FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 04-04-2011, 05:16 PM
Steve Langasek
 
Default Moving bash from essential/required to important?

On Mon, Apr 04, 2011 at 06:04:20PM +0200, Luk Claes wrote:

> bash is not the default system shell anymore. It's now only the default
> user shell. As such it is not required for a sysadmin to boot and
> install software. Besides that some users would like to get rid of bash
> in their environment which is obviously not easily done atm.

> The most obvious reason to not degrade bash to Priority: important is
> obviously that one needs to declare a dependency on bash when it's used
> in a package. Which means quite some packages will need to be changed.

> What do others think of moving bash to important (required and important
> are part of the base system)?

I think we should avoid doing this for quite a different reason from the
other responders.

Consider that 'base-passwd' and 'login' are also part of the essential set.
Why? Because being able to log in as root is part of the "minimal set of
functionality that must be available and usable on the system at all times".

So if we drop bash from essential, how do we guarantee that root can log in?
Do we set root's default shell to /bin/sh instead? I don't think anyone
would be happy with that except those people who already change it to zsh
anyway. :-)

If login worked consistently in the face of the configured shell going
missing (automatically falling back to /bin/sh for root), then I think it
would be worthwhile to do the work necessary to remove bash from the
essential set. But until then, the primary purpose of Essential, to me, is
the "minimal set guaranteed to be usable" aspect, not the "you don't have to
depend on it" aspect.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
 
Old 04-04-2011, 05:59 PM
Clint Adams
 
Default Moving bash from essential/required to important?

On Mon, Apr 04, 2011 at 06:04:20PM +0200, Luk Claes wrote:
> What do others think of moving bash to important (required and important
> are part of the base system)?

I think that this is a great idea.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110404175951.GA31181@scru.org">http://lists.debian.org/20110404175951.GA31181@scru.org
 
Old 04-04-2011, 06:43 PM
Roger Leigh
 
Default Moving bash from essential/required to important?

On Mon, Apr 04, 2011 at 05:59:51PM +0000, Clint Adams wrote:
> On Mon, Apr 04, 2011 at 06:04:20PM +0200, Luk Claes wrote:
> > What do others think of moving bash to important (required and important
> > are part of the base system)?
>
> I think that this is a great idea.

Likewise.

Regarding the root shell issue, I wouldn't have an issue with it
being /bin/sh. The admin is always free to chsh it to the shell
of their choice.

[Slightly related: it would be nice if d-i could default to
password-free locked root account for wheezy, i.e. sudo by default,
which would partly mitigate the issue by not requiring the use of a
root shell for most uses of the root account.]

However, there have got to be hundreds of packages using bash
without a dependency. Do we have any information on the
affected packages (i.e. all those with a #!/bin/bash shebang in any
provided executable scripts)?


Regards,
Roger

--
.'`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
 
Old 04-04-2011, 07:32 PM
Lars Wirzenius
 
Default Moving bash from essential/required to important?

On ma, 2011-04-04 at 19:43 +0100, Roger Leigh wrote:
> Regarding the root shell issue, I wouldn't have an issue with it
> being /bin/sh. The admin is always free to chsh it to the shell
> of their choice.

We could even have d-i set the root shell to bash if it installs bash.
Or have bash do it always, even, if root's shell is /bin/sh.

> [Slightly related: it would be nice if d-i could default to
> password-free locked root account for wheezy, i.e. sudo by default,
> which would partly mitigate the issue by not requiring the use of a
> root shell for most uses of the root account.]

+1

> However, there have got to be hundreds of packages using bash
> without a dependency. Do we have any information on the
> affected packages (i.e. all those with a #!/bin/bash shebang in any
> provided executable scripts)?

I happened to have access to a idle-ish fastish machine with a fresh-ish
Debian mirror, so I wrote a script to unpack all binaries (for sid/main
amd64), and then another script to grep for bash scripts (actually a
pair of scripts). With these scripts, I got a list of files that start
with #!/bin/bash. There are 1783 files in the list, in 543 packages.

The list is 128 kilobytes long, so I don't attach it. I've put it on the
web at http://files.liw.fi/temp/bash.list for anyone who wants a look. I
have attached the scripts to make it easier for others to re-run them if
they wish.

