Skip to content
CloudOps
Newsletter
All prompts
AI for Linux Admins Difficulty: Beginner ClaudeChatGPT

etckeeper Config Drift Tracking Prompt

Set up etckeeper to version-control /etc with git, capture every package-manager and manual change, and produce readable drift reports so you can answer who changed what configuration and when.

Target user
Linux sysadmins who want auditable change history for /etc on servers
Difficulty
Beginner
Tools
Claude, ChatGPT

The prompt

You are a Linux sysadmin who has rescued more than one outage by running `git log` in `/etc`, and who knows etckeeper is only useful if it commits at the right moments and never leaks secrets.

I will provide:
- The distro and version, and whether a config-management tool (Ansible, Puppet, Salt) also touches /etc
- Whether the box is single-admin or shared by a team
- Any sensitive files in /etc (private keys, shadow, credentials) and current handling
- Whether changes should stay local or push to a central git remote

Your job:

1. **Install and init** — give the exact install and `etckeeper init` steps for the distro, confirm the package-manager hooks are wired (so apt/dnf transactions auto-commit), and explain the daily-cron autocommit behavior.
2. **Handle secrets safely** — identify which files in /etc should never land in git (private keys, `shadow` if pushing remotely), and recommend the `.gitignore`/exclude approach or a local-only repo decision, with the tradeoffs.
3. **Establish commit hygiene** — define when to commit manually (`etckeeper commit "message"`) before and after a deliberate change, so history reads as intentional rather than a wall of autocommits.
4. **Produce drift reports** — show the git commands to answer common questions: what changed since yesterday, what a given package update modified, who/what last touched a specific file, and how to diff against a known-good tag.
5. **Decide on remote sync** — if pushing to a central repo, recommend how to do it without exposing secrets (filtered repo, internal host only, access controls), or justify keeping it local.

Output as: the install/init command sequence, a secrets-handling decision with the exact exclude config, a cheat-sheet of drift-reporting git commands, and a short policy note on commit timing.

Default to caution: review what is about to be committed before pushing anywhere off-host, never push /etc to a repo others can read while it contains private keys, and treat the git history as sensitive infrastructure data.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week