Bab 10. Manajemen data

Daftar Isi

10.1. Berbagi, menyalin, dan mengarsipkan
10.1.1. Alat arsip dan kompresi
10.1.2. Alat salin dan sinkronisasi
10.1.3. Idiom untuk arsip
10.1.4. Idiom untuk menyalin
10.1.5. Idiom untuk pemilihan berkas
10.1.6. Media arsip
10.1.7. Perangkat penyimpanan lepasan
10.1.8. Filesystem choice for sharing data
10.1.9. Berbagi data melalui jaringan
10.2. Pencadangan dan pemulihan
10.2.1. Backup and recovery policy
10.2.2. Keluarga utilitas pencadangan
10.2.3. Cadangan pribadi
10.3. Infrastruktur keamanan data
10.3.1. Manajemen kunci untuk GnuPG
10.3.2. Menggunakan GnuPG pada berkas
10.3.3. Menggunakan GnuPG dengan Mutt
10.3.4. Menggunakan GnuPG dengan Vim
10.3.5. The MD5 sum
10.3.6. Password keyring
10.4. Alat penggabungan kode sumber
10.4.1. Mengekstrak perbedaan untuk berkas sumber
10.4.2. Merging updates for source files
10.4.3. Interactive merge
10.5. Git
10.5.1. Konfigurasi klien Git
10.5.2. Perintah Git dasar
10.5.3. Tips Git
10.5.4. Referensi Git
10.5.5. Sistem kontrol versi lainnya

Tools and tips for managing binary and text data on the Debian system are described.

[Awas] Awas

The uncoordinated write access to actively accessed devices and files from multiple processes must not be done to avoid the race condition. File locking mechanisms using flock(1) may be used to avoid it.

The security of the data and its controlled sharing have several aspects.

  • Pembuatan arsip data

  • Akses penyimpanan jarak jauh

  • Duplikasi

  • Pelacakan riwayat modifikasi

  • Memfasilitasi berbagi data

  • Pencegahan akses berkas tanpa otorisasi

  • Deteksi modifikasi berkas tanpa otorisasi

These can be realized by using some combination of tools.

  • Alat arsip dan kompresi

  • Alat salin dan sinkronisasi

  • Sistem berkas jaringan

  • Media penyimpanan lepasan

  • The secure shell

  • Sistem autentikasi

  • Alat sistem kontrol versi

  • Alat enkripsi hash dan kriptografi

Berikut adalah ringkasan alat kompresi dan arsip yang tersedia pada sistem Debian.

Tabel 10.1. Daftar alat arsip dan kompresi

paket popcon ukuran ekstensi perintah kommen
tar V:907, I:999 3152 .tar tar(1) pengarsip standar (standar de facto)
cpio V:383, I:998 1140 .cpio cpio(1) Pengarsipan gaya Unix System V, gunakan dengan find(1)
binutils V:148, I:652 99 .ar ar(1) pengarsip untuk pembuatan pustaka statis
fastjar V:2, I:22 183 .jar fastjar(1) pengarsip untuk Java (mirip zip)
pax V:11, I:20 170 .pax pax(1) pengarsip standar POSIX baru, kompromi antara tar dan cpio
gzip V:878, I:999 242 .gz gzip(1), zcat(1), … Utilitas kompresi GNU LZ77 (standar de facto)
bzip2 V:161, I:973 120 .bz2 bzip2(1), bzcat(1), … Utilitas kompresi pengurut blok Burrows-Wheeler dengan rasio kompresi yang lebih tinggi daripada gzip(1) (lebih lambat dari gzip dengan sintaks serupa)
lzma V:2, I:23 149 .lzma lzma(1) Utilitas kompresi LZMA dengan rasio kompresi yang lebih tinggi daripada gzip(1) (usang)
xz-utils V:436, I:980 612 .xz xz(1), xzdec(1), … Utilitas kompresi XZ dengan rasio kompresi yang lebih tinggi daripada bzip2(1) (lebih lambat dari gzip tetapi lebih cepat dari bzip2; pengganti utilitas kompresi LZMA)
zstd V:7, I:34 1898 .zstd zstd(1), zstdcat(1), … Zstandard utilitas kompresi lossless cepat
p7zip V:83, I:468 987 .7z 7zr(1), p7zip(1) 7-Zip file archiver with high compression ratio (LZMA compression)
p7zip-full V:116, I:478 4664 .7z 7z(1), 7za(1) 7-Zip file archiver with high compression ratio (LZMA compression and others)
lzop V:14, I:120 164 .lzo lzop(1) LZO compression utility with higher compression and decompression speed than gzip(1) (lower compression ratio than gzip with similar syntax)
zip V:49, I:414 623 .zip zip(1) InfoZIP: Alat arsip dan kompresi DOS
unzip V:142, I:788 385 .zip unzip(1) InfoZIP: Alat pembuka arsip dan dekompresi DOS