Changing 543 packages to add a bash dependency does sound like a lot,
but it should be doable.

* We can add a lintian warning, which helps catch such things in
the future.
* We can perhaps change debhelper to automatically add the
dependency, if it is missing. Since most packages use debhelper,
this might transition most of the packages automatically.
* Or we might do a more traditional transition, with an MBF now,
and a targeted NMU campaign in six months, for any packages that
still remain.

I think this would be a nice thing to do, especially from the point of
view of embedded systems, and other systems with no interactive use, but
limited resources.

--
Blog/wiki/website hosting with ikiwiki (free for free software):
http://www.branchable.com/
 
Old 04-04-2011, 08:42 PM
Steve Langasek
 
Default Moving bash from essential/required to important?

On Mon, Apr 04, 2011 at 08:32:50PM +0100, Lars Wirzenius wrote:
> On ma, 2011-04-04 at 19:43 +0100, Roger Leigh wrote:
> > Regarding the root shell issue, I wouldn't have an issue with it
> > being /bin/sh. The admin is always free to chsh it to the shell
> > of their choice.

> We could even have d-i set the root shell to bash if it installs bash.
> Or have bash do it always, even, if root's shell is /bin/sh.

This doesn't address the problem that the package manager will no longer be
treating bash as Essential, with the result that root's login shell may be
rendered unusable at some point during an upgrade. It also removes the
requirement that the bash maintainer ensure the package is usable when
unpacked but not yet configured. How do we mitigate this? The latter could
be mitigated by calling out the requirement separately in Policy, but what
about the former?

Users who have made a conscious decision to use a different shell as their
root shell (such as zsh) may have accepted this incremental increase in
risk, but I'm not convinced that we want to do this for all users by default
(if bash is still Priority: required, it will be installed by default, so
all users will be affected unless they opt out).

And if /bin/sh is going to be dash (which I think is what we want), I
wouldn't like to inflict that on anyone as the default root login shell.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
 
Old 04-04-2011, 08:55 PM
Luk Claes
 
Default Moving bash from essential/required to important?

On 04/04/2011 09:32 PM, Lars Wirzenius wrote:
> On ma, 2011-04-04 at 19:43 +0100, Roger Leigh wrote:

>> However, there have got to be hundreds of packages using bash
>> without a dependency. Do we have any information on the
>> affected packages (i.e. all those with a #!/bin/bash shebang in any
>> provided executable scripts)?
>
> I happened to have access to a idle-ish fastish machine with a fresh-ish
> Debian mirror, so I wrote a script to unpack all binaries (for sid/main
> amd64), and then another script to grep for bash scripts (actually a
> pair of scripts). With these scripts, I got a list of files that start
> with #!/bin/bash. There are 1783 files in the list, in 543 packages.

Does this include the instances of maintainer scripts (postinst etc)? I
guess it will be even more.

Cheers

Luk


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4D9A3024.9040400@debian.org">http://lists.debian.org/4D9A3024.9040400@debian.org
 
Old 04-04-2011, 09:00 PM
Luk Claes
 
Default Moving bash from essential/required to important?

On 04/04/2011 10:42 PM, Steve Langasek wrote:
> On Mon, Apr 04, 2011 at 08:32:50PM +0100, Lars Wirzenius wrote:
>> On ma, 2011-04-04 at 19:43 +0100, Roger Leigh wrote:
>>> Regarding the root shell issue, I wouldn't have an issue with it
>>> being /bin/sh. The admin is always free to chsh it to the shell
>>> of their choice.
>
>> We could even have d-i set the root shell to bash if it installs bash.
>> Or have bash do it always, even, if root's shell is /bin/sh.
>
> This doesn't address the problem that the package manager will no longer be
> treating bash as Essential, with the result that root's login shell may be
> rendered unusable at some point during an upgrade. It also removes the
> requirement that the bash maintainer ensure the package is usable when
> unpacked but not yet configured. How do we mitigate this? The latter could
> be mitigated by calling out the requirement separately in Policy, but what
> about the former?

What about Roger's suggestion to have the root account passwordless and
locked with sudo access? Are there other drawbacks to that proposal (is
booting in single user mode covered for instance?)?

