Overview
Request 681524 superseded
- Add temporary patch from upstream to fix boo#1127700
- Refine and harden update-alternatives work flow
- Move header and Makefile from bash-loadables to bash-devel
- Make update-alternatives work flawless
- Put "sh" under control of update-alternatives
- Created by WernerFink
- In state superseded
- Supersedes 680550
- Superseded by 681811
-
Open review for
opensuse-review-team
- Open review for openSUSE:Factory:Staging:B
Apparmor is not happy with this change - I guess the issue is that it does not do a profile around a symlink, but around the final binary.
[ 1086s] FAIL: test_4 (__main__.AaTest_get_interpreter_and_abstraction) [ 1086s] test '#! /bin/sh -x ' [ 1086s] ---------------------------------------------------------------------- [ 1086s] Traceback (most recent call last): [ 1086s] File "/home/abuild/rpmbuild/BUILD/apparmor-2.13.2/utils/test/common_test.py", line 88, in stub_test [ 1086s] self._run_test(test_data, expected) [ 1086s] File "test-aa.py", line 187, in _run_test [ 1086s] self.assertEqual(interpreter_path, exp_interpreter_path) [ 1086s] AssertionError: '/usr/bin/bash' != '/etc/alternatives/_bin_sh' [ 1086s] - /usr/bin/bash [ 1086s] + /etc/alternatives/_bin_sh
We need a fix for this in apparmor, see bug#1127877 ... maybe it would be an idea to provide a feature for every package with a bournce shell which can be used as /bin/sh or /usr/bin/sh
Just a question based on the info in the bug:
lrwxrwxrwx 1 root 25 Mar 4 09:43 /bin/sh -> /etc/alternatives/_bin_sh noether:/ # ll -G /etc/alternatives/_bin_sh lrwxrwxrwx 1 root 11 Mar 4 09:43 /etc/alternatives/_bin_sh -> /usr/bin/sh noether:/ # ll -G /usr/bin/sh lrwxrwxrwx 1 root 20 Mar 4 09:43 /usr/bin/sh -> /etc/alternatives/sh noether:/ # ll -G /etc/alternatives/sh
I'm mainly wondering why this goes twice via update alternatives.. this could basically end up with /bin/sh being a different shell than /usr/bin/sh (if something/someone changes the alternative for _bin_sh, but not the one for sh)
This seems like a mistake to me
This had been done by Jan ... buzt nevertheless IMHO this more correct as having different bourne shell derviates below /bin/sh and /usr/bin/sh ... if one want to use special features of a shell he/she should use /bin/{ba,k,mk,...}sh in the script shebang line. IMHO the /usr/bin tree is rubbish as the POSIX sh is /bin/sh and never was /usr/bin/sh regardless what our bugzilla says
with the change away from /bin /usr/bin split and the convergence of the two (keep in mind, time moves, posix is not exactly from this year and we no longer run on floppy disks) having the same command in /bin and /usr/bin, but behaving differently, is a recipe for disastrous bug reports with subtle behavior issues
The fact that you never subscribed to the /usr/bin-merge is not news to me - but the approach of changing sematics between /usr/bin and /bin is even worse than blatantly refusing to the /usr/merge
Hmm ... I have never every said the /bin/sh and /usr/bin/sh nor any other program with such a symbolic link should behave differently, NEVER.
And I had always stated that the /usr/bin-merge is IMHO a bad idea. And why should I subscribed to so what ever? I had never get an invitation to so what ever like a mailing list ... maybe due to my firm conviction at this point. Seems to be more comfortable not to ask a well known reviewer :)
apologies - then I understood your previous message, where it sounded to me like you wanted the change for /usr/bin/sh to be something different than /bin/sh
The topic of /usr/bin-merge is not really what we should want to discuss here. there are proponents for it, and against it - arguments are many (and I couldn't care less for now :) )
IMHo, the 'correct' solution to this current submission would be:
- have 'bash', the real binary. installed in /usr/bin
- via u-a, handle the /usr/bin/sh symlink, to support other (sh than bash as sh
- have a symlink from /bin/bash to /usr/bin/bash
- have a symlink from /bin/sh to /usr/bin/sh
This would eliminate the double-alternative solution we currently have
OK I agree here, less links below /etc/alternatives/ is ``more'' here
I've to rebuild the full Base:System with an interim spec file to get the slave tree out of the alternatives configuration :P
you could probably wipebinaries the bash in Base:System, and fallback to the distro provided bash - but you are probably already done by now anyway :)
Apparmor is still failing:
plus installation-images
We more or less need the double alternative/the slave, I think.
Ideally, filesystem.rpm should own the /bin/sh symlink, but it does not do that. Not yet. Not sure if it can. Therefore, sh is a slave, such that dash can have it as a slave as well, such that sh is always there even if bash.rpm is not installed.
Request History
WernerFink created request
- Add temporary patch from upstream to fix boo#1127700
- Refine and harden update-alternatives work flow
- Move header and Makefile from bash-loadables to bash-devel
- Make update-alternatives work flawless
- Put "sh" under control of update-alternatives
licensedigger accepted review
ok
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
dimstar_suse set openSUSE:Factory:Staging:B as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:B"
dimstar_suse accepted review
Picked openSUSE:Factory:Staging:B
repo-checker accepted review
cycle and install check passed
superseded by 681811
Compare with discussion in https://build.opensuse.org/request/show/680550