[Awas] Awas

Do not set the "$TAPE" variable unless you know what to expect. It changes tar(1) behavior.

Berikut adalah beberapa cara untuk menyalin seluruh konten direktori "./source" menggunakan alat-alat yang berbeda.

  • Local copy: "./source" directory → "/dest" directory

  • Remote copy: "./source" directory at local host → "/dest" directory at "user@host.dom" host

rsync(8):

# cd ./source; rsync -aHAXSv . /dest
# cd ./source; rsync -aHAXSv . user@host.dom:/dest

You can alternatively use "a trailing slash on the source directory" syntax.

# rsync -aHAXSv ./source/ /dest
# rsync -aHAXSv ./source/ user@host.dom:/dest

Atau, dengan berikut.

# cd ./source; find . -print0 | rsync -aHAXSv0 --files-from=- . /dest
# cd ./source; find . -print0 | rsync -aHAXSv0 --files-from=- . user@host.dom:/dest

GNU cp(1) dan openSSH scp(1):

# cd ./source; cp -a . /dest
# cd ./source; scp -pr . user@host.dom:/dest

GNU tar(1):

# (cd ./source && tar cf - . ) | (cd /dest && tar xvfp - )
# (cd ./source && tar cf - . ) | ssh user@host.dom '(cd /dest && tar xvfp - )'

cpio(1):

# cd ./source; find . -print0 | cpio -pvdm --null --sparse /dest

You can substitute "." with "foo" for all examples containing "." to copy files from "./source/foo" directory to "/dest/foo" directory.

You can substitute "." with the absolute path "/path/to/source/foo" for all examples containing "." to drop "cd ./source;". These copy files to different locations depending on tools used as follows.

  • "/dest/foo": rsync(8), GNU cp(1), dan scp(1)

  • "/dest/path/to/source/foo": GNU tar(1), dan cpio(1)

[Tip] Tip

rsync(8) and GNU cp(1) have option "-u" to skip files that are newer on the receiver.

find(1) digunakan untuk memilih berkas untuk perintah arsip dan salin (lihat Bagian 10.1.3, “Idiom untuk arsip” dan Bagian 10.1.4, “Idiom untuk menyalin”) atau untuk xargs(1) (lihat Bagian 9.4.9, “Repeating a command looping over files”). Ini dapat ditingkatkan dengan memakai argumen-argumen perintahnya.

Basic syntax of find(1) can be summarized as the following.

  • Its conditional arguments are evaluated from left to right.

  • This evaluation stops once its outcome is determined.

  • "Logical OR" (specified by "-o" between conditionals) has lower precedence than "logical AND" (specified by "-a" or nothing between conditionals).

  • "Logical NOT" (specified by "!" before a conditional) has higher precedence than "logical AND".

  • "-prune" always returns logical TRUE and, if it is a directory, searching of file is stopped beyond this point.

  • "-name" mencocokkan basis nama berkas dengan shell glob (lihat Bagian 1.5.6, “Glob shell”) tetapi juga mencocokkan "." awal dengan karakter-karakter meta seperti "*" dan "?". (Fitur POSIX baru)

  • "-regex" mencocokkan path lengkap dengan BRE gaya emacs (lihat Bagian 1.6.2, “Ekspresi reguler”) secara baku.

  • "-size" matches the file based on the file size (value precedented with "+" for larger, precedented with "-" for smaller)

  • "-newer" matches the file newer than the one specified in its argument.

  • "-print0" always returns logical TRUE and print the full filename (null terminated) on the standard output.

find(1) is often used with an idiomatic style as the following.

# find /path/to \
    -xdev -regextype posix-extended \
    -type f -regex ".*\.cpio|.*~" -prune -o \
    -type d -regex ".*/\.git" -prune -o \
    -type f -size +99M -prune -o \
    -type f -newer /path/to/timestamp -print0

Ini berarti melakukan tindakan berikut.

  1. Search all files starting from "/path/to"

  2. Secara global membatasi pencariannya dalam sistem berkas awalnya dan menggunakan ERE (lihat Bagian 1.6.2, “Ekspresi reguler”) sebagai gantinya

  3. Exclude files matching regex of ".*\.cpio" or ".*~" from search by stop processing

  4. Exclude directories matching regex of ".*/\.git" from search by stop processing

  5. Exclude files larger than 99 Megabytes (units of 1048576 bytes) from search by stop processing

  6. Print filenames which satisfy above search conditions and are newer than "/path/to/timestamp"

Please note the idiomatic use of "-prune -o" to exclude files in the above example.

[Catatan] Catatan

For non-Debian Unix-like system, some options may not be supported by find(1). In such a case, please consider to adjust matching methods and replace "-print0" with "-print". You may need to adjust related commands too.

When choosing computer data storage media for important data archive, you should be careful about their limitations. For small personal data backup, I use CD-R and DVD-R by the brand name company and store in a cool, shaded, dry, clean environment. (Tape archive media seem to be popular for professional use.)

[Catatan] Catatan

A fire-resistant safe are meant for paper documents. Most of the computer data storage media have less temperature tolerance than paper. I usually rely on multiple secure encrypted copies stored in multiple secure locations.

Optimistic storage life of archive media seen on the net (mostly from vendor info).

  • 100+ tahun : Kertas bebas asam dengan tinta

  • 100 tahun : Penyimpanan optik (CD/DVD, CD/DVD-R)

  • 30 tahun : Penyimpanan magnetik (tape, floppy)

  • 20 tahun : Penyimpanan optik perubahan fase (CD-RW)

These do not count on the mechanical failures due to handling etc.

Optimistic write cycle of archive media seen on the net (mostly from vendor info).

  • 250.000+ siklus : Harddisk drive

  • 10.000+ siklus : Memori flash

  • 1.000 siklus : CD/DVD-RW

  • 1 siklus : CD/DVD-R, kertas

[Perhatian] Perhatian

Figures of storage life and write cycle here should not be used for decisions on any critical data storage. Please consult the specific product information provided by the manufacture.

[Tip] Tip

Since CD/DVD-R and paper have only 1 write cycle, they inherently prevent accidental data loss by overwriting. This is advantage!

[Tip] Tip

If you need fast and frequent backup of large amount of data, a hard disk on a remote host linked by a fast network connection, may be the only realistic option.

[Tip] Tip

If you use re-writable media for your backups, use of filesystem such as btrfs or zfs which supports read-only snapshots may be a good idea.

Removable storage devices may be any one of the following.

They may be connected via any one of the following.

Modern desktop environments such as GNOME and KDE can mount these removable devices automatically without a matching "/etc/fstab" entry.

  • udisks2 package provides a daemon and associated utilities to mount and unmount these devices.

  • D-bus creates events to initiate automatic processes.

  • PolicyKit provides required privileges.

[Tip] Tip

Automounted devices may have the "uhelper=" mount option which is used by umount(8).

[Tip] Tip

Automounting under modern desktop environment happens only when those removable media devices are not listed in "/etc/fstab".

Mount point under modern desktop environment is chosen as "/media/username/disk_label" which can be customized by the following.

  • mlabel(1) for FAT filesystem

  • genisoimage(1) with "-V" option for ISO9660 filesystem

  • tune2fs(1) with "-L" option for ext2/ext3/ext4 filesystem

[Tip] Tip

Pilihan pengodean mungkin perlu disediakan sebagai opsi kait (lihat Bagian 8.1.3, “Pengodean nama berkas”).

[Tip] Tip

The use of the GUI menu to unmount a filesystem may remove its dynamically generated device node such as "/dev/sdc". If you wish to keep its device node, unmount it with the umount(8) command from the shell prompt.

When sharing data with other system via removable storage device, you should format it with common filesystem supported by both systems. Here is a list of filesystem choices.


