1

I wrote a ansible role to automate installing etckeeper.

I discover that git will complain if I haven't configured user.email. In some circumstances, git commits will fail. This includes automatic commits to etckeeper when installing a package, potentially causing the install to fail. So I have to add a task for that, like everyone else does :).

The frustrating thing is that in some circumstances, it seemed to work ok. And it doesn't seem to be a problem when using etckeeper manually. user.email is never mentioned in the tutorial.

Is it actually necessary to set user.email in the Ansible role? If so... there must be some deliberate reason(s) causing this. Some explanation, which I could put into a comment in the role, or which would justify a patch to etckeeper or git?

sourcejedi
  • 48,311
  • 17
  • 143
  • 296

1 Answers1

4

UPDATE: should be fixed in the next release (1.18.8).

https://etckeeper.branchable.com/todo/requires___96__user.email__96___be_set_under_undocumented_circumstances/

After hitting this a couple of times, I felt I needed to look at the source code.

  1. git absolutely requires an "email address" for its commits. Without one, it will refuse to make a commit.
  2. git will "autodetect" an email, if the system hostname can be resolved to a Fully Qualified Domain Name. (You must have at least one . to qualify :). Or, if /etc/mailname exists, it uses that by preference, without checking for .s.
  3. etckeeper tries to pass an email address to git, constructed from a username and the system hostname. git will accept such explicitly-specified emails, even if the host part is not an FQDN. If sudo is used, etckeeper uses SUDO_USER from the environment. In case su is used, there is nothing in the environment, and so etckeeper reads the user from the owner of the tty.

So git commit and etckeeper vcs commit failed, when I hadn't set user.email, AND my hostname did not resolve to an FQDN.

etckeeper commit works in some situations that git commit doesn't. I believe I got confused between these two when I was testing before (among other things).

If you run etckeeper from sudo, it won't fail. If you run it from su, it won't fail. It won't fail either if you log in as root and run it; it will find a tty which is owned by root, and pass an email of root@HOSTNAME.

etckeeper commit will fail if and only if

  1. user.email is not set in git, AND
  2. the system hostname cannot be resolved to an FQDN, AND
  3. /etc/mailname does not exist (it is created by the Debian exim packages?) AND
  4. etckeeper is not run from sudo AND
  5. etckeeper is not run from a tty

Finally, testing indicated that commands run under ansible are never run from a tty. (Even when using an ssh connection and sudo with a password, where ansible is described as needing to use a pseudo-tty).

sourcejedi
  • 48,311
  • 17
  • 143
  • 296