This is one approach - see the end of the page for other approaches.

Tracking /etc etc

Mercurial can be used to track host configuration, like a kind of backup of config. I use a depot in / and hgignore everything.

Files that I want to track are added on demand. Before editing an untracked file I commit it so that I can see what has been changed. After completing an admin task I review the output from "hg diff | vim -R -", check that I made the right changes, check that all relevant changes are tracked, and then I commit.

But there are some attributes that Mercurial doesn't track, such as owner and group and permissions, mtime/ctime/atime, special file system attributes. So don't try to update, that will mess things up. A restore must be done manually and carefully. Also be careful when you want to revert or stop tracking files (you might want to use hg rm --after).

Tracking symlinks like for example /etc/rc.d/rc?.d/* requires Mercurial 0.9.5. When dealing with symlinks be careful about what you are tracking: The link or the target file.

Some files in /etc/ are binary, and you probably don't want to track them. But there are files in other places that it makes sense to track. Please extend the list below with files you need track and think others would like to track too.

How to get started

cd /
hg init .
chmod go-rwx .hg
echo ^ > .hgignore

hg add \
 .hgignore \
 boot/grub/device.map \
 boot/grub/grub.conf \
 etc/aliases \
 etc/crontab \
 etc/dhcpd.conf \
 etc/dirvish/master.conf \
 etc/fstab \
 etc/group \
 etc/gshadow \
 etc/hosts \
 etc/httpd/conf.d/*.conf \
 etc/httpd/conf/httpd.conf \
 etc/inittab \
 etc/mantis/config_inc.php \
 etc/modprobe.conf \
 etc/mtab \
 etc/nsswitch.conf \
 etc/ntp.conf \
 etc/passwd \
 etc/php.ini \
 etc/postfix/access \
 etc/postfix/aliases \
 etc/postfix/canonical \
 etc/postfix/generic \
 etc/postfix/header_checks \
 etc/postfix/main.cf \
 etc/postfix/master.cf \
 etc/postfix/relocated \
 etc/postfix/transport \
 etc/postfix/virtual \
 etc/rc.d/* \
 etc/rc.d/rc?.d/* \
 etc/resolv.conf \
 etc/samba/lmhosts \
 etc/samba/smb.conf \
 etc/samba/smbusers \
 etc/selinux/config \
 etc/selinux/restorecond.conf \
 etc/selinux/semanage.conf \
 etc/selinux/targeted/modules/active/booleans.local \
 etc/shadow \
 etc/squirrelmail/config.php \
 etc/squirrelmail/config_local.php \
 etc/squirrelmail/default_pref \
 etc/squirrelmail/sqspell_config.php \
 etc/ssh/ssh_config \
 etc/ssh/ssh_host_dsa_key.pub \
 etc/ssh/ssh_host_key.pub \
 etc/ssh/ssh_host_rsa_key.pub \
 etc/ssh/sshd_config \
 etc/sysconfig/authconfig \
 etc/sysconfig/clock \
 etc/sysconfig/grub \
 etc/sysconfig/hwconf \
 etc/sysconfig/i18n \
 etc/sysconfig/iptables \
 etc/sysconfig/iptables-config \
 etc/sysconfig/kernel \
 etc/sysconfig/keyboard \
 etc/sysconfig/network \
 etc/sysconfig/network-scripts/ifcfg-eth* \
 etc/sysconfig/system-config-securitylevel \
 etc/sysctl.conf \
 etc/yum.conf \
 root/anaconda-ks.cfg \
 root/setup.txt \
 usr/local/bin/* \
 usr/local/sbin/* \
 var/lib/samba/private/passdb.tdb \
 var/lib/samba/private/secrets.tdb \
 var/lib/samba/private/smbpasswd \
 var/log/dmesg \
 var/log/rpmpkgs \
 var/named/chroot/etc/named.conf \
 var/named/chroot/var/named/* \

Other approaches and comments

http://www.selenic.com/pipermail/mercurial/2007-August/014296.html Beware of the problems ...

http://www.selenic.com/pipermail/mercurial/2007-August/014298.html Example of complex .hgignore

http://www.selenic.com/pipermail/mercurial/2007-August/014301.html Discouragement ...

http://michael-prokop.at/blog/2007/03/14/maintain-etc-with-mercurial-on-debian/ Maintain /etc with mercurial on Debian

http://ygingras.net/b/2007/11/a-case-for-hg-on-etc Encouragement ...