[Tip] Tip

Lihat Bagian 9.9.1, “Removable disk encryption with dm-crypt/LUKS” untuk berbagi data lintas platform menggunakan enkripsi tingkat perangkat.

The FAT filesystem is supported by almost all modern operating systems and is quite useful for the data exchange purpose via removable hard disk like media.

When formatting removable hard disk like devices for cross platform sharing of data with the FAT filesystem, the following should be safe choices.

When using the FAT or ISO9660 filesystems for sharing data, the following should be the safe considerations.

  • Archiving files into an archive file first using tar(1), or cpio(1) to retain the long filename, the symbolic link, the original Unix file permission and the owner information.

  • Splitting the archive file into less than 2 GiB chunks with the split(1) command to protect it from the file size limitation.

  • Encrypting the archive file to secure its contents from the unauthorized access.

[Catatan] Catatan

For FAT filesystems by its design, the maximum file size is (2^32 - 1) bytes = (4GiB - 1 byte). For some applications on the older 32 bit OS, the maximum file size was even smaller (2^31 - 1) bytes = (2GiB - 1 byte). Debian does not suffer the latter problem.

[Catatan] Catatan

Microsoft itself does not recommend to use FAT for drives or partitions of over 200 MB. Microsoft highlights its short comings such as inefficient disk space usage in their "Overview of FAT, HPFS, and NTFS File Systems". Of course, we should normally use the ext4 filesystem for Linux.

[Tip] Tip

For more on filesystems and accessing filesystems, please read "Filesystems HOWTO".

We all know that computers fail sometime or human errors cause system and data damages. Backup and recovery operations are the essential part of successful system administration. All possible failure modes hit you some day.

[Tip] Tip

Keep your backup system simple and backup your system often. Having backup data is more important than how technically good your backup method is.

There are 3 key factors which determine actual backup and recovery policy.

  1. Knowing what to backup and recover.

  2. Mengetahui cara membuat cadangan dan memulihkan.

    • Secure storage of data: protection from overwrite and system failure

    • Frequent backup: scheduled backup

    • Redundant backup: data mirroring

    • Fool proof process: easy single command backup

  3. Assessing risks and costs involved.

    • Risiko data saat hilang

      • Data should be at least on different disk partitions preferably on different disks and machines to withstand the filesystem corruption. Important data are best stored on a read-only filesystem. [4]

    • Risk of data when breached

      • Sensitive identity data such as "/etc/ssh/ssh_host_*_key", "~/.gnupg/*", "~/.ssh/*", "~/.local/share/keyrings/*", "/etc/passwd", "/etc/shadow", "popularity-contest.conf", "/etc/ppp/pap-secrets", and "/etc/exim4/passwd.client" should be backed up as encrypted. [5] (See Bagian 9.9, “Tips enkripsi data”.)

      • Never hard code system login password nor decryption passphrase in any script even on any trusted system. (See Bagian 10.3.6, “Password keyring”.)

    • Mode kegagalan dan kemungkinannya

      • Perangkat keras (terutama HDD) akan rusak

      • Sistem berkas mungkin terkorupsi dan data di dalamnya mungkin hilang

      • Sistem penyimpanan jarak jauh tidak dapat dipercaya untuk pelanggaran keamanan

      • Perlindungan kata sandi yang lemah dapat dengan mudah dikompromikan

      • Sistem izin berkas mungkin terkompromi

    • Sumber daya yang diperlukan untuk membuat cadangan: manusia, perangkat keras, perangkat lunak, …

      • Pencadangan terjadwal otomatis dengan pekerjaan cron atau pekerjaan timer systemd

[Catatan] Catatan

Do not back up the pseudo-filesystem contents found on /proc, /sys, /tmp, and /run (see Bagian 1.2.12, “procfs dan sysfs” and Bagian 1.2.13, “tmpfs”). Unless you know exactly what you are doing, they are huge useless data.

[Catatan] Catatan

Anda mungkin ingin menghentikan beberapa daemon aplikasi seperti MTA (lihat Bagian 6.2.4, “Agen transportasi surat (mail transport agent/MTA)”) saat mencadangkan data.

Berikut adalah daftar keluarga utilitas pencadangan terkemuka yang tersedia di sistem Debian.

Tabel 10.5. Daftar utilitas keluarga pencadangan

paket popcon ukuran deskripsi
dump V:1, I:5 351 4.4 BSD dump(8) and restore(8) for ext2/ext3/ext4 filesystems
xfsdump V:0, I:8 865 dump and restore with xfsdump(8) and xfsrestore(8) for XFS filesystem on GNU/Linux and IRIX
backupninja V:3, I:4 367 lightweight, extensible meta-backup system
bacula-common V:10, I:13 2158 Bacula: pencadangan jaringan, pemulihan, dan verifikasi - berkas dukungan umum
bacula-client I:3 183 Bacula: pencadangan jaringan, pemulihan, dan verifikasi - meta-paket klien
bacula-console V:1, I:4 107 Bacula: pencadangan jaringan, pemulihan, dan verifikasi - konsol teks
bacula-server I:1 183 Bacula: pencadangan jaringan, pemulihan, dan verifikasi - meta-paket server
amanda-common V:0, I:2 10090 Amanda: Advanced Maryland Automatic Network Disk Archiver (Pustaka)
amanda-client V:0, I:2 1149 Amanda: Advanced Maryland Automatic Network Disk Archiver (Klien)
amanda-server V:0, I:0 1117 Amanda: Advanced Maryland Automatic Network Disk Archiver (Server)
backup-manager V:0, I:1 571 alat pencadangan baris perintah
backup2l V:0, I:1 115 low-maintenance backup/restore tool for mountable media (disk based)
backuppc V:2, I:3 3184 BackupPC is a high-performance, enterprise-grade system for backing up PCs (disk based)
duplicity V:15, I:36 1867 (remote) incremental backup
flexbackup V:0, I:0 243 (remote) incremental backup
rdiff-backup V:5, I:13 769 (remote) incremental backup
restic V:2, I:4 21080 (remote) incremental backup
slbackup V:0, I:0 151 (remote) incremental backup

Backup tools have their specialized focuses.

  • Mondo Rescue is a backup system to facilitate restoration of complete system quickly from backup CD/DVD etc. without going through normal system installation processes.

  • Bacula, Amanda, and BackupPC are full featured backup suite utilities which are focused on regular backups over network.

  • Regular backups of user data can be realized by a simple script (Bagian 10.2.3, “Cadangan pribadi”).

Basic tools described in Bagian 10.1.1, “Alat arsip dan kompresi” and Bagian 10.1.2, “Alat salin dan sinkronisasi” can be used to facilitate system backup via custom scripts. Such script can be enhanced by the following.

  • The restic package enables incremental (remote) backups.

  • The rdiff-backup package enables incremental (remote) backups.

  • The dump package helps to archive and restore the whole filesystem incrementally and efficiently.

[Tip] Tip

Lihat berkas-berkas di "/usr/share/doc/dump/" dan "Apakah dump benar-benar usang?" untuk mempelajari tentang paket dump.

For a personal Debian desktop system running testing suite, I only need to protect personal and critical data. I reinstall system once a year anyway. Thus I see no reason to backup the whole system or to install a full featured backup utility.

At the same time, it is very valuable to have frequent recent snapshots of personal data and system configuration, and occasional full backups of personal data.

I usually make these snapshots and backups with a simple shell script bss. This script is a short shell which uses standard utilities: btrfs subvolume snapshot, rsync. For data encryption, disk image is created by fallocate(1) and configured with cryptsetup(8).

[Tip] Tip

You can recover debconf configuration data with "debconf-set-selections debconf-selections" and dpkg selection data with "dpkg --set-selection <dpkg-selections.list".

The data security infrastructure is provided by the combination of data encryption tool, message digest tool, and signature tool.


Lihat Bagian 9.9, “Tips enkripsi data” pada dm-crypt dan fscrypt yang menerapkan infrastruktur enkripsi data otomatis melalui modul kernel Linux.

Berikut adalah perintah GNU Privacy Guard untuk manajemen kunci dasar.


Here is the meaning of the trust code.


The following uploads my key "1DD8D791" to the popular keyserver "hkp://keys.gnupg.net".

$ gpg --keyserver hkp://keys.gnupg.net --send-keys 1DD8D791

A good default keyserver set up in "~/.gnupg/gpg.conf" (or old location "~/.gnupg/options") contains the following.

keyserver hkp://keys.gnupg.net

The following obtains unknown keys from the keyserver.

