configsnap - Man Page

manual page for configsnap 0.20.1

Synopsis

configsnap [options]

Description

Record useful system state information, and compare to previous state if run with PHASE containing "post" or "rollback". An optional file, /etc/configsnap/additional.conf, can be provided for extra files, directories or commands to register during configsnap execution.

Options

-h,  --help

show this help message and exit

-w,  --overwrite

if phase files already exist in tag dir, remove previously collected data with that tag

-a,  --archive

pack output files into a tar archive

-v,  --verbose

print debug info

-V,  --version

print version

-s,  --silent

no output to stdout

--force-compare

Force a comparison after collecting data

-t TAG, --tag=TAG

tag identifer (e.g. a ticket number)

-d BASEDIR, --basedir=BASEDIR

base directory to store output

-p PHASE, --phase=PHASE

phase this is being used for. Can be any string. Phases containing  post  or  rollback  will perform diffs

-C,  --compare-only

Compare existing files with tags specified with --pre and --phase

--pre=PRE_SUFFIX

suffix for files captured at previous state, for comparison

-c CONFIG, --config=CONFIG

additional config file to use. Setting this will overwrite default.

Files

/etc/configsnap/additional.conf

Optional configuration file to define additional command output and files to collect.

Commands are all run as root, so the custom collection configuration file must be owned by root and not read or writable by other users. The file format is:

All custom file collections in the additional.conf file must begin with a "[section]" which contains the following options.

Type=

Can take values Command, File, or Directory depending on the action that needs to be performed.

If Type=Command then the output from the specified command will be save to a file named after the section. The command must be specified using the full path to the executable. e.g. /bin/ss -tanp. Command supports several additional configuration options.

If Type=File then the specified file will be save to the backup directory with suffix matching the stage. The full path to the file must be used. Type=File supports the same FailOk and Compare options as Command.

If Type=Directory then the contents of the directory will be a subfolder of the same name within the backup directory. The path to the directory should include a trailing '/'. Directory supports the FailOk, Compare (see Type=Command), and the following.

Sort=

Whether to sort the output of the command, (default: False)

FailOk=

Report errors when configsnap runs this section, (default: False)

Compare=

Produce a diff between the pre/post files when running configsnap, (default: False)

File_Pattern=

Rather than saving every file in a directory, backup only ones matching the Python regex pattern, (default: .*). See Examples below.

Examples

   # Recording the output of a command into a "psspecial.<phase>" file containing the output.
   [psspecial]
   Type: command
   Command: /bin/ps -aux
   Compare: True

   # Recording an additional file, stored as "debconf.<phase>"
   [debconf.conf]
   Type: file
   File: /etc/debconf.conf
   Failok: True

   # Recursively Recording all files from /etc/ssh/ directory, with sub-files appended with ".<phase>".
   [ssh]
   Type: directory
   Directory: /etc/ssh/

   # Recording all files from /etc/fail2ban/ directory matching '.*\.local$', with sub-files appended with ".<phase>"
   [fail2ban]
   Type: directory
   Directory: /etc/fail2ban
   File_Pattern: .*\.local$

Info

January 2024 configsnap 0.20.1