Watching /etc

I need to be able to watch the /etc directory of a host over time so that I know when any changes have been made. The main aims are to ensure that changes are not made by the sysadmins without our knowledge and to ensure that changes we do request are actually implemented. I also need to compare the /etc directories on multiple hosts to ensure that they are as close to identical as possible.

Since I am a non-root user I can't use something like Joey Hess' etc-keeper (announcement), although I can re-use the idea of storing the files from /etc in a Git repository, using metastore called from hook scripts to store the file meta-data which isn't normally stored by Git itself.

The current plan is to do something like (untested):

$ cd /path/to
$ export HOSTNAME=$(uname -n)
$ git clone git://repos/config
$ cd config
$ git branch $HOSTNAME
$ git checkout $HOSTNAME
$ rsync -a /etc .
$ git add etc
$ git commit -m"date '+%F %T'"

Then I should be able to run commands like:

$ git diff thishost thathost

to see the differences between the hostname branches.

I can also look at the HEAD commit on each branch on a daily basis to see what has changed.

We will see if this works when I implement it :-)