[elbe-devel] /bin/sh

John Ogness john.ogness at linutronix.de
Thu Jan 26 15:52:01 CET 2017 

Hi Ralf,

On 2017-01-26, Ralf Schlatterbeck <rsc at runtux.com> wrote:
>> If there are no disagreements, I would provide a patch to remove all
>> use of /bin/sh for executing commands. And in particular, removing
>> its use for such simple tasks as writing text files. A quick
>> recursive search for "sh -c" shows some bizarre usages.
>
> From what I understood so far, some of it is due to running chrooted.
> But there is an undocumented raw_cmd-Feature that doesn't use a shell
> on the target (it *does* seem to use a shell for calling the chroot
> command, though afair and that usage of the shell could be removed).
>
> I'm using this for a busybox-based system to create the busybox links
> like so:
>
>     <finetuning>
>           <raw_cmd>/install_bb.sh</raw_cmd>
>
> And the install_bb has
> #!/bin/busybox sh
> ...
> for i in $(busybox --list)
>     do something
>
> Contrary to the original busybox example we don't need to temporarily
> copy a shell with associated libs to the target and remove it later.

Agreed. The install_bb.sh script can even be avoided with:

<finetuning>
    <raw_cmd>/bin/busybox mkdir -p /bin /sbin /usr/bin /usr/sbin</raw_cmd>
    <raw_cmd>/bin/busybox --install -s</raw_cmd>
</finetuning>

> So I guess sometimes it is very convenient to be able to use
> shell-commands with pipelines, redirection etc and resort to raw_cmd
> if you don't want a shell.

Thanks. I forgot that <command> is often used with shell expression,
pipes, redirections, etc.

But there are still many places where "sh -c" are used and I don't see
the need. For example, <ln> uses "sh -c". So if there is no /bin/sh, I
cannot create any symbolic links.

> The raw_cmd feature should be (better?)  documented, I've found it by
> accident.

Agreed. It should be better documented. In my opinion it would be enough
to include it in the minimal-cpio example, since most people probably
use that as a reference when creating a rootfs with no /bin/sh. (I
assume you did as well, since you are also using the install_bb.sh
script.)

So let me rephrase my initial question... is there any reason why we are
using "sh -c" for things like <ln>? These kinds of things can be done
without a chroot into the target rootfs.

John Ogness

More information about the elbe-devel mailing list