[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Moving bash from essential/required to important?

Before bash or dash could be made non-essential in a clean way, there
are IMHO various things not mentioned up to now in this thread to fix:

 * Fix #428189, either by adapting the policy to reality or vice versa
   (depending on the maintainers decision) as prerequisite to fix the
   next point without breaking things afterwards.
 * Find a sane solution for managing /bin/sh.  Currently diversions are
   used, which looks like the wrong tool for this job to me.  There are
   also some related bugs with a high severity.
 * Make dash conform to POSIX.  dash/sid is not detected as being
   a POSIX shell by autotools, which leads to lines like #!@POSIX_SHELL@
   to become #!/bin/bash and thus introduces useless dependencies on

* Lars Wirzenius [2011-04-04 20:32 +0100]:
> On ma, 2011-04-04 at 19:43 +0100, Roger Leigh wrote:
> > Regarding the root shell issue, I wouldn't have an issue with it
> > being /bin/sh.  The admin is always free to chsh it to the shell
> > of their choice.
> We could even have d-i set the root shell to bash if it installs bash.
> Or have bash do it always, even, if root's shell is /bin/sh.

The login approach mentioned in this thread is in my opinion way more
clean than fiddling with /etc/passwd.

> > However, there have got to be hundreds of packages using bash
> > without a dependency.  Do we have any information on the
> > affected packages (i.e. all those with a #!/bin/bash shebang in any
> > provided executable scripts)?
> I happened to have access to a idle-ish fastish machine with a fresh-ish
> Debian mirror, so I wrote a script to unpack all binaries (for sid/main
> amd64), and then another script to grep for bash scripts (actually a
> pair of scripts). With these scripts, I got a list of files that start
> with #!/bin/bash. There are 1783 files in the list, in 543 packages.

gzip_1.3.12-9_amd64.deb contains files in /bin/ starting with
#!/bin/bash, maybe your script skips /bin/?  The post installation
script of libssl1.0.0.0 also contains a bash shebang line missed by your

> Changing 543 packages to add a bash dependency does sound like a lot,
> but it should be doable.
>       * We can add a lintian warning, which helps catch such things in
>         the future.

This would also require an exception to the "don't depend on essential"

>       * We can perhaps change debhelper to automatically add the
>         dependency, if it is missing. Since most packages use debhelper,
>         this might transition most of the packages automatically.


>       * Or we might do a more traditional transition, with an MBF now,
>         and a targeted NMU campaign in six months, for any packages that
>         still remain.

This sounds more like a possible release goal to me and not like
something that needs to be fixed using NMUs in a few months.

> I think this would be a nice thing to do, especially from the point of
> view of embedded systems, and other systems with no interactive use, but
> limited resources.

I agree about the usefulness for embedded systems and think that (if
there is some work done in this direction) the efforts should be done
with them in mind.  After all, deciding things that can't be done
because of others blocking it is not the best idea.


Reply to: