Bug 2203408

With dnf on Fedora, the command recorded in the log via /etc/etckeeper/post-install.d/50vcs-commit shows "/bin/bash" or "-bash", not the dnf command.

Reproducible: Always

Steps to Reproduce:
1. etckeeper init
2. etckeeper commit 'initial commit'
3. dnf install -y zsh
4. cd /etc && git show
Actual Results:  
committing changes in /etc made by "/bin/bash"

Expected Results:  
committing changes in /etc made by "dnf install -y zsh"

On Ubuntu with apt (tested in Ubuntu container), the process tree is a bit different. When I added "sleep 10" to /etc/etckeeper/post-install.d/50vcs-commit to be able to capture the situation with "ps f" in another terminal, on Fedora I get

    PID TTY      STAT   TIME COMMAND
     13 pts/1    Ss     0:00 bash
   2355 pts/1    R+     0:00  \_ ps f
      1 pts/0    Ss     0:00 /bin/bash
   2305 pts/0    S+     0:00 /usr/bin/python3 /usr/bin/dnf install -y zsh
   2340 pts/0    S+     0:00  \_ /usr/bin/sh /usr/bin/etckeeper post-install
   2344 pts/0    S+     0:00      \_ /usr/bin/sh /etc/etckeeper/post-install.d/50vcs-commit
   2354 pts/0    S+     0:00          \_ sleep 10

while on Ubuntu

    PID TTY      STAT   TIME COMMAND
   4571 pts/1    Ss     0:00 bash
   5945 pts/1    R+     0:00  \_ ps f
      1 pts/0    Ss     0:00 /bin/bash
   5822 pts/0    S+     0:00 apt install -y zsh
   5927 pts/0    S+     0:00  \_ apt install -y zsh
   5928 pts/0    S+     0:00      \_ sh -c if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; f
   5929 pts/0    S+     0:00          \_ /bin/sh /usr/bin/etckeeper post-install
   5934 pts/0    S+     0:00              \_ /bin/sh /etc/etckeeper/post-install.d/50vcs-commit
   5944 pts/0    S+     0:00                  \_ sleep 10

Note that the comment in /etc/etckeeper/post-install.d/50vcs-commit

# Parent process is etckeeper
# (Only procps ps is currently supported, others will fail,
# so this may end up empty.)
ETCKEEPER_PID=$( ps --no-headers -o ppid "${PPID}" 2>/dev/null | sed 's/^ *//' )

# Find the parent of etckeeper and get the command line of the process
if ! [ -z "${ETCKEEPER_PID}" ]; then
        ETCKEEPER_PPID=$( ps --no-headers -o ppid "${ETCKEEPER_PID}" | sed 's/^ *//' )
        ETCKEEPER_PARENT_COMMAND_LINE=$( ps --no-headers -o args "${ETCKEEPER_PPID}" )
fi

says "Parent process is etckeeper" but it then captures in ETCKEEPER_PID the grandparent's pid with with that -o ppid "${PPID}", rather than parent (that would be -o ppid "$$"). That (changing that ${PPID} to $$ would incidently be a quict fix on Fedora ... but it works upon the assumption that the calling package manager would not add similar shell layer like apt does.

So maybe a more flexible approach would be to search the first three (?) parents of the parent, and use the one that does not have "etckeeper" string in the command line?