[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#906901: debian-policy: Perl script shebang requirement is disturbing and inconsistent with rest of policy



Russ Allbery writes ("Bug#906901: debian-policy: Perl script shebang requirement is disturbing and inconsistent with rest of policy"):
> Yeah, this is one of the points that I'm struggling with: I feel like our
> stance with Perl (and Python) and our stance with maintainer scripts is
> inconsistent.  We require maintainer scripts to support PATH
> interposition, but take the opposite stance for interpreters, and then
> that causes these sorts of problems.

There are significant differences between #! lines invoking
interpreters like perl and python, and maintainer scripts calling
random programs.

In practice, replacing perl with a homebrewed actual perl is rare and
in that case you want to put it in /usr/bin, because that's where all
distributed perl scripts expect it to be.

If one wants to do some kind of stunt, it is normally only a few
scripts that one wants to affect.  So it is easy enough to put
modified versions of (or wrappers for) those scripts on PATH.

Making $PATH contain a wrapper script for the whole perl intepreter is
a massively big hammer, and quite complicated to do right since one
has to reparse perl's arguments.

And IIRC with Python we have historically had the trouble that a
Python compiled into /usr/local/bin has bizarre ideas about where to
look for its modules, which means that this isn't a useful strategy
anyway.

To be honest: I'm a great fan of insisting on always using PATH.  I
have enountered numerous cases where this has allowed me to easily do
things which would otherwise be significantly harder.  But I have
never wanted to provide a stunt perl or a stunt python, or anything of
the kind.

Norbert, is your concern theoretical, or is this a thing you have
actually wanted to do ?

Next up: what about #!/bin/sh.

Having said all that, I think it would be right for policy to revert
the change immediately, and ask lintian to revert the change
immediately, before we have a big conversation about what to do about
this.

Reverting both changes will mean that maintainers of individual
packages are not being prompted to make changes we may later ask them
to reverse.  And it will remove the animus behind Norbert's setting of
this bug to `serious' - which I think is arguably justified.

Thanks,
Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.


Reply to: