It would be nice to keep track of FACLs of the files in /etc. I believe this is rather easy to do, and have added scripts to init.d
and pre-commit.d
that restore and store ACLs, respectively. Please consider pulling the changes from https://codeberg.org/tdussa/etckeeper (only the latest commit is relevant: https://codeberg.org/tdussa/etckeeper/commit/220cac62d7830cf15f923bfc466642b1ff8326f4).