Bug#923478: initscripts use unsafe `: >` shell command to create files
Cristian Ionescu-Idbohrn
cristian.ionescu-idbohrn at axis.com
Sun Apr 7 09:52:24 BST 2019
On Sat, 6 Apr 2019, Dmitry Bogatov wrote:
> [2019-04-05 11:11] Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com>
> > Thing is neither the `:' nor the `true' commands are needed. To
> > truncate a file it's sufficient to redirect _nothing_ to that file.
> >
> > $ dash -c '>/tmp/dir/; echo $?; echo hello world;'
> > dash: 1: cannot create /tmp/dir/: Is a directory
> > 2
> > hello world
>
> Nice to know. Is this behaviour mandated by posix?
Not in so many words, but it doesn't say there _must_ be input to
redirect to stdout or stderr.
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_07
"The overall format used for redirection is:
[n]redir-op word"
(nothing about input). dash, bash, busybox ash work fine, but not zsh
(it's waiting for input).
I've been using these redirections for many, many years without any
ill effects:
>file # truncate or create
>>file # `touch' or create
> > The real problem is that a failing redirection is _not_ error handled
> > (in the /etc/init.d/bootmisc.sh case).
>
> Sorry, failed to parse. You seems to tell, that there is another problem
> in 'bootmisc.sh', but I do not understand, which one.
The redirection in /etc/init.d/bootmisc.sh on line 29 is _not_ error
handled. Writing to a file can fail (for various reasons).
OTOH, the redirection in /lib/init/bootclean.sh on line 22 _is_ error
handled.
Cheers,
--
Cristian
More information about the Debian-init-diversity
mailing list