What Is etckeeper?
etckeeper tracks changes to /etc using version control (git by default). It automatically commits changes when packages are installed or removed, giving you a full history of system configuration changes.
Installation
sudo apt install -y etckeeper
sudo etckeeper init
sudo etckeeper commit "Initial commit"How It Works
- Automatically commits before and after apt operations
- Tracks file permissions, ownership, and contents
- Creates daily autocommit via cron (if there are changes)
View Configuration History
cd /etc
sudo git log --oneline
sudo git log --oneline -20
# See what changed in a specific commit
sudo git show COMMIT_HASH
# See recent changes to a specific file
sudo git log -p /etc/nginx/nginx.conf
# See who changed what
sudo git blame /etc/ssh/sshd_configRevert a Change
# Revert a specific file to a previous version
sudo git checkout COMMIT_HASH -- /etc/nginx/nginx.conf
sudo systemctl reload nginx
# Revert an entire commit
sudo git revert COMMIT_HASHPush to Remote (Offsite Backup)
cd /etc
sudo git remote add origin git@backup-server:etc-backup.git
sudo git push -u origin main
# Schedule daily push
echo "0 4 * * * root cd /etc && git push origin main" >> /etc/crontabBenefits
- Know exactly what changed and when
- Easy rollback of configuration mistakes
- Audit trail for security compliance
- Offsite backup of all system configuration