Changetrack

About

All users of versions prior to 4.7 are encouraged to upgrade to fix a local-user privilege escalation bug. Thanks to the Debian folks for noticing.

Changetrack logs modifications of a set of files, and allows recovery of the tracked files from any stage of development. The changes are presented in a powerful web-based form, a text file, or an email message. A handful of options allow situation-specific configuration, but the code is readily available for more complex modifications.

This tool is intended to be uses like an automatic log book, recording what files were changed, when, and in what way.

What’s New?

Version 4.7 fixes a security bug. A user able to modify root’s configuration file or create files in wilcard directories referenced in that file could execute commands as root.

Version 4.6 no longer depends on File::NCopy, which is deprecated. It allows the tracking of files which are not writeable; files must be readable by the changetrack process.

Version 4.5 avoids the dependency on Mail::Sendmail and uses /usr/sbin/sendmail instead. This adheres to the Linux Standard Base; thanks to Ian Zimmerman. It also searches for root’s default configuration files in different locations so the program will run unmodified on different operating systems, including FreeBSD; thanks to Tiago de Lima Bueno for inspiration.

Version 4.3 allows finename patterns to be provided in find2perl syntax. Thanks to Sam Mikes for this nice feature.

Version 3.18 causes the *.ed files to retain the correct permission bits. It was fixed by Jens Peter Secher.

Version 3.17 fixes two bugs noticed by Debian and fixed by Jens Peter Secher. The program now uses the Perl builtins glob and oct instead of running `ls`.

Version 3.16 hopefully finally fixes the RCS locking problem incompletely addressed by version 3.11. It may be necessary to delete your RCS files (/var/state/changetrack/RCS/*) before the system will work properly.

Version 3.15 displays $HOSTNAME in the subject line of emails. It also works with "use strict;" which means it’s better written and hopefully easier to modify.

Version 3.14 adds a '-f emailaddress' option to use as the "From: " field of the emails. This can be used to differentiate instances of calling Changetrack, for example so one can determine which host the program is running on.

Version 3.13 keeps history and statistics files writable by their owner, fixing a bug in 3.12.

Version 3.12 causes the logging files to have the permissions of the original file, even if those permissions change.

Version 3.11 (hopefully) fixes the RCS file locking problem. Let me know if it’s a problem.

Version 3.10 has clearer and more robust installation.

Version 3.9 permits the use of File::NCopy on systems with it installed. As well, it detects if Mail::Sendmail is installed.

Changeweb, the web interface to Changetrack, now generates valid HTML (4.01 Transitional).

A Debian package has been created by Jens Peter Secher for Changetrack. It is now in testing under "Utilities".

Version 3.7 improves the install script and makes the program quieter when desired. Thanks again to Devin Reade for the patch.

Version 3.6 fixes a bug that caused the '-o' option to be ignored. Thanks to Devin Reade for the patch.

Version 3.5 is not hugely different from previous versions. A bug caused by interfacing incorrectly with RCS has been fixed, thanks to Ian Zimmerman for pointing it out and providing a patch.

Version 2 adds good emailing features. 2.0.1 disables these "out of the box" so the program can be tested without first installing Mail::Sendmail. 2.0.2 has a more up-to-date man page, and also supports unified diffs.

Available for download are:

Changeweb provides a Perl script to create a nice HTML interface to the log. An example is available here. Note that some of the information in these logs may be a security risk, it is not recommended that this be publicly available.

To do

There are a few things that should be added to make changetrack better. If you feel like doing something socially useful, you might try coding one of these.


SourceForge Logo Valid HTML 4.01! Valid CSS! ©2005-2009 CaREMOVE THISmeron@MorAND THISland.ca (2009-07-24 16:43)