Bashisms in #!/bin/sh scripts are not necessarily bugs

October 14, 2014

In the wake of Shellshock, any number of people have cropped up in any number of places to say that you should always be able to change a system's /bin/sh to something other than Bash because Bashisms in scripts that are specified to use #!/bin/sh are a bug. It is my heretical view that these people are wrong in general (although potentially right in specific situations).

First, let us get a trivial root out of the way: a Unix distribution is fully entitled to assume that you have not changed non-adjustable things. If a distribution ships with /bin/sh as Bash and does not have a supported way to change it to some other shell, then the distribution is fully entitled to write its own #!/bin/sh shell scripts so that they use Bashisms. This may be an unwise choice on the distribution's part, but it's not a bug unless they have an official policy that all of their shell scripts should be POSIX-only.

(Of course the distribution may act on RFEs that their #!/bin/sh scripts not use Bashisms. But that's different from it being a bug.)

Next, let's talk about user scripts. On a system where /bin/sh is always officially Bash, ordinary people are equally entitled to assume that your systems have not been manually mangled into unofficial states. As a result they are also entitled to write their #!/bin/sh scripts with Bashisms in them, because these scripts work properly on all officially supported system configurations. As with distributions, this may not be a wise choice (since it may cause pain if and when they ever move those scripts to another Unix system) but it is not a bug. The only case when it even approaches being a bug is when the distribution has officially included large warnings saying '/bin/sh is currently Bash but it may be something else someday, you should write all /bin/sh shell scripts to POSIX only, and here is a tool to help with that'.

There are some systems where this is the case and has historically been the case, and on those systems you can say that people using Bashisms in #!/bin/sh scripts clearly have a bug by the system's official policy. There are also quite a number of systems where this is or has not been the case, where the official /bin/sh is Bash and always has been. On those systems, Bashisms in #!/bin/sh scripts are not a bug.

(By the way, only relatively recently have you been able to count on /bin/sh being POSIX compatible; see here. Often it's had very few guarantees.)

By the way, as a pragmatic matter a system with only Bash as /bin/sh is likely to have plenty of /bin/sh shell scripts with Bashisms in them even if the official policy is that you should only use POSIX features in such scripts. This is a straightforward application of one of my aphorisms of system administration (and perhaps also this one). These scripts have a nominal bug, but of course people are not going to be happy if you break them.


Comments on this page:

By using Bashisms, these scripts break portability. Whether that's a bug is a philosophical issue, i suppose.

What is a bug is that bash invoked as sh should only accept sh commands and thus reject bash extensions as syntax errors. But that horse left the barn long ago.

By FiL at 2014-10-17 10:54:49:

If you gonna use bashism in your script why don't you make it clear in the header specifying #!/bin/bash instead ob #!/bin/sh? It doesn't break compatibility and sends a clear message that somewhere in the script some bashism are used (or at least it is possible).

By cks at 2014-10-29 00:47:55:

FiL (belatedly): people who use Bashisms knowing that they're non-portable Bashisms might be well advised to use #!/bin/bash, although there's a lot of handwaving in there (for example, the intention might be to be more portable someday when there's time to revisit a quick hack using some convenient Bash feature). But I think that a lot of people are putting Bashisms into their scripts without realizing it.

I've now about one aspect of this issue (with examples) in this entry.

Written on 14 October 2014.
« System metrics need to be documented, not just to exist
Why system administrators hate security researchers every so often »

Page tools: View Source, View Normal, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Tue Oct 14 02:06:38 2014
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.