Bug#923478: initscripts use unsafe `: >` shell command to create files

Cristian Ionescu-Idbohrn cristian.ionescu-idbohrn at axis.com
Fri Apr 5 10:11:26 BST 2019

On Thu, 28 Feb 2019, Thorsten Glaser wrote:
> I’d say that aborting might be preferrable, but I checked your patch.
> In the first case, it’s indeed preferrable to continue the init script
> (and have the two additional error messages from chmod and chgrp, but
> it continue on), and in the second case…
> >Init scripts try to use this for example in the bootclean.sh logic to
> >create /tmp/.clean: there is even code to handle the failure case which
> >unfortunately does not get run, in fact the whole cleanup operation is
> >ended short.
> … this is true: the error handling does not get run.
> So (from a shell maintainer’s PoV) these patches are good and should
> be applied, in time for buster.

Thing is neither the `:' nor the `true' commands are needed.  To 
truncate a file it's sufficient to redirect _nothing_ to that file.

	 $ dash -c '>/tmp/dir/; echo $?; echo hello world;'         
	dash: 1: cannot create /tmp/dir/: Is a directory
	hello world

The real problem is that a failing redirection is _not_ error handled 
(in the /etc/init.d/bootmisc.sh case).



More information about the Debian-init-diversity mailing list