Dangers of using a non-base shell

Daniel Bye freebsd-questions at slightlystrange.org
Tue Oct 30 07:42:22 PDT 2007 

On Mon, Oct 29, 2007 at 08:50:40PM +0000, Stephen Allen wrote:
> It's been drawn to my attention not to use bash from the ports 
> collection, because if one of it's dependencies (gettext or libiconv) 
> fails or is updated significantly, it could break, and prevent login. 

Hmm, I guess it *could* happen, but in the 8 years I have been using
bash on FreeBSD, it never *has* happened. Of course, that's not to say
that it never *will* happen... 

As long as you adopt a sensible approach to upgrading your installed
ports, then I don't think you'll go far wrong - portupgrade can be made
to rebuild dependent packages, so any significant change to libiconv 
can be picked up by all other packages that require it.

> The suggested solution was to use a base shell (such as sh) and append 
> 'bash -l' to .shrc to automatically enter bash.
> 
> The quite annoying side-effect is having to type 'exit' twice to get out 
> of a su shell or screen.

You could instead do something like this (untested!):

if (bash --version > /dev/null)
then
  exec bash
fi

which will replace your login shell with a bash, as long as bash can 
successfully run and display its version info. Then you only have one
shell to kill to log out.

> 
> Would it be a better idea to use the pre-compiled binary for bash?  And 
> if I did so, could I be alerted to updates as easy as using 'pkg_version 
> -v' when checking if any ports need updating?

Using a binary package will make no difference - it will still cause 
dependencies to be installed, just as if you built it from source. As
long as you take time to check which ports/packages need updating at any
particular time, and keep an eye on /usr/ports/UPDATING, then you shouldn't
go far wrong. If you are really worried about it, then you can build a
static bash, which you can then install on your / fs. Set WITH_STATIC_BASH
and you can put the resulting monolithic binary anywhere you like.

And yes, pkg_version -v will tell you which ports/packages are outdated,
whether you installed them from binary packages or from source. To get a
slightly clearer result, try

 # pkg_version -v | grep -v =

to only see outdated ports.

HTH

Dan

-- 
Daniel Bye
                                                                     _
                                              ASCII ribbon campaign ( )
                                         - against HTML, vCards and  X
                                - proprietary attachments in e-mail / \

More information about the freebsd-questions mailing list