Re: [opensuse-factory] rpmlint 1.10 about to enter openSUSE Factory

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: [opensuse-factory] rpmlint 1.10 about to enter openSUSE Factory

Richard Biener
On Mon, 9 Oct 2017, Dirk Müller wrote:

> Hi,
...

> - env-script-interpreter: This is a new check that has a Badness of 9.
> The value is so low because it triggers tremendously often right now.
> Basically, for shell scripts installed with chmod +x in the typical
> binary directories like /usr/bin and the like, it is alerting when the
> script shebang starts with "#!.*env ". The intention here is to avoid
> the rpm-dependency logic add a file-depends on /usr/bin/env (which is
> useless) and have the *actual* interpreter added as dependency
> instead. So to silence the warning, something like
>
> sed -i -e "1 s,#! */usr/bin/env python,#!/usr/bin/python2,"
> %{buildroot}/%{_bindir}/*.py
>
> is needed. This lets the rpm-dependency magic add a proper
> file-depends on /usr/bin/python2, pulling in python-base if it isn't
> installed already.
Huh, why not fix RPM instead?

Richard.

--
Richard Biener <[hidden email]>
SUSE LINUX GmbH, GF: Felix Imendoerffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nuernberg)
Reply | Threaded
Open this post in threaded view
|

Re: [opensuse-factory] rpmlint 1.10 about to enter openSUSE Factory

Neal Gompa
On Tue, Oct 10, 2017 at 6:04 AM, Richard Biener <[hidden email]> wrote:

> On Mon, 9 Oct 2017, Dirk Müller wrote:
>
>> Hi,
> ...
>> - env-script-interpreter: This is a new check that has a Badness of 9.
>> The value is so low because it triggers tremendously often right now.
>> Basically, for shell scripts installed with chmod +x in the typical
>> binary directories like /usr/bin and the like, it is alerting when the
>> script shebang starts with "#!.*env ". The intention here is to avoid
>> the rpm-dependency logic add a file-depends on /usr/bin/env (which is
>> useless) and have the *actual* interpreter added as dependency
>> instead. So to silence the warning, something like
>>
>> sed -i -e "1 s,#! */usr/bin/env python,#!/usr/bin/python2,"
>> %{buildroot}/%{_bindir}/*.py
>>
>> is needed. This lets the rpm-dependency magic add a proper
>> file-depends on /usr/bin/python2, pulling in python-base if it isn't
>> installed already.
>
> Huh, why not fix RPM instead?
>

Funny you should mention that... It's been listed as a TODO for 8
years in the dependency generator[1].

It would also probably make sense to have an upstream brp that would
rewrite those shebangs to the correct ones, since you always want it
using the interpreter managed by package management.

[1]: https://github.com/rpm-software-management/rpm/blob/master/scripts/script.req


--
真実はいつも一つ!/ Always, there's only one truth!
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: rpmlint 1.10 about to enter openSUSE Factory

jan matejek-4
In reply to this post by Richard Biener
On 10.10.2017 12:04, Richard Biener wrote:

> On Mon, 9 Oct 2017, Dirk Müller wrote:
>
>> Hi,
> ...
>> - env-script-interpreter: This is a new check that has a Badness of 9.
>> The value is so low because it triggers tremendously often right now.
>> Basically, for shell scripts installed with chmod +x in the typical
>> binary directories like /usr/bin and the like, it is alerting when the
>> script shebang starts with "#!.*env ". The intention here is to avoid
>> the rpm-dependency logic add a file-depends on /usr/bin/env (which is
>> useless) and have the *actual* interpreter added as dependency
>> instead. So to silence the warning, something like
>>
>> sed -i -e "1 s,#! */usr/bin/env python,#!/usr/bin/python2,"
>> %{buildroot}/%{_bindir}/*.py
>>
>> is needed. This lets the rpm-dependency magic add a proper
>> file-depends on /usr/bin/python2, pulling in python-base if it isn't
>> installed already.
>
> Huh, why not fix RPM instead?

In addition to what Neal said: using `#!/usr/bin/env` is a bug in almost all cases. It means that a
distro-provided script runs on an unspecified interpreter randomly found in user's $PATH.

The RPM behavior re dependencies is a minor bug; the buggy script is a bigger problem. To fix it, we
would need a brp or some other mechanism to rewrite the actual installed scripts.

regards
m.

>
> Richard.
>

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]