Ever got annoyed how you get "root" as author in your etckeeper commits made through sudo? I do. The problem does not exist with
etckeeper commit, but the etckeeper interface doesn't allow for committing only a subset of the changes (which is one of many Git super-useful features). So I want to use
git commit. But it records myself as root.
The problem is that sudo makes us essentially root. One could argue that well, it's the point! Indeed it is, though here we want to get root's rights, yet still be ourselves. There are various possible solutions to this, and here are some:
sudo -E. This tells sudo not to reset any of the environment variables, which keeps among other things $HOME, in which Git will find your .gitconfig. This is easy, but it's a nuclear option with a nuclear cloud coming back your way: you lose all security advantages of sudo's environment cleanup.
2) if you're the only one on the machine, you can set
user.email in the /etc repository. But if you're gonna do this, it's arguable how useful it is to know who committed, as it'll still always be the same person, just not root.
3) manually pass
git commit. This is annoying, though.
4) set GIT_AUTHOR_NAME/GIT_AUTHOR_EMAIL/GIT_COMMITTER_NAME/GIT_COMMITTER_EMAIL variables in your environment (.profile, .bashrc, wherever you get them the way you want), and list them in sudo's env_keep configuration setting. This mostly just Does What You Want™ -- but beware! these environment variables take precedence over Git's configuration, so it will apply whenever you use Git, not only in /etc, and regardless of your user.name and user.email settings.
You can pick whichever solution you like the best (or find another one). A clever user could even write a script or shell function to wrap the git call to set the author info when appropriate (either a full wrapper being "smart", or a special named one for use when committing in /etc).
Bonus, because I'm so kind, here's a script that picks the values from the .gitconfig of the user that called sudo, and runs git with whichever argument you gave it:
# set to the git executable
# if running under sudo, try and use the caller's git config
if [ -n "$SUDO_USER" ]; then
if [ -z "$GIT_CONFIG" ]; then
sudo_user_home=$(getent passwd "$SUDO_USER" | cut -d: -f6)
[ -n "$sudo_user_home" ] && GIT_CONFIG="$sudo_user_home/.gitconfig"
[ -n "$GIT_CONFIG" -a -f "$GIT_CONFIG" ] && export GIT_CONFIG
[ -z "$GIT_AUTHOR_NAME" ] && GIT_AUTHOR_NAME=$("$GIT" config user.name)
[ -z "$GIT_AUTHOR_EMAIL" ] && GIT_AUTHOR_EMAIL=$("$GIT" config user.email)
[ -n "$GIT_AUTHOR_NAME" ] && export GIT_AUTHOR_NAME
[ -n "$GIT_AUTHOR_EMAIL" ] && export GIT_AUTHOR_EMAIL
exec "$GIT" "$@"
Can be put in e.g. /usr/local/sbin/etcgit or something similar and called instead of
git. Or it could be used as a drop-in replacement for
git itself (just set GIT to the absolute path to the real git so the script doesn't call itself recursively).
Of course, the script has to be in the PATH sudo uses (~/bin is not).