$ gpg --list-sigs --with-colons | grep '^sig.*\[User ID not found\]' |\
  cut -d ':' -f 5| sort | uniq | xargs gpg --recv-keys

There was a bug in OpenPGP Public Key Server (pre version 0.9.6) which corrupted key with more than 2 sub-keys. The newer gnupg (>1.2.1-2) package can handle these corrupted subkeys. See gpg(1) under "--repair-pks-subkey-bug" option.

md5sum(1) provides utility to make a digest file using the method in rfc1321 and verifying each file with it.

$ md5sum foo bar >baz.md5
$ cat baz.md5
d3b07384d113edec49eaa6238ad5ff00  foo
c157a79031e1c40f85931829bc5fc552  bar
$ md5sum -c baz.md5
foo: OK
bar: OK
[Catatan] Catatan

The computation for the MD5 sum is less CPU intensive than the one for the cryptographic signature by GNU Privacy Guard (GnuPG). Usually, only the top level digest file is cryptographically signed to ensure data integrity.

Ada banyak alat gabungan untuk kode sumber. Perintah berikut menarik perhatian saya.

Tabel 10.10. Daftar alat penggabungan kode sumber

paket popcon ukuran perintah deskripsi
patch V:73, I:711 248 patch(1) menerapkan berkas diff ke yang asli
vim V:100, I:394 3546 vimdiff(1) membandingkan 2 berkas berdampingan di vim
imediff V:0, I:0 169 imediff(1) alat gabungan 2/3 arah layar penuh interaktif
meld V:14, I:37 3086 meld(1) membandingkan dan menggabungkan berkas (GTK)
wiggle V:0, I:0 174 wiggle(1) menerapkan patch yang ditolak
diffutils V:871, I:994 1598 diff(1) membandingkan berkas baris per baris
diffutils V:871, I:994 1598 diff3(1) membandingkan dan menggabungkan tiga berkas baris demi baris
quilt V:3, I:29 788 quilt(1) mengelola serangkaian patch
wdiff V:9, I:64 644 wdiff(1) menampilkan perbedaan kata antara berkas-berkas teks
diffstat V:15, I:139 81 diffstat(1) menghasilkan histogram perubahan oleh diff
patchutils V:18, I:136 232 combinediff(1) membuat patch kumulatif dari dua patch inkremental
patchutils V:18, I:136 232 dehtmldiff(1) mengekstrak diff dari halaman HTML
patchutils V:18, I:136 232 filterdiff(1) mengekstrak atau mengecualikan diff dari berkas diff
patchutils V:18, I:136 232 fixcvsdiff(1) fix diff files created by CVS that patch(1) mis-interprets
patchutils V:18, I:136 232 flipdiff(1) menukar urutan dua patch
patchutils V:18, I:136 232 grepdiff(1) menunjukkan berkas mana yang dimodifikasi oleh patch yang cocok dengan regex
patchutils V:18, I:136 232 interdiff(1) menunjukkan perbedaan antara dua berkas diff unified
patchutils V:18, I:136 232 lsdiff(1) menunjukkan berkas mana yang dimodifikasi oleh patch
patchutils V:18, I:136 232 recountdiff(1) recompute counts and offsets in unified context diffs
patchutils V:18, I:136 232 rediff(1) memperbaiki ofset dan cacah diff yang disunting dengan tangan
patchutils V:18, I:136 232 splitdiff(1) separate out incremental patches
patchutils V:18, I:136 232 unwrapdiff(1) demangle patches that have been word-wrapped
dirdiff V:0, I:2 166 dirdiff(1) display differences and merge changes between directory trees
docdiff V:0, I:0 555 docdiff(1) membandingkan dua berkas kata demi kata / huruf demi huruf
makepatch V:0, I:0 100 makepatch(1) generate extended patch files
makepatch V:0, I:0 100 applypatch(1) apply extended patch files

Git is the tool of choice these days for the version control system (VCS) since Git can do everything for both local and remote source code management.

Debian provides free Git services via Debian Salsa service. Its documentation can be found at https://wiki.debian.org/Salsa .

Berikut adalah beberapa paket terkait Git.


Operasi Git melibatkan beberapa data.

  • The working tree which holds user facing files and you make changes to them.

