Bug 800607

Summary: system scripts should be scan'ed for bashims, and have 1st line update to bash if used
Product: [openSUSE] openSUSE Tumbleweed Reporter: L. A. Walsh <suse>
Component: BasesystemAssignee: E-mail List <bnc-team-screening>
Status: VERIFIED WONTFIX QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P3 - Medium CC: forgotten_cAXlJ_FoSf
Version: 13.1 Beta 1   
Target Milestone: ---   
Hardware: All   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description L. A. Walsh 2013-01-25 20:00:23 UTC 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/13.6.28

Many system scripts (400) by one user's count have "bashisms" in them.
However, the vast majority of them have #!/bin/sh at the top.

Bash claims that it will operate in Posix conformance mode when it is started
as /bin/sh, which -- doesn't appear to be happening, but, if fixed, or if the user uses another shell as the POSIX shell replacement (/bin/sh), many
scripts may fail unpredictably.

Scripts should be scanned at build time for bashism's, and the top line
updated to reflect that the script requires/expects to be run with #!/bin/bash
if such are included.



Reproducible: Always

Steps to Reproduce:
1. example - cron-job script for logrotate uses PIPE ARRAY variable.
2.
3.
Actual Results:  
Script usage doesn't match top-line listed interpreter

Expected Results:  
expect that top line would indicate it needs bash if the script includes
bashisms.
Comment 1 Forgotten User cAXlJ_FoSf 2013-01-25 20:17:57 UTC 
That already exists as part of rpmlint which runs checkbashisms and dash -n on every script. Automatically changing the shebang is out of question since both are in no way reliable.
Comment 2 L. A. Walsh 2013-01-27 20:09:15 UTC 
From comments on the open-suse list:

From: Bernhard Voelker <mail@bernhard-voelker.de>
Subject: Re: [opensuse] system scripts using BASHism's but invoked as "#!/bin/sh"
References: <5100F40B.8050909@tlinx.org>
In-Reply-To: <5100F40B.8050909@tlinx.org>

Wow, not bad (on a 12.1 system):

  $ find /etc/init.d -maxdepth 1 -mindepth 1 -type f | \
  xargs checkbashisms 2>&1 | wc -l
  400
-----

If a script is being run, it is either not working or being ignored.

I gave an example that doesn't work in a posix compliant shell: one for
logrotate.

I found several others on my system that used '[[':

dhcpd dhcpd6 kbd dictd cifs monit named zfs-fuse

Just now I tried to run a build of "modules-pam".

The build script uses "pushd" -- a bashism which fails under a posix
compliant shell.

Running dash -n doesn't catch bashisms, since [[ and ARRAYS are both illegal
syntax -- nor does it catch those bashims where non-existent bash builtins are called (like pushd).

If you feel this is not an issue, please change /bin/sh -> /bin/dash instead
of /bin/bash, as dash also is attempting to be POSIX compliant, just as bash
is...  You'll find quickly what things don't work. ... like try rebooting your
system then.
Comment 3 Forgotten User cAXlJ_FoSf 2013-01-27 22:23:59 UTC 
(In reply to comment #2)
> If a script is being run, it is either not working or being ignored.

The rpmlint check (http://gitorious.org/opensuse/rpmlint-checks/blobs/master/BashismsCheck.py) only produces a warning, not an error, so it's possible that package maintainers ignore that (I actually tried to have this enforced more strictly but people objected, look in the opensuse packaging archives around 2010 for the discussion).

> I gave an example that doesn't work in a posix compliant shell: one for
> logrotate.

That looks like a bug, so file a report against logrotate or send a submitrequest.

> I found several others on my system that used '[[':
> 
> dhcpd dhcpd6 kbd dictd cifs monit named zfs-fuse

I just wasted my time looking at those, dhcpd, dhcpd6, kbd, and zfs-fuse use #!/bin/bash, cifs and named do not use [[ at all, and there is no dictd package in openSUSE.

> 
> Just now I tried to run a build of "modules-pam".
> 
> The build script uses "pushd" -- a bashism which fails under a posix
> compliant shell.
> 
> Running dash -n doesn't catch bashisms, since [[ and ARRAYS are both illegal
> syntax -- nor does it catch those bashims where non-existent bash builtins are
> called (like pushd).

checkbashisms actually does catch [[, pushd/popd, and arrays, however even with the combination of checkbashisms and dash it isn't possible to programatically catch every bashism with 100% certainty at build time.

> If you feel this is not an issue, please change /bin/sh -> /bin/dash instead
> of /bin/bash, as dash also is attempting to be POSIX compliant, just as bash
> is...  You'll find quickly what things don't work. ... like try rebooting your
> system then.

I'm actually one of the few people who care about this and I wrote the above rpmlint check that scans shellscripts with dash/checkbashisms at buildtime. If you actually find further bashisms then file individual bug reports against the packages.
Comment 4 L. A. Walsh 2013-01-27 23:51:24 UTC 
Then I request that this bug solution be that those scripts
that start with "#!/bin/sh
be run with dash, not bash, as dash is designed to be a minimal 
POSIX implementation.

This is especially the case in rpm-build scripts which
AFAIK (?), are not checked -- if the scripts require.

Simple things like "pushd/popd" are not in "dash" yet I found
in trying to build pam-modules.

Sorry about the rc-list -- that wasn't were I originally ran into this.

As for the fact that rpmlint doesn't make it an error and people refuse
to make it compatible would mean this bug is VALID, but they refuse
to fix it, no?

You can lead a horse to water...