> Users who have made a conscious decision to use a different shell as their
> root shell (such as zsh) may have accepted this incremental increase in
> risk, but I'm not convinced that we want to do this for all users by default
> (if bash is still Priority: required, it will be installed by default, so
> all users will be affected unless they opt out).

I guess this is not so much an issue anymore when the account is locked?

> And if /bin/sh is going to be dash (which I think is what we want), I
> wouldn't like to inflict that on anyone as the default root login shell.

In single user mode this would still be the case I guess? Though that
would not have a big impact anymore I guess?

Cheers

Luk


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4D9A3175.1030302@debian.org">http://lists.debian.org/4D9A3175.1030302@debian.org
 
Old 04-04-2011, 09:25 PM
Steve Langasek
 
Default Moving bash from essential/required to important?

On Mon, Apr 04, 2011 at 11:00:37PM +0200, Luk Claes wrote:
> On 04/04/2011 10:42 PM, Steve Langasek wrote:
> > On Mon, Apr 04, 2011 at 08:32:50PM +0100, Lars Wirzenius wrote:
> >> On ma, 2011-04-04 at 19:43 +0100, Roger Leigh wrote:
> >>> Regarding the root shell issue, I wouldn't have an issue with it
> >>> being /bin/sh. The admin is always free to chsh it to the shell
> >>> of their choice.

> >> We could even have d-i set the root shell to bash if it installs bash.
> >> Or have bash do it always, even, if root's shell is /bin/sh.

> > This doesn't address the problem that the package manager will no longer be
> > treating bash as Essential, with the result that root's login shell may be
> > rendered unusable at some point during an upgrade. It also removes the
> > requirement that the bash maintainer ensure the package is usable when
> > unpacked but not yet configured. How do we mitigate this? The latter could
> > be mitigated by calling out the requirement separately in Policy, but what
> > about the former?

> What about Roger's suggestion to have the root account passwordless and
> locked with sudo access? Are there other drawbacks to that proposal (is
> booting in single user mode covered for instance?)?

How does that address the problem of getting a root shell to recover a
system that's gone south in the middle of an upgrade? Do you intend to have
a *user* account with sudo privileges that has /bin/sh as a default login
shell?

> > Users who have made a conscious decision to use a different shell as their
> > root shell (such as zsh) may have accepted this incremental increase in
> > risk, but I'm not convinced that we want to do this for all users by default
> > (if bash is still Priority: required, it will be installed by default, so
> > all users will be affected unless they opt out).

> I guess this is not so much an issue anymore when the account is locked?

> > And if /bin/sh is going to be dash (which I think is what we want), I
> > wouldn't like to inflict that on anyone as the default root login shell.

> In single user mode this would still be the case I guess? Though that
> would not have a big impact anymore I guess?

Essential is all about the corner cases. One of those corner cases is that
you've lost power in the middle of an upgrade and everything above the
Essential set has been left in an inconsistent and unusable state. This
rarely happens, but the Policy definition of Essential is our guarantee that
when Murphy *does* have his way with your system, you don't need to resort
to rescue media to recover it provided you have access to the console.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
 
Old 04-04-2011, 11:49 PM
Guillem Jover
 
Default Moving bash from essential/required to important?

Package: login
Version: 1:4.1.4.2+svn3283-3
Severity: wishlist
Tags: patch

Hi!

On Mon, 2011-04-04 at 10:16:35 -0700, Steve Langasek wrote:
> On Mon, Apr 04, 2011 at 06:04:20PM +0200, Luk Claes wrote:
> > What do others think of moving bash to important (required and important
> > are part of the base system)?

I also think this would be great!

> Consider that 'base-passwd' and 'login' are also part of the essential set.
> Why? Because being able to log in as root is part of the "minimal set of
> functionality that must be available and usable on the system at all times".
>
> So if we drop bash from essential, how do we guarantee that root can log in?
> Do we set root's default shell to /bin/sh instead? I don't think anyone
> would be happy with that except those people who already change it to zsh
> anyway. :-)

Well, we can always fix login to behave more robustly, no?

> If login worked consistently in the face of the configured shell going
> missing (automatically falling back to /bin/sh for root), then I think it
> would be worthwhile to do the work necessary to remove bash from the
> essential set. But until then, the primary purpose of Essential, to me, is
> the "minimal set guaranteed to be usable" aspect, not the "you don't have to
> depend on it" aspect.

