Versioned Conffiles was Re: Contrasting BSIGN and TRIPWIRE

To: Oscar Levi <elf@buici.com>
Cc: Debian-Devel <debian-devel@lists.debian.org>
Subject: Versioned Conffiles was Re: Contrasting BSIGN and TRIPWIRE
From: John Lines <john@paladin.demon.co.uk>
Date: Mon, 14 Dec 1998 08:07:59 +0000
Message-id: <[🔎] 199812140807.IAA03148@athena.paladin.org.uk>
In-reply-to: Message from Oscar Levi <elf@buici.com> of "Sun, 13 Dec 1998 21:16:56 PST." <[🔎] 19981213211656.A15537@hazel.buici.com>

Oscar Levi wrote:

> My next project is to implement version control for system
> configuration files.  This can integrate with bsign, too, in that the
> administrator can sign (bless) the edited config files as part of the
> standard process.  If someone is really paranoid, he can use a
> smartcard for signature generation and/or a NFS mount of the system
> being adminstered to isolate encryption from a vulnerable system.
> 

I would like to see RCS support for system configuration files - something like:

If when the user says they would like to install a new conffile from the
package, then
 If there is an RCS directory for the conffile then check in the old version,
 and check in the new Debian version, giving it a suitable label (saying which
 package version it came from etc.

This could supplement (where RCS was available) the various different systems
which keep multiple old conf files (such as the rotated apache conf files 
system - which I really like BTW)

	John Lines

Reply to:

Follow-Ups:
- Re: Versioned Conffiles was Re: Contrasting BSIGN and TRIPWIRE
  - From: Ben Collins <bmc@visi.net>

References:
- Contrasting BSIGN and TRIPWIRE
  - From: Oscar Levi <elf@buici.com>

Prev by Date: Re: DPLs : what do you think about ...
Next by Date: Re: Linux 2.0.36 in slink?
Previous by thread: Re: Contrasting BSIGN and TRIPWIRE
Next by thread: Re: Versioned Conffiles was Re: Contrasting BSIGN and TRIPWIRE
Index(es):
- Date
- Thread