Development/Docs/bash Problems
From Mandriva
A statically linked Bourne shell can be used as a failsafe login shell for the system administrator or as a default shell in a very limited system such as a rescue floppy. This document discusses some issues arising from the use of the Bourne shell as a login shell in Mandriva Linux.
Contents |
Introduction
The Bourne shell is a common-denominator, standard command interpreter shell in Unix-like systems. A popular implementation of the Bourne shell used on Linux and BSD systems is the Almquist shell (ash). One common use for ash as a statically linked binary is to have a failsafe system shell or a small footprint shell for minimal systems -- a task not well-suited for other shells such as bash or pdksh. Other minimalistic shells such as sash don't provide all features of a true Bourne shell and, although very compact in size, are poor choices for a login shell.
Some system administrators prefer to have a statically linked shell as the root shell. A statically linked ash is good for that purpose, and a static version is usually provided. In Mandriva Linux it comes in the "ash-static" package.
Evaluation
Installation
A Mandriva Linux (Cooker ca. Mandriva Linux 2005 release) system was prepared installing packages ash and ash.static. Table 1 shows a comparison between the Mandriva shells and the equivalent shells in Conectiva Linux and Debian.
Table 1: ash in different distributions
| Mandriva | Conectiva | Debian | ||
|---|---|---|---|---|
| Package | ash-static | ash | ash | dash |
| Version | 0.3.8 | 0.3.8 | 0.3.8 | 0.5.2 |
| Type | static | dynamic | static | dynamic |
| File | /bin/ash.static | /bin/ash | /sbin/bsh | /bin/dash |
| Size | 487Kb | 90Kb | 81Kb | 82Kb |
| Depends on | nothing | coreutils grep bash rpm-helper libc | itself | libc |
Packaging
Initial analysis
Naming and location of the Bourne shell interpreter varies among distributions, but they're all based on ash. It is especially interesting to note that the size of the statically linked binary in Conectiva Linux is about 10Kb smaller than the dynamically linked shell in Mandriva Linux, and 1Kb smaller than the Debian ash, which is also dynamically linked (see Table 1). This result was achieved by linking ash against dietlibc, a slim libc implementation that can be used to produce small static binaries. The static versions in Mandriva Linux and Conectiva Linux don't depend on external packages as one could expect. The Debian dynamic version depends on libc, while the Mandriva Linux dynamic version bears a much more intrincate dependency tree.
Dependencies
Presence of the dynamic ash package in Mandriva Linux is questionable: it doesn't offer the size advantage because it depends on a large number of packages, and the functionality per se should be supplied by more advanced shells like bash. It is also worth mention that the ash package actually depends on bash, which is certainly odd.
The graph containing all requirements of ash contains more than 450 edges and spans the entire system core. In the graph, virtual packages nodes are represented by rectangles and regular packages by ellipses. The dependency chart can be obtained using dm or Smart; a simple script was used in this case.
This study ignores dependency of glibc on rpm and bash (via /bin/sh), see the unzip and libusb dependency case study for more information.
Along with ash, tcsh and pdksh also depend on a big chunk of system packages. Bash, on the other hand, has a small set of dependencies (see Fig. 1). This signals a possibility of improvements in the tcsh and pdksh packaging, further investigation is recommended.
Fig. 1: Dependency graph of package bash
User login
A user with /bin/ash as the login shell is greeted with a few error messages, showing that scripts used on the system are not Bourne compliant:
Last login: Sun May 8 15:26:53 2005 from localhost [[: not found [[: not found shopt: not found [[: not found : permission denied : permission denied : permission denied $
The errors will be examined in detail in the next sections; whenever possible, fixes will be presented in order to make the system scripts Bourne-compliant.
Faulty profile scripts
alias.sh
Bash system-wide aliases (/etc/profile.d/alias.sh) are actually executed for all Bourne-derivative shells and not only bash. The validity of this strategy is to be determined because aliases in ash are optional and not part of the standard Bourne shell. If aliases support is available. errors in the login are caused by the use of double bracket expression evaluation.
11 [[ -f ~/.alias ]] && [[ -z $LOAD_SYSTEM_ALIASES ]] && return 0 12 [[ -n $IGNORE_SYSTEM_ALIASES ]] && return 0
A more conservative coding standard can fix this problem, replacing double brackets by a equivalent construction using single brackets or test (filed as 
Bug #16188). A different style can also improve readability.
ssh-clients.sh
The OpenSSH client configuration profile (/etc/profile.d/ssh-client.sh from openssh-clients) tries to execute appropriate commands for each shell by examining the user's SHELL variable before proceeding. However, it does it by exclusion instead of testing each shell; this approach automatically assumes that any shell in the system that is not the Korn or Z shells understands the shopt command. Ash doesn't.
3 if [ "$SHELL" != "/bin/ksh" ]; then 4 if [ -n "$ZSH_VERSION" ]; then 5 setopt hup 6 else 7 shopt -s huponexit 8 fi 9 fi
A solution in this case is to test for Z Shell and Bash, and use appropriate commands if one of these shells are in use. Filed as Bug #16180.
tmpdir.sh
Package initscripts installs /etc/profile.d/tmpdir.sh, which also uses double bracket expressions that should be converted to their single-bracket equivalents.
13 if [[ "$SECURE_TMP" = "yes" || "$SECURE_TMP" = "1" || "$SECURE_TMP" = "Y ES" || "$SECURE_LEVEL" -ge 2 ]];then
This script responds for the remaining "permission denied" error messages as well:
$ ash -x tmpdir.sh + [ -f /etc/sysconfig/system ] + . /etc/sysconfig/system + SECURITY=2 + CLASS=beginner + LIBSAFE=no + META_CLASS=download + [ -f /etc/sysconfig/msec ] + grep ^SECURE_LEVEL= /etc/sysconfig/msec + head -1 + eval + [[ = yes [[: not found + = 1 : permission denied + = YES : permission denied + -ge 2 ]] : permission denied
Other sources
Other packages not installed on the test system can also install non-compliant profile scripts. A complete audit is required to determine if other packages need to be fixed.
It is interesting to mention that, contrary to what it is stated in the package documentation, Bash doesn't behave like Bourne shell when invoked as /bin/sh, allowing the execution of bash-specific pieces of code where a true Bourne shell would report errors. This can affect interoperability of shell scripts created on Mandriva Linux and executed on other systems that use a true Bourne shell as /bin/sh.
Conclusion
The Bourne shell implementation in Mandriva Linux has been examined for system recovery, size and compatibility purposes. Results of the use of /bin/ash as a login shell were also listed with solution proposals for errors reported by the system. The conclusions are:
- Existence of the dynamic ash package in its current configuration is not justifiable. Neither smaller size nor extended functionality can be claimed as advantages. The dynamic ash package should be discontinued. Status: DONE
- A static ash shell should be provided based on the Conectiva Linux configuration (without the self-dependency) and moved to the system core replacing the current ash and package. Status: DONE (ash 0.3.8-8mdk)
- Packaging of tcsh and pdksh could be improved in order to reduce dependencies.
- System profile scripts for Bourne shell and derivatives are written using extensions that exist in bash and Korn shell, but not in the original Bourne shell. The scripts should be rewritten to be Bourne compliant (
Bug #16180, Bug #16188).
Other recommendations to prevent related problems not directly detected in this study:
- Bash-specific environment setup files should be invoked using BASH_ENV and not ENV.
- Bash-specific scripts should use /bin/bash and not /bin/sh as the interpreter.