That's more or less what the attached patch does. It could certainly be
improved, as the knowledge of when to fallback is spread all over the
place, but that's an existing problem in the code anyway.

The SHELL variable in configure.in is changed to an explicit "/bin/sh"
because relying on $SHELL might change depending on the shell used for
configure, and the existing code expects /bin/sh for fallback and script
invokation cases, this could be considered a bug on its own though. The
only fishy point is when calling shell() with a second argument, which
will get preserved, and might not quite match what was invoked
afterwards, but probably not worth worrying.

The code could also warn that it needed to fallback to a POSIX shell,
but I'm not sure what's the policy from the shadow code PoV here.

Tested with:

# chsh root -s /bin/csh
chsh: Warning: /bin/csh does not exist
# su
# echo $SHELL
/bin/sh
# exit
# su -
# echo $SHELL
/bin/sh
# exit
# login -f root
Last login: Tue Apr 5 01:36:13 CEST 2011 on pts/10
# echo $SHELL
/bin/sh

And on a virtual console.

regards,
guillem
 
Old 04-05-2011, 12:00 AM
Carsten Hey
 
Default Moving bash from essential/required to important?

Before bash or dash could be made non-essential in a clean way, there
are IMHO various things not mentioned up to now in this thread to fix:

* Fix #428189, either by adapting the policy to reality or vice versa
(depending on the maintainers decision) as prerequisite to fix the
next point without breaking things afterwards.
* Find a sane solution for managing /bin/sh. Currently diversions are
used, which looks like the wrong tool for this job to me. There are
also some related bugs with a high severity.
* Make dash conform to POSIX. dash/sid is not detected as being
a POSIX shell by autotools, which leads to lines like #!@POSIX_SHELL@
to become #!/bin/bash and thus introduces useless dependencies on
bash.

* Lars Wirzenius [2011-04-04 20:32 +0100]:
> On ma, 2011-04-04 at 19:43 +0100, Roger Leigh wrote:
> > Regarding the root shell issue, I wouldn't have an issue with it
> > being /bin/sh. The admin is always free to chsh it to the shell
> > of their choice.
>
> We could even have d-i set the root shell to bash if it installs bash.
> Or have bash do it always, even, if root's shell is /bin/sh.

The login approach mentioned in this thread is in my opinion way more
clean than fiddling with /etc/passwd.

> > However, there have got to be hundreds of packages using bash
> > without a dependency. Do we have any information on the
> > affected packages (i.e. all those with a #!/bin/bash shebang in any
> > provided executable scripts)?
>
> I happened to have access to a idle-ish fastish machine with a fresh-ish
> Debian mirror, so I wrote a script to unpack all binaries (for sid/main
> amd64), and then another script to grep for bash scripts (actually a
> pair of scripts). With these scripts, I got a list of files that start
> with #!/bin/bash. There are 1783 files in the list, in 543 packages.

gzip_1.3.12-9_amd64.deb contains files in /bin/ starting with
#!/bin/bash, maybe your script skips /bin/? The post installation
script of libssl1.0.0.0 also contains a bash shebang line missed by your
script.

> Changing 543 packages to add a bash dependency does sound like a lot,
> but it should be doable.
>
> * We can add a lintian warning, which helps catch such things in
> the future.

This would also require an exception to the "don't depend on essential"
warning.

> * We can perhaps change debhelper to automatically add the
> dependency, if it is missing. Since most packages use debhelper,
> this might transition most of the packages automatically.

Ack.

> * Or we might do a more traditional transition, with an MBF now,
> and a targeted NMU campaign in six months, for any packages that
> still remain.

This sounds more like a possible release goal to me and not like
something that needs to be fixed using NMUs in a few months.

> I think this would be a nice thing to do, especially from the point of
> view of embedded systems, and other systems with no interactive use, but
> limited resources.

I agree about the usefulness for embedded systems and think that (if
there is some work done in this direction) the efforts should be done
with them in mind. After all, deciding things that can't be done
because of others blocking it is not the best idea.


Regards
Carsten


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110405000036.GA10937@furrball.stateful.de">http://lists.debian.org/20110405000036.GA10937@furrball.stateful.de
 

Thread Tools




All times are GMT. The time now is 08:33 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org