[Bug 1195391] New: identify and declare bash dependencies explicitly
https://bugzilla.suse.com/show_bug.cgi?id=1195391 Bug ID: 1195391 Summary: identify and declare bash dependencies explicitly Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs@suse.de Reporter: dmueller@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- There is a lot of fear that the openSUSE and SUSE distributions are, due to historic reason alone always assuming that /bin/sh is a symlink to bash, so that scripts executed with /bin/sh are actually only executable with bash. in order to explore that dependency, we need to figure out how many scripts actually use bash specifics when being invoked for /bin/sh and then fix these to declare the bash dependency if they have it. this bug is a tracker issue for fixes related to that. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 Dirk Mueller <dmueller@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS Assignee|screening-team-bugs@suse.de |dmueller@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c5 --- Comment #5 from Stefan Dirsch <sndirsch@suse.com> --- Is there a good reference about the differences between bourne shell and bash you could provide? How can I test changes easily? Do we have some small shell being compatible to bourne shell but not compatible to bash, which would be recommended for testing? Apparently using "#!/bin/sh" doesn't do the job. What is the motivation for this? Do we plan to switch to a different shell (maybe for only some products) or do we want to be prepared for such a change - just in case? Thanks! -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c6 --- Comment #6 from Stefan Dirsch <sndirsch@suse.com> --- By accident I found this: https://build.opensuse.org/package/rdiff/openSUSE:Factory/dash?linkrev=base&rev=28 So testing with dash would be the way to go here. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c7 --- Comment #7 from Dirk Mueller <dmueller@suse.com> --- (In reply to Stefan Dirsch from comment #5)
Is there a good reference about the differences between bourne shell and bash you could provide?
not really, I typically test with "dash" and use "checkbashisms" (packaged in factory and others) for clues on what goes wrong.
How can I test changes easily? Do we have some small shell being compatible to bourne shell but not compatible to bash, which would be recommended for testing? Apparently using "#!/bin/sh" doesn't do the job.
simply install "dash" and run the script with "dash" for local verification. (or busybox-sh if you want, which is the actual target)
What is the motivation for this? Do we plan to switch to a different shell (maybe for only some products) or do we want to be prepared for such a change - just in case?
For now its a correctness problem, but there's a project where we need a very minimal system, so busybox-sh will be /bin/sh (and there won't be a bin/bash). for openSUSE nothing is planned as far as I can say. while dash is faster in startup (and I happen to like the package maintainer), I am not planning to push it as default shell. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c8 --- Comment #8 from Dirk Mueller <dmueller@suse.com> --- (In reply to Stefan Dirsch from comment #6)
So testing with dash would be the way to go here.
Thats what I'm doing. if you want to join the effort, there are a smallish handful of graphics and xorg related packages that fail :) my playground is https://build.opensuse.org/project/show/home:dirkmueller:branches:openSUSE:F... but beware, it might also contain random other breakages, as I use this for anything that I'm experimenting with. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 Stefan Dirsch <sndirsch@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sndirsch@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 Dan ��erm��k <dcermak@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcermak@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c10 --- Comment #10 from Dirk Mueller <dmueller@suse.com> --- (In reply to Stanislav Brabec from comment #9)
But maybe it is supported in all shells that can provide /bin/sh.
Its fine to depend on bash for now, don't worry about it. if it becomes a problem we can look at making the script posix sh compatible.
Is there any document, which shell features can be used with #!/bin/sh?
Well, the answer is the POSIX:2008 or SUS specification ;) I find https://mywiki.wooledge.org/Bashism a good reference as well as the "checkbashism" utility. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 Stefan Dirsch <sndirsch@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC|sndirsch@suse.com | -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c20 --- Comment #20 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2022:3153-1: An update that solves one vulnerability and has one errata is now available. Category: security (important) Bug References: 1194633,1195391 CVE References: CVE-2021-44648 JIRA References: Sources used: openSUSE Leap 15.4 (src): gdk-pixbuf-2.42.9-150400.5.6.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): gdk-pixbuf-2.42.9-150400.5.6.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c22 --- Comment #22 from Swamp Workflow Management <swamp@suse.de> --- SUSE-RU-2022:3388-1: An update that has 6 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1191036,1194319,1195391,1202100,1202101,1202826 CVE References: JIRA References: Sources used: openSUSE Leap 15.4 (src): google-guest-agent-20220713.00-150000.1.29.1, google-guest-oslogin-20220721.00-150000.1.30.1, google-osconfig-agent-20220801.00-150000.1.22.1 openSUSE Leap 15.3 (src): google-guest-agent-20220713.00-150000.1.29.1, google-guest-oslogin-20220721.00-150000.1.30.1, google-osconfig-agent-20220801.00-150000.1.22.1 SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src): google-guest-agent-20220713.00-150000.1.29.1, google-guest-oslogin-20220721.00-150000.1.30.1 SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src): google-guest-agent-20220713.00-150000.1.29.1, google-guest-oslogin-20220721.00-150000.1.30.1, google-osconfig-agent-20220801.00-150000.1.22.1 SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src): google-guest-agent-20220713.00-150000.1.29.1, google-guest-oslogin-20220721.00-150000.1.30.1, google-osconfig-agent-20220801.00-150000.1.22.1 SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src): google-guest-agent-20220713.00-150000.1.29.1, google-guest-oslogin-20220721.00-150000.1.30.1, google-osconfig-agent-20220801.00-150000.1.22.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c25 --- Comment #25 from Swamp Workflow Management <swamp@suse.de> --- SUSE-RU-2022:4268-1: An update that has one recommended fix and contains one feature can now be installed. Category: recommended (moderate) Bug References: 1195391 CVE References: JIRA References: SLE-24655 Sources used: SUSE Linux Enterprise Module for Containers 15-SP4 (src): kubernetes1.23-1.23.9-150300.7.3.5 SUSE Linux Enterprise Module for Containers 15-SP3 (src): kubernetes1.23-1.23.9-150300.7.3.5 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c27 --- Comment #27 from Swamp Workflow Management <swamp@suse.de> --- SUSE-RU-2023:0051-1: An update that has four recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1195391,1200107,1203092,1204423 CVE References: JIRA References: Sources used: openSUSE Leap Micro 5.3 (src): suse-module-tools-15.4.15-150400.3.5.1 openSUSE Leap 15.4 (src): suse-module-tools-15.4.15-150400.3.5.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): suse-module-tools-15.4.15-150400.3.5.1 SUSE Linux Enterprise Micro 5.3 (src): suse-module-tools-15.4.15-150400.3.5.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c32 --- Comment #32 from Maintenance Automation <maint-coord+maintenance-robot@suse.de> --- SUSE-SU-2023:0603-1: An update that solves two vulnerabilities and has four fixes can now be installed. Category: security (important) Bug References: 1191468, 1195391, 1195838, 1202100, 1202101, 1208723 CVE References: CVE-2021-38297, CVE-2022-23806 Sources used: Public Cloud Module 12 (src): google-guest-agent-20230221.00-1.29.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c33 --- Comment #33 from Maintenance Automation <maint-coord+maintenance-robot@suse.de> --- SUSE-SU-2023:0601-1: An update that solves two vulnerabilities and has six fixes can now be installed. Category: security (important) Bug References: 1191468, 1194319, 1195391, 1195838, 1202100, 1202101, 1202826, 1208723 CVE References: CVE-2021-38297, CVE-2022-23806 Sources used: Public Cloud Module 12 (src): google-osconfig-agent-20230222.00-1.20.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c34 --- Comment #34 from Maintenance Automation <maint-coord+maintenance-robot@suse.de> --- SUSE-SU-2023:0600-1: An update that solves two vulnerabilities and has two fixes can now be installed. Category: security (important) Bug References: 1191468, 1195391, 1195838, 1208723 CVE References: CVE-2021-38297, CVE-2022-23806 Sources used: openSUSE Leap 15.4 (src): google-guest-agent-20230221.00-150000.1.34.1 Public Cloud Module 15-SP1 (src): google-guest-agent-20230221.00-150000.1.34.1 Public Cloud Module 15-SP2 (src): google-guest-agent-20230221.00-150000.1.34.1 Public Cloud Module 15-SP3 (src): google-guest-agent-20230221.00-150000.1.34.1 Public Cloud Module 15-SP4 (src): google-guest-agent-20230221.00-150000.1.34.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c38 --- Comment #38 from Maintenance Automation <maint-coord+maintenance-robot@suse.de> --- SUSE-FU-2023:1706-1: An update that contains two features and has four feature fixes can now be installed. Category: feature (important) Bug References: 1195391, 1207053, 1207784, 1208751 Jira References: PED-2803, PED-3000 Sources used: openSUSE Leap 15.4 (src): spack-0.19.1-150400.12.5.3 HPC Module 15-SP4 (src): spack-0.19.1-150400.12.5.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1195391 https://bugzilla.suse.com/show_bug.cgi?id=1195391#c39 --- Comment #39 from Maintenance Automation <maint-coord+maintenance-robot@suse.de> --- SUSE-FU-2023:1705-1: An update that contains four features and has five feature fixes can now be installed. Category: feature (important) Bug References: 1195391, 1198212, 1207053, 1207784, 1208751 Jira References: PED-2803, PED-3000, SLE-22679, SLE-22684 Sources used: SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): clingo-5.5.0-150300.7.6.6, spack-0.19.1-150300.5.16.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): clingo-5.5.0-150300.7.6.6, spack-0.19.1-150300.5.16.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com