I *heart* plain text configuration files

· by Steve · Read in about 4 min · (799 Words)

A small bit of musing while I wait for another back-up to run…

Reinstalling a server from scratch sucks. Obviously. Not being able to use direct dumps of the old system itself because of concerns of how far a malicious attack got, and how long ago (even though we’re running SELinux) means that everything has to be constructed afresh. How much fun I’m having.

But if there’s one silver lining here, it’s that at least Linux stores every shred of its configuration in a simple, plain text format, and in one dedicated subtree of the file-system. Even though the server itself had to be taken down, the old disk was mounted so that I could look at previous configuration files easily, and carry across relevant ones (checked manually, natch) directly. It still takes a lot if time, and the fact that I jumped OS versions at the same time has complicated it (but, if there’s any time to do that, it’s now), but it would have been much worse if I couldn’t reference the old system.

One thing I found annoying at times about doing admin on Windows servers (in a past life) was that they generally hid their settings away from you - the common assumption was that you use a GUI to edit everything, and accessing settings without that GUI was frequently difficult, if it was even possible at all. Although a GUI is friendly for many uses, it also does a pretty good job of hiding things from you. Sometimes that’s useful (drawing attention to the most important things), sometimes it’s very unhelpful (trying to find which tab / dialog a particular option is in). One thing it definitely fails at is making it easy to extract / summarise all the necessary information to audit it, or to recreate an entire setup. Even when you have the server still running its a pain, but if that server has been taken offline it’s extremely hard to extract information from it without booting the thing up again (which if it’s damaged or compromised, might not be desirable or possible). Settings were often scattered among the registry, proprietary repositories, application specific places, and sometimes in custom data formats. If you’re lucky you might be able to extract the settings some way, but usually you have to have thought of it before the machine was out of action, and the process is often specific to a given application - so even assuming you remember to do it for all of the different server apps you’re running, the results are disparate, hard to organise and very often not human-readable - something you really want when you’re auditing a machine or creating a variant. The result was, in my experience, relying heavily on binary machine images for reference setups, test servers etc. That works well enough, but it’s a bit opaque and doesn’t help you much when you want variations (unless you have MxN images, or a tree of derivative images).

In comparison on Linux, I know I just have to look at plain text, readable configuration files in /etc/, which I can do on pretty much any device without actually having to have any of the old software running - I can just mount the disk with minimal permissions. By and large the text files are extremely well commented and contain pretty much every option you might need, just commented out when defaulted. I can search quickly for settings just like I can in any text file, and search across the entire configuration if necessary. Being text, it’s very easy to create a standardised configuration template that you can roll out, in a much more configurable way than a raw machine image. The visibility of all the settings certainly helps, and you can do all sorts of nice things such as generating configurations from variable options, should you want to. Text configuration might look less friendly at a surface level, but over time, I’ve found that in practice it’s actually a considerably more productive way of doing things for many admin tasks - especially the more difficult ones.

Tweaking an existing installation is still probably easier with a GUI though, and less intimidating to beginners or occasional admins (and I actually count myself in the latter). The best solution is to have both - a GUI for casual admins and core text config storage underneath - and of course there are plenty of options  about to do that on Linux too.

I’m not sure if Windows Server 7 does anything different here - I haven’t administered a Windows server since 2003 so I may well be out of date. I just thought I’d break out some love for the often unappreciated plain text config file. Sometimes simplicity is the best choice.