diff --git a/bin/_blackbox_common.sh b/bin/_blackbox_common.sh
index d466936..f9c8276 100755
--- a/bin/_blackbox_common.sh
+++ b/bin/_blackbox_common.sh
@@ -27,7 +27,7 @@ function _determine_vcs_base_and_type() {
     #find topmost dir with .svn sub-dir
     parent=""
     grandparent="."
-    mydir=$(pwd)
+    mydir="$(pwd)"
     while [ -d "$grandparent/.svn" ]; do
       parent=$grandparent
       grandparent="$parent/.."
@@ -35,7 +35,7 @@ function _determine_vcs_base_and_type() {
 
     if [ ! -z "$parent" ]; then
       cd "$parent"
-      echo "$(pwd)"
+      pwd
     else
       exit 1
     fi
@@ -256,6 +256,15 @@ function enumerate_subdirs() {
   done <"$listfile" | sort -u
 }
 
+# chdir to the base of the repo.
+function change_to_vcs_root() {
+  if [[ $REPOBASE = '' ]]; then
+    echo 'ERROR: _determine_vcs_base_and_type failed to set REPOBASE.'
+    exit 1
+  fi
+  cd "$REPOBASE"
+}
+
 # Output the path of a file relative to the repo base
 function vcs_relative_path() {
   # Usage: vcs_relative_path file
@@ -378,7 +387,6 @@ function vcs_commit_svn() {
 }
 
 
-
 # Remove file from repo, even if it was deleted locally already.
 # If it doesn't exist yet in the repo, it should be a no-op.
 function vcs_remove() {
@@ -396,17 +404,3 @@ function vcs_remove_git() {
 function vcs_remove_svn() {
   svn delete """$@"""
 }
-
-function change_to_root() {
-    # If BASEDIR is not set, use REPOBASE.
-    if [[ "$BASEDIR" = "" ]]; then
-      BASEDIR="$REPOBASE"
-    fi
-
-    if [[ "$BASEDIR" = "/dev/null" ]]; then
-      echo 'WARNING: Not in a VCS repo.  Not changing directory.'
-    else
-      echo "CDing to $BASEDIR"
-      cd "$BASEDIR"
-    fi
-}
diff --git a/bin/blackbox_initialize b/bin/blackbox_initialize
index c08b78b..a660e17 100755
--- a/bin/blackbox_initialize
+++ b/bin/blackbox_initialize
@@ -22,15 +22,14 @@ if [[ $1 != 'yes' ]]; then
   fi
 fi
 
-echo cd "$REPOBASE"
-cd "$REPOBASE"
+change_to_vcs_root
 
 echo VCS_TYPE: $VCS_TYPE
 
 if [[ $VCS_TYPE = "git" || $VCS_TYPE = "hg" ]]; then
   # Update .gitignore or .hgignore
 
-  IGNOREFILE=".${VCS_TYPE}ignore"
+  IGNOREFILE="${REPOBASE}/.${VCS_TYPE}ignore"
   if ! grep -sx >/dev/null 'pubring.gpg~' "$IGNOREFILE" ; then
     echo 'pubring.gpg~' >>"$IGNOREFILE"
   fi
diff --git a/bin/blackbox_postdeploy b/bin/blackbox_postdeploy
index 9c19171..df608e7 100755
--- a/bin/blackbox_postdeploy
+++ b/bin/blackbox_postdeploy
@@ -23,7 +23,7 @@ else
   FILE_GROUP="$1"
 fi
 
-change_to_root
+change_to_vcs_root
 prepare_keychain
 
 # Decrypt:
diff --git a/bin/blackbox_register_new_file b/bin/blackbox_register_new_file
index 1c7e70b..22acf65 100755
--- a/bin/blackbox_register_new_file
+++ b/bin/blackbox_register_new_file
@@ -50,9 +50,11 @@ fi
 
 # TODO(tlim): This should be moved to _blackbox_common.sh in a
 # VCS-independent way.
-IGNOREFILE=".${VCS_TYPE}ignore"
+IGNOREFILE="${REPOBASE}/.${VCS_TYPE}ignore"
 if [[ $VCS_TYPE = 'git' ]]; then
-  ignored_file="$(echo "$unencrypted_file" |  sed 's/\([\*\?]\)/\\\1/g' | sed 's/^\([!#]\)/\\\1/')"
+  relfile="$(vcs_relative_path "$unencrypted_file")"
+  relfileb="${relfile/\$\//}"
+  ignored_file="$(echo "${relfileb}" |  sed 's/\([\*\?]\)/\\\1/g' | sed 's/^\([!#]\)/\\\1/')"
   if ! grep -Fsx >/dev/null "$ignored_file" "$IGNOREFILE"; then
     echo "$ignored_file" >>"$IGNOREFILE"
     COMMIT_FILES+=("$IGNOREFILE")
diff --git a/bin/blackbox_shred_all_files b/bin/blackbox_shred_all_files
index 3509cc0..8825319 100755
--- a/bin/blackbox_shred_all_files
+++ b/bin/blackbox_shred_all_files
@@ -19,7 +19,7 @@ set -e
 blackbox_home=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
 source "${blackbox_home}/_blackbox_common.sh"
 
-change_to_root
+change_to_vcs_root
 
 echo '========== FILES BEING SHREDDED:'
 for i in $(<"$BB_FILES") ; do
diff --git a/tools/confidence_test.sh b/tools/confidence_test.sh
index 7117103..7f3b94e 100755
--- a/tools/confidence_test.sh
+++ b/tools/confidence_test.sh
@@ -214,6 +214,7 @@ PHASE 'She enrolls secrets.txt.'
 blackbox_register_new_file secret.txt
 assert_file_missing secret.txt
 assert_file_exists secret.txt.gpg
+assert_line_exists 'secret.txt' .gitignore
 
 PHASE 'She decrypts secrets.txt.'
 blackbox_edit_start secret.txt
@@ -297,6 +298,7 @@ blackbox_register_new_file mistake.txt
 assert_file_missing mistake.txt
 assert_file_exists mistake.txt.gpg
 # NOTE: It is still in the history. That should be corrected someday.
+assert_line_exists 'mistake.txt' .gitignore
 
 PHASE 'Bob enrolls my/path/to/relsecrets.txt.'
 mkdir my my/path my/path/to
@@ -305,6 +307,9 @@ cd my/path/to
 blackbox_register_new_file relsecrets.txt
 assert_file_missing relsecrets.txt
 assert_file_exists relsecrets.txt.gpg
+assert_file_missing .gitignore
+assert_file_exists ../../../.gitignore
+assert_line_exists 'my/path/to/relsecrets.txt' ../../../.gitignore
 
 PHASE 'Bob decrypts relsecrets.txt.'
 cd ..
@@ -355,5 +360,5 @@ fi
 
 find .git?* * -type f -ls
 echo cd "$test_repository"
-echo rm "$test_repository"
+echo rm -rf "$test_repository"
 echo DONE.