    • The changes to be recorded must be explicitly selected and staged to the index. This is git add and git rm commands.

  • The index which holds staged files.

    • Staged files will be committed to the local repository upon the subsequent request. This is git commit command.

  • The local repository which holds committed files.

    • Git records the linked history of the committed data and organizes them as branches in the repository.

    • The local repository can send data to the remote repository by git push command.

    • The local repository can receive data from the remote repository by git fetch and git pull commands.

      • The git pull command performs git merge or git rebase command after git fetch command.

      • Here, git merge combines two separate branches of history at the end to a point. (This is default of git pull without customization and may be good for upstream people who publish branch to many people.)

      • Here, git rebase creates one single branch of sequential history of the remote branch one followed by the local branch one. (This is pull.rebase true customization case and may be good for rest of us.)

  • The remote repository which holds committed files.

    • The communication to the remote repository uses secure communication protocols such as SSH or HTTPS.

The working tree is files outside of the .git/ directory. Files inside of the .git/ directory hold the index, the local repository data, and some git configuration text files.

Here is an overview of main Git commands.


Berikut adalah tips Git.

Tabel 10.13. Tips Git

Baris perintah Git fungsi
gitk --all see complete Git history and operate on them such as resetting HEAD to another commit, cheery-picking patches, creating tags and branches ...
git stash get the clean working tree without loosing data
git remote -v check settings for remote
git branch -vv check settings for branch
git status show working tree status
git config -l list git settings
git reset --hard HEAD; git clean -x -d -f revert all working tree changes and clean them up completely
git rm --cached namaberkas revert staged index changed by git add filename
git reflog get reference log (useful for recovering commits from the removed branch)
git branch nama_branch_baru HEAD@{6} create a new branch from reflog information
git remote add remote_baru URL add a new_remote remote repository pointed by URL
git remote rename origin upstream rename the remote repository name from origin to upstream
git branch -u upstream/nama_branch set the remote tracking to the remote repository upstream and its branch name branch_name.
git remote set-url origin https://foo/bar.git change URL of origin
git remote set-url --push upstream DISABLED disable push to upstream (Edit .git/config to re-enable)
git checkout -b topic_branch ; git push -u topic_branch origin make a new topic_branch and push it to origin
git branch -m namalama namabaru mengganti nama nama cabang lokal
git push -d origin branch_yang_akan_dihapus remove remote branch (new method)
git push origin :branch_yang_akan_dihapus remove remote branch (old method)
git checkout --orphan unconnected create a new unconnected branch
git fetch upstream foo:upstream-foo create a local (possibly orphan) upstream-foo branch as a copy of foo branch the upstream repository
git rebase -i origin/main reorder/drop/squish commits from origin/main to clean branch history
git reset HEAD^; git commit --amend squash last 2 commits into one
git checkout topic_branch ; git merge --squash topic_branch squash entire topic_branch into a commit
git fetch --unshallow --update-head-ok origin '+refs/heads/*:refs/heads/*' convert a shallow clone to the full clone of all branches
git ime split the last commit into a series of file-by-file smaller commits etc. (imediff package required)
git repack -a -d; git prune repack the local repository into single pack (this may limit chance of lost data recovery from erased branch etc.)

[Awas] Awas

Do not use the tag string with spaces in it even if some tools such as gitk(1) allow you to use it. It may choke some other git commands.

[Perhatian] Perhatian

If a local branch which has been pushed to remote repository is rebased or squashed, pushing this branch has risks and requires --force option. This is usually not an acceptable for main branch but may be acceptable for a topic branch before merging to main branch.

[Perhatian] Perhatian

Invoking a git subcommand directly as "git-xyz" from the command line has been deprecated since early 2006.

[Tip] Tip

If there is a executable file git-foo in the path specified by $PATH, entering "git foo" without hyphen to the command line invokes this git-foo. This is a feature of the git command.

Lihat yang berikut.



[4] A write-once media such as CD/DVD-R can prevent overwrite accidents. (See Bagian 9.8, “Data biner” for how to write to the storage media from the shell commandline. GNOME desktop GUI environment gives you easy access via menu: "Places→CD/DVD Creator".)

[5] Some of these data can not be regenerated by entering the same input string to the system.

[6] If you use "~/.vimrc" instead of "~/.vim/vimrc", please substitute accordingly.