On 02/19/2017 01:02 AM, Chad Joan wrote: > development work. There are no user accounts, just root. I have tried to > avoid putting any personal information on it. If I am on it, then I'm > editing files in /etc or installing system-wide software. I'm realizing > that I might have to change this a bit due to the WIP nature of the > hardened-musl profile: ultimately I *am* doing development work on it, and > that kind of snuck up on me. If I give myself a user account, then > authoring patches with git (and using send-email) becomes somewhat more > practical (putting smtp login information onto the machine still bugs me).
You don't have to store your SMTP passwords; git is smart enough to ask you interactively if you (intentionally) omit the passwords from .gitconfig. But I agree that even storing your SMTP address and username in configs can be a bit hairier than you want on some boxes. > Still, I can't imagine I'm the only person who runs into this kind of thing > and wants to write quick patches on an impersonal machine. There's always the option to float the patches back to a personal machine before posting to the list (yes, it requires more work on your end, but if it serves as a nice manual wall between your internal and external machines, it may well be worth the discipline). > > >> [...] >> >> But nothing requires you to set up a certificate to submit a patch. I'm >> not sure which piece of the documentation got you steered in that >> direction, but gpg signing of patches is only required of maintainers, >> not contributors (or maybe you're hinting at the extra effort required >> to set up gmail as a valid 'git send-email' target, to which I have no >> experience, but which starts to leave the realm of qemu-specific >> instructions into something where it would be better to link to a good >> git setup tutorial, if one exists). >> >> > I think this is just language ambiguity and confirmation bias doing their > thing. Usually when I read "you have to sign this" in an OSS context, I > think of cryptographic signing. I haven't encountered the requirement for > non-cryptographic signing before. Language is arbitrary and we all have > different experiences and backgrounds. Is it sufficient to just give the example of 'git commit -s' being the trick to automatically adding the necessary Signed-off-by: line? (Of course, automating the process like that, without actually reading http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/SubmittingPatches?id=f6f94e2ab1b33f0082ac22d71f66385a60d8157f#n297 to understand what it means and that you actually comply, is risky) > > This is one of the reasons why I suggest a simple example: it would be both > very concise and unambiguous. If there are no signing steps in the example > then you don't even need to spend words telling the reader that > cryptographic signing is unnecessary. It'll be implied. > > Thankfully, this is a separate concern from the 'git send-email' thing. 'git send-email -s' can also add Signed-off-by: lines, if you didn't add them earlier (but only if you use send-email, rather than attachments) :) -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
