etckeeper is a collection of tools that can be used to manage the /etc directory in a Git repository. This allows changes to be checked and undone if necessary. It also connects to package managers such as apt to automatically commit changes made to /etc during a package upgrade. Finally, it also takes into account metadata of files that Git does not normally manage, but which are important for /etc, such as the permissions of /etc/shadow.


etckeeper can be easily installed with

$ sudo apt install git etckeeper


  1. The configuration of etckeeper is done in the etckeeper.conf file:

    # The VCS to use.
  2. In addition, the following two automatic commits should be avoided:

    # Uncomment to avoid etckeeper committing existing changes
    # to /etc automatically once per day.
    AVOID_DAILY_AUTOCOMMITS=1# Uncomment to avoid etckeeper committing existing changes to
    # /etc before installation. It will cancel the installation,
    # so you can commit the changes by hand.
  3. Now git itself should be configured, see Configuration.

  4. Finally, the /etc directory can be taken under Git version control with:

    $ cd /etc/
    $ sudo etckeeper init
    Initialized empty Git repository in /etc/.git/
    $ sudo etckeeper commit "Initial commit"


If a configuration file is now edited, the changes can now be easily logged with Git.

Managing metadata#

Since Git itself does not record complete metadata, etckeeper has set up a pre-commit hook in /etc/.git/hooks/pre-commit. This hook logs the chmod and chgrp entries for all files that do not correspond to the standard permissions in the file /etc/.etckeeper:

maybe chmod 0755 '.'
maybe chmod 0700 './.etckeeper'
maybe chmod 0644 './.gitignore'
. gitignore

Files that are not to be versioned with Git in the /etc directory can be added in the file /etc/.gitignore. This file is created when etckeeper is initiated and can be extended if necessary after the comment

# end section managed by etckeeper