhere in /var. This branch is |
80 |
not intended to be modified by the user so emerge can safely commit |
81 |
any changes. |
82 |
|
83 |
The merge step has to be modified so no ._cfgxxxx_file files are |
84 |
created. Instead: |
85 |
|
86 |
After the files are copied to the live system and if there are no |
87 |
conflicts git can not resolve (there will be less conflicts than |
88 |
currently) the 'vanilla' branch is merged into the 'live' branch. |
89 |
|
90 |
If on the other hand automatic merging is not possible for all files |
91 |
then only the conflict-free files are copied to the live system and |
92 |
the package is added to a list of packages that have to be later |
93 |
merged. |
94 |
|
95 |
The live system now looks exactly the same as without confsink only |
96 |
that the ._cfgxxxx_file files are missing. |
97 |
|
98 |
After emerge is done it indicating what packages have to be merged. |
99 |
Instead of etc-update or alike the confsink command-line client has to |
100 |
be used to do the merge. (2) |
101 |
|
102 |
This tool won't be limited to the task of replacing etc-update. It is |
103 |
also used to commit changes to configuration files made during daily |
104 |
use. It should also support many of the operations that the |
105 |
underlying git supports while providing something like the above |
106 |
mockup split in the two obvious parts so that git can be used directly |
107 |
in hairy cases. This tool should feature an expert (plumbing) mode as |
108 |
well as a simple (porcelain) mode suitable for people not willing to |
109 |
learn about git. Generally the interface will be similar to that of |
110 |
git. |
111 |
|
112 |
|
113 |
I have left out many important details in above description but it |
114 |
should be sufficient to get an understanding of what I plan to |
115 |
implement and show that I have already given this idea and also it's |
116 |
implementation a lot thought. If something is missing don't assume I |
117 |
am not aware of it, but it can't hurt if you point it out anyway. For |
118 |
example I am well aware that a package/branch has to be in a clean |
119 |
state before files can be copied to the live system, and that it is |
120 |
critical when this test is performed. Or a user might wish to add |
121 |
additional files to a package. |
122 |
|
123 |
Not only does above description not contain all relevant details it |
124 |
also does not list most benefits that confsink offers. For one, |
125 |
confsink would allow easier sharing of configuration between multiple |
126 |
machines and even users. |
127 |
|
128 |
|
129 |
In summary this project involves three tasks: |
130 |
|
131 |
1. Create the confsink command-line tool as a package aware wrapper |
132 |
around git and as a replacement for etc-update. |
133 |
2. Patch emerge as required by confsink and in part making use of |
134 |
the confsink tool. |
135 |
3. Allow converting a pre-confsink installation to use confsink. |
136 |
|
137 |
And if there is enough time some extensions could be implemented: |
138 |
|
139 |
4. Provide easy way to share package configuration. |
140 |
5. Extend catalyst and/or metro to build a stage5 (sic) which includes |
141 |
configuration of selected packages. |
142 |
6. Emacs interface. |
143 |
7. Document it so that other people can implement support in other package |
144 |
managers not necessarly limited to paludis and pkgcore. |
145 |
|
146 |
Confsink will be implemented in python and bash, similar to portage. |
147 |
While I haven't used python much lately that will not be a problem. I |
148 |
have done a lot of git surgery lately and enjoy learning about it's |
149 |
internals so am able to deal with that too. (I am working on a package |
150 |
manager for Emacs Lisp packages making extensive use of git. And I |
151 |
have written some tools to import data into git from rsync and files |
152 |
linked on webpages.) I have also read some of portage's and git's |
153 |
source code in the past. |
154 |
|
155 |
|
156 |
Hopefully I got you interested in this idea. |
157 |
|
158 |
Best Regards, |
159 |
|
160 |
Jonas |