On 03/22/2015 08:45 AM, Holger Levsen wrote: > Hi Chris, Hi Holger. :) > On Samstag, 21. März 2015, Chris Knadle wrote: >> understandable, and an extent to which it's a bit frightening because >> it means I can't know what I'll be notified concerning changes to my >> own config files and therefore how my system runs. > > thankfully "apt-get install etckeeper" can help with that, git hooks are > great. > > > cheers, > Holger I'm using etckeeper too (almost everywhere), though not with git hooks. (I don't know git hooks yet.) I certainly love what etckeeper does, but IMHO it's not a replacement for a dpkg warning because the dpkg warning happens /before/ the changes are made and gives you an opportunity to examine the situation before allowing it to happen, whereas etckeeper tells you about changes that have /already/ happened, with full history. (AFAIK) And sshd_config is, quite literally, the very last file I ever want to have changed without getting a warning about it first. (It's a config file I always customize on every system.) I'll also soon be modifying ssh_config too because of ... certain concerns that have arisen. https://stribika.github.io/2015/01/04/secure-secure-shell.html Thanks -- Chris -- Chris Knadle Chris.Knadle@coredump.us
Attachment:
signature.asc
Description: OpenPGP digital signature