bionic (8) metche.8.gz

Provided by: metche_1.2.4-1_all bug

NAME
       metche - reducing root bus factor


SYNOPSIS
              metche [-h VSERVER] report (stable|testing|unstable)-YYYYMMDDHHMM
              metche [-h VSERVER] list
              metche [-h VSERVER] stabilize testing-YYYYMMDDHHMM


DESCRIPTION
       metche  is  a  tool  meant  to  ease collective system administration by monitoring changes in the system
       configuration.

       metche basic usage is to monitor changes in a  directory,  usually  /etc;  optionally,  metche  can  also
       monitor:

       • one or more user maintained changelog files,

       • the state of Debian packages and versions.

       metche  should  be installed with a cronjob that regularly runs to automatically save the system state as
       needed.  These states are saved in a way similar to the Debian development model:

       • unstable states are saved as soon as a change is detected.  They are kept until  a  new  testing  state
         appears.

       • testing  states  is created from the last unstable state that has not been changed after a short amount
         of time (by default, one hour).  Old unstable states are deleted afterwards.

       • stable states are created from the last testing state, either manually, or after a long amount of  time
         (by default, 3 days).  Old testing states are deleted afterwards.

       When  a new testing state is saved, an email is sent to a configurable address, giving an overwiew of the
       differences with the previous testing.  A notification is also sent when a new stable state is saved.

       metche's configuration is read from /etc/metche.conf.  Various settings like changelog monitoring or time
       between system state switches are described there.


OPTIONS
       If  -h VSERVER  is specified, the VServer VSERVER is operated on instead of the host system.  This, along
       with the VSNAMES option, allows one to monitor several VServers running on the system.

       One of the following commands must be specified on the command line:

       report When run with the report command, metche displays a report against the specified saved  state,  or
              if unspecified, against the latest testing state.  This is useful when you have broken your system
              and want to know which changes have been made since a given, known working, system state.

       list   When run with the list command, metche displays a list of all the saved states.

       stabilize
              When run with the stabilize command, metche turns a "testing state" into  a  "stable  state".   By
              default,  it  will  use  the last "testing state", but this can be overridden by giving a specific
              state as argument.

       cron   This command should not be called manually, but used from a cronjob.  When called, it can  perform
              various  operations  like:  saving  "unstable", "testing" or "stable" states as needed and sending
              reports and notification if configured to do so.  This command does not support the -h option.


FILES
       /etc/metche.conf contains metche configuration.

       When configured to monitor one changelog, CHANGELOG_FILE (default: /root/Changelog).

       When configured to monitor multiple changelogs, CHANGELOG_DIR/*/Changelog (default: /root/changelogs).

       System states are saved in BACKUP_DIR (default: /var/lib/metche).


SECURITY
       metche is able to use GnuPG to encrypt the email it sends, but does  not  by  default;  just  enable  the
       ENCRYPT_EMAIL configuration option, and make sure EMAIL_ADDRESS' public key is in root's keyring, trusted
       enough to be used blindly by metche.  If EMAIL_ADDRESS is an email alias or mailing-list's  address,  you
       probably  want  to use the group option in /root/.gnupg/gpg.conf so that metche reports are encrypted for
       every person subscribed to this alias or mailing-list; for more information, see gpg(1).

       When DO_DETAILS is enabled and ENCRYPT_EMAIL is disabled, metche sends in clear text  email  the  changes
       made  to  the watched directory...  either make sure that the EXCLUDES configuration variable prevents it
       to send sensitive information, or triple check that secure connections will be  used  end-to-end  on  the
       email  path.   If  unsure, set EMAIL_ADDRESS configuration variable to a local mailbox.  Please note that
       EMAIL_ADDRESS is not used for VServers: a VServer's report messages are sent to its root email address.

       metche stores, in BACKUP_DIR (default: /var/lib/metche), various backups of WATCHED_DIR.  Make sure  that
       this backup place is at least as secured as the source.


BUGS
       See  metche's  ticket  system (https://0xacab.org/metche/metche/issues) for known bugs, missing features,
       and the development road-map.


AUTHORS
       metche and this manual page were written by the boum.org collective, and are now maintained by the metche
       developers collective <metche@lists.riseup.net>.