subject:"\[sr #111044\] autoconf should assert existence of all subsidiary tools at startup"

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

2024-05-10 Thread Zack Weinberg

Update of sr #111044 (group autoconf):

  Status:   Need Info => Confirmed  

___

Follow-up Comment #4:

Copying conversation from bug-autoconf:

Frank Eigler:
> On the other hand, we've had very real reports that e.g. diff was
> missing on some real platforms, which led autoconf astray and ended up
> in misconfigured build trees.  Perhaps autoconf can afford to do some
> sanity checking on these reasonable-sounding but not-universal
> expectations.

Zack Weinberg:
> Frank, do you have details of those real platforms with missing diff?
> As I wrote in , it's
> difficult to implement this kind of sanity check without access to an
> environment that *fails* this kind of sanity check.  I could set one up
> myself but I wouldn't know if I had picked the right things to leave out.

Frank Eigler:
> Not a live system I use day-to-day.  But I mean I can remove
> "diffutils" from my Fedora box, and see it break.
>
> I think the point was not so much that normal & typical developer
> systems may fail.  It's that unforseen restricted machines (maybe
> running in minimal fashionably-"secure" buildroots) could encounter
> these problems, and then QUIETLY FAIL by misconfiguring tools.
>
> Thus the idea was just to do lightweight & obvious sanity checking on
> the environment at configure startup.  e.g.:
>
>diff /dev/null /dev/null || exit 1

I think this gives me enough information to proceed.



___

Reply to this item at:

  

___
Message sent via Savannah
https://savannah.gnu.org/

Re: [sr #111044] autoconf should assert existence of all subsidiary tools at startup

2024-05-10 Thread Frank Ch. Eigler

Hi -

> Frank, do you have details of those real platforms with missing diff?
> As I wrote in , it's
> difficult to implement this kind of sanity check without access to an
> environment that *fails* this kind of sanity check.  I could set one up
> myself but I wouldn't know if I had picked the right things to leave out.

Not a live system I use day-to-day.  But I mean I can remove
"diffutils" from my Fedora box, and see it break.

I think the point was not so much that normal & typical developer
systems may fail.  It's that unforseen restricted machines (maybe
running in minimal fashionably-"secure" buildroots) could encounter
these problems, and then QUIETLY FAIL by misconfiguring tools.

Thus the idea was just to do lightweight & obvious sanity checking on
the environment at configure startup.  e.g.:

diff /dev/null /dev/null || exit 1


- FChE

Re: [sr #111044] autoconf should assert existence of all subsidiary tools at startup

2024-05-10 Thread Zack Weinberg

On Mon, Apr 1, 2024, at 5:26 PM, Frank Ch. Eigler wrote:
> On Mon, Apr 01, 2024 at 05:10:17PM -0400, Paul Eggert wrote:
>> [...]
>> Not sure I'd go that far. The
>> [https://www.gnu.org/prep/standards/html_node/Utilities-in-Makefiles.html GNU
>> Coding Standards for utilities in makefiles] lists the following as usable
>> without further ado:
>> 
>> awk cat cmp cp diff echo egrep expr false grep install-info ln ls
>> mkdir mv printf pwd rm rmdir sed sleep sort tar test touch tr true
>> [...]
>
> On the other hand, we've had very real reports that e.g. diff was
> missing on some real platforms, which led autoconf astray and ended up
> in misconfigured build trees.  Perhaps autoconf can afford to do some
> sanity checking on these reasonable-sounding but not-universal
> expectations.

Frank, do you have details of those real platforms with missing diff?
As I wrote in , it's
difficult to implement this kind of sanity check without access to an
environment that *fails* this kind of sanity check.  I could set one up
myself but I wouldn't know if I had picked the right things to leave out.

zw

Re: [sr #111044] autoconf should assert existence of all subsidiary tools at startup

2024-04-01 Thread Frank Ch. Eigler

Hi -

On Mon, Apr 01, 2024 at 05:10:17PM -0400, Paul Eggert wrote:
> [...]
> Not sure I'd go that far. The
> [https://www.gnu.org/prep/standards/html_node/Utilities-in-Makefiles.html GNU
> Coding Standards for utilities in makefiles] lists the following as usable
> without further ado:
> 
> awk cat cmp cp diff echo egrep expr false grep install-info ln ls
> mkdir mv printf pwd rm rmdir sed sleep sort tar test touch tr true
> [...]

On the other hand, we've had very real reports that e.g. diff was
missing on some real platforms, which led autoconf astray and ended up
in misconfigured build trees.  Perhaps autoconf can afford to do some
sanity checking on these reasonable-sounding but not-universal
expectations.

- FChE

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

2024-04-01 Thread Paul Eggert

Follow-up Comment #3, sr #111044 (group autoconf):

[comment #2 comment #2:]
> neither `diff` nor `awk` (and arguably not even `sed`) should be an implicit
dependency.

Not sure I'd go that far. The
[https://www.gnu.org/prep/standards/html_node/Utilities-in-Makefiles.html GNU
Coding Standards for utilities in makefiles] lists the following as usable
without further ado:

awk cat cmp cp diff echo egrep expr false grep install-info ln ls
mkdir mv printf pwd rm rmdir sed sleep sort tar test touch tr true


Although some of these are debatable (egrep is no longer required by POSIX and
people should use 'grep -E', install-info is needed only if using info) it's
not a bad list of utilities that should work everywhere. I'd hate for Autoconf
to have to worry about platforms lacking 'rm'


___

Reply to this item at:

  

___
Message sent via Savannah
https://savannah.gnu.org/

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

2024-04-01 Thread Zack Weinberg

Update of sr #111044 (group autoconf):

Priority:   5 - Unprioritized => 2 - Eventually 
Severity:  3 - Normal => 