[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dash bug which is affecting release goal

On Mon, Feb 11, 2008 at 02:48:33AM -0800, Mike Bird wrote:
> On Mon February 11 2008 02:20:26 Cyril Brulebois wrote:
> > On 11/02/2008, Mike Bird wrote:
> > > On *production* Debian systems, saving 30 seconds in a boot which
> > > may occur once a year for a kernel security update is not worth a
> > > single broken script, nor a single failed backup, nor a single lost
> > > data bit.
> >
> > Since you're talking about *production* systems, “stable” case above,
> > so “not a problem”.
> Release notes do not offset the millions of person-hours needed to review
> and maybe-rewrite and retest the millions of tiny shell scripts that have
> been written and tested by millions of Debian users with no thought to the
> possible consequences of subsequent changes to /bin/sh.
> Why do you believe it is better for Debian to harm millions of Debian
> users rather than simply using #!/bin/sh.minimal within Debian scripts?

Because that's what Debian does: we fix things, even when they work
while they are broken.  A script which says #!/bin/sh, but which really
needs bash, is a bug.  Debian doesn't want those bugs.  This means a
transition which is some work, but we'll do it.  Admins who wrote their
own shellscripts may also need to check if they still work.  If they
don't trust it, then they should just set their shell to bash again.
Admins who maintain a system that cannot afford some downtime, and who
refuse to read the release notes when upgrading... well, they deserve
what they get, I think.

This fix requires quite some work on our part (not that I'm personally
working on it, but I see it being done ;-) ).  A corporation would
likely follow your approach and leave things buggy (but working).
Debian aims to build the perfect OS.  That means no bugs at all.  We may
not reach that goal, but we'll get as close to it as we can.  When we
see a bug, we try to fix it.  This is a bug, even if it doesn't hurt
much.  So we will fix it.

I think you're overestimating the damage this does to users.  Most users
don't install things with scripts from outside of Debian.  For those
users, we do the testing, and everything will continue to work.  For the
users who do install external (home-made, for example) scripts, there
are two categories: Sensitive systems, where the admin should not accept
the change; those admins can be expected to read the release notes and
do what they should.  And other systems, where the admin can notice that
things don't work anymore, and fix it when that happens.

This last category of users is the one which have the problems you fear.
I think this is a small group, and they should be able to handle it.  I
am in that group myself, and that sort of problems is what I expect when
I upgrade my server (running stable) to the next release.

For newly installed systems, there is no problem at all.  They will test
their new scripts on their new system and tweak them so they will work
on them.  Which means less bugs. :-)


I encourage people to send encrypted e-mail (see http://www.gnupg.org).
If you have problems reading my e-mail, use a better reader.
Please send the central message of e-mails as plain text
   in the message body, not as HTML and definitely not as MS Word.
Please do not use the MS Word format for attachments either.
For more information, see http://pcbcn10.phys.rug.nl/e-mail.html

Attachment: signature.asc
Description: Digital signature

Reply to: