[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#884964: using "su - " in postinst causing some installs to fail

Simon,

Thank you for your comments.

> Arguably the bug here is that there was a file in /etc/profile.d that
> assumed bash syntax, rather than guarding bashisms with a check for
> $BASH_VERSION or similar. I would recommend changing those profile
> snippets so the problematic parts only run on shells that are known to
> support them (bash and maybe zsh).
>
> For many uses of profile snippets, it would make sense to wrap them in
> a guard against non-interactive shells, which also dodges any issues
> that those snippets might cause in non-interactive shells.
>
>      smcv
>
I've done quite a bit more testing on this. I've had three packages with this issue - spamassassin, sa-compile and tuptime.
The user for spamassassin and sa-compile is debian-spamd whose shell is set to /bin/sh. The user for tuptime is tuptime whose shell is also set to /bin/sh.
Changing the shell to /bin/bash for tuptime for example, eliminates the error with using 'su -'.
I did note that the package postgresql-common calls the Bourne shell in postinst but without a login and this poses no problem during installation: 

    su -s /bin/sh postgres -c "test -O /var/lib/postgresql &&
            test -G /var/lib/postgresql" || \
        chown postgres:postgres /var/lib/postgresql
The postgres user's shell is /bin/bash but I don't think this matters because login isn't being used so /etc/profile.d files aren't being read.
Aliases present no problem. Functions, depending on how they are written, do. 

function somefunction () {....} causes a problem.

function somefunction {....} causes a problem.
somefunction () {....} does not. So there's the bashism - using the reserved word 'function'.
Interestingly, when using the reserved word function, the presence of () changes the error message. 

With the use of ():
-sh: 5: /etc/profile.d/test.sh: Syntax error: "(" unexpected (expecting "fi") 

Without the use of ():
-sh: 5: /etc/profile.d/test.sh: function: not found

Definitely would have been much easier to spot the error had we not used ().

Wrapping the function with this worked.

if [ "${BASH-}" ] && [ "$BASH" != "/bin/sh" ]; then

    function testfunction
    {
    echo 'Function from test.sh in /etc/profile.d'
    }

fi
Doing the same thing but with the () included did not work. That has me scratching my head. It should have bypassed those lines entirely.
I'll update the bug reports I've filed in the packages with this information. I'm not sure there's a good solution for this. It seems to be such a specific issue. Had I not created a user with a /bin/sh shell and tried to recreate the function for that user, I'm not sure I would have twigged that the reserved word function was causing the problem since the error kept coming back as the ( causing the issue.
Anyway, thanks again for your comments. It spurred me to investigate further. 

--
Terry
Reply to: