Bug 850706 - Change default scriptlet interpreter to /bin/bash
Change default scriptlet interpreter to /bin/bash
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: redhat-rpm-config (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Panu Matilainen
Fedora Extras Quality Assurance
https://fedoraproject.org/wiki/Packag...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-22 03:46 EDT by Petr Pisar
Modified: 2014-10-07 03:24 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-09-06 01:36:57 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Petr Pisar 2012-08-22 03:46:32 EDT
When building a package with scriptlet without specifying an interpreter, default one is bash according to new Fedora packaging guidelines (https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Default_Shell).

However current rpmbuild behavior is to execute and put dependency on /bin/sh and /bin/sh denotes POSIX shell.

Please change rpmbuild to make /bin/bash the default interpreter.
Comment 1 Panu Matilainen 2012-08-22 06:44:59 EDT
And what if you're not building for Fedora but something else? Fedora guidelines dont apply to the entire world.

Rpm has ALWAYS defaulted to /bin/sh aka POSIX shell, and silently changing that is nothing but asking for trouble: bash does behave differently whether invoked as /bin/sh or /bin/bash.

One could always add a build-environment override macro for the default shell interpreter which redhat-rpm-config could set to /bin/bash or whatever, but even that seems like a bad idea to me: scriptlet behavior would then change depending on where it was built.

If you want to be explicit about relying on bash features, then use -p /bin/bash as the scriptlet interpreter, that works everywhere and has no silent side-effects. Anything else is just an assumption, and you know the saying about assumptions...
Comment 2 Petr Pisar 2012-08-22 07:32:07 EDT
Instead of the lengthy rant, you could move it to redhat-rpm-config component yourself. I filed it against rpm, because I was not aware it is possible to override it by external macro files.
Comment 3 Petr Pisar 2012-08-22 07:37:35 EDT
(In reply to comment #1)
> One could always add a build-environment override macro for the default
> shell interpreter which redhat-rpm-config could set to /bin/bash or
> whatever, but even that seems like a bad idea to me: scriptlet behavior
> would then change depending on where it was built.
> 
Have you read linked packaging guidelines? They mandate the scriptlets are bash language now. So in this light, Fedora build system does not comply to the guidelines and any produced package is possibly broken now.

(I also think this was stupid decision, but that's all I can do).
Comment 4 Panu Matilainen 2012-08-22 07:51:54 EDT
(In reply to comment #2)
> Instead of the lengthy rant, you could move it to redhat-rpm-config
> component yourself. I filed it against rpm, because I was not aware it is
> possible to override it by external macro files.

Sorry I wasn't clear: no such override exists. What I meant is that of course support for such a thing technically *could* be added to rpmbuild, which distro config could then override. But like said, that seems like a bad idea to me. Only individual specs are in position to knowingly override such things.

(In reply to comment #3)
> Have you read linked packaging guidelines? They mandate the scriptlets are
> bash language now. So in this light, Fedora build system does not comply to
> the guidelines and any produced package is possibly broken now.

All I see is:
"In Fedora, you can assume that the default shell (/bin/sh) is bash. Thus, all scriptlets can safely assume that if they are running in shell code, they are running within bash."

So packagers are free to *assume* that /bin/sh is bash. And since /bin/sh is explicitly mentioned there, I read it as "Fedora packages can assume /bin/sh is actually bash, invoked as /bin/sh (and the differences in behavior vs invoked as /bin/bash still apply)

> (I also think this was stupid decision, but that's all I can do).

Decisions can be changed and guidelines can be adjusted.
Comment 5 Petr Pisar 2012-08-22 08:35:23 EDT
There are two problems:

(1) Invoking bash as /bin/sh is not the same as invoking /bin/bash. Despite the guidelines tries to persuade us. This is bug in guidelines and they should be fixed.

(2) Assuming the guidelines recommend using bash language without explicit /bin/bash specification, they are not compatible with Fedora rpmbuild. And the whole guidelines statement should be removed (or better replaced with `default is POSIX shell'), or rpmbuild should obey.


I thing it's time for Fedora Packaging Committee: <https://fedorahosted.org/fpc/ticket/184#comment:5>.
Comment 6 Panu Matilainen 2012-08-22 09:07:53 EDT
So we dont really disagree. What I'm objecting to is the proposed change to rpmbuild defaults as that would just shift the issues elsewhere / create new problems.

Perhaps the most constructive thing would be having rpmbuild optionally run scriptlets without explicit interpreter through checkbashisms and change interpreter to /bin/bash if any bashisms are found. Obviously such its just a heuristic but probably better than the alternatives.
Comment 7 Petr Pisar 2012-08-22 09:35:08 EDT
Implementing some heuristics sounds like a sweeping dust under the carpet. Packagers need reliable environment. Having a fuzzy interpret is not a good way. This problem (packages use bashism → let's lie /bin/sh is bash → let's pick interpreter randomly) is like stashing hacks on hacks.

I do not request changing rpmbuild in upstream RPM. I wish this distribution guidelines and tools would be compatible and support themselves to produce solid distribution. I have no problem with defining default interpreter in guidelines or in rpm/redhat-rpm-config. Actually I welcome it. The only problem is they are in conflict now.

I think making the default interpreter configurable using redhat-rpm-config would be the best option: It would comply with guidelines, it would not require editing each spec file, and it would allow other distributions to pick they favorite shell.
Comment 8 Toshio Ernie Kuratomi 2012-09-05 13:31:43 EDT
(In reply to comment #4)
> 
> All I see is:
> "In Fedora, you can assume that the default shell (/bin/sh) is bash. Thus,
> all scriptlets can safely assume that if they are running in shell code,
> they are running within bash."
> 
> So packagers are free to *assume* that /bin/sh is bash. And since /bin/sh is
> explicitly mentioned there, I read it as "Fedora packages can assume /bin/sh
> is actually bash, invoked as /bin/sh (and the differences in behavior vs
> invoked as /bin/bash still apply)
> 
Thanks Panu, I think that's exactly what we mean.
Comment 9 Panu Matilainen 2012-09-06 01:36:57 EDT
Having thought about this (and then almost forgotten...) Any method of having rpm silently force /bin/bash execution would only make things much worse: suddenly the very same scripts would behave differently depending on which system it was built on. Now *that* is broken.

If you want/need to create "portable" packages, limit yourself to POSIX shell capabilities, OR specify an alternative interpreter and write the scripts according to that knowingly selected shell. The Fedora guidelines simply document the de-facto standard within Fedora, giving packagers a blanket permission to close cases like bug 743448 as NOTABUG.
Comment 10 Matthew Miller 2014-10-06 12:55:58 EDT
How about we define it as "/bin/bash --posix" rather than "/bin/sh (defined to be bash"?
Comment 11 Panu Matilainen 2014-10-07 03:24:17 EDT
How about we first define the actual problem that is being solved?

Introducing a Fedora specific quirk/incompatibility to every single package built on Fedora (and future RHEL) just because some 0.5% of Fedora scriptlets use bashishms doesn't seem sensible to me. What exactly is wrong with telling packagers be explicit about what shell dialect they're scripting in?

Note You need to log in before you can comment on or make changes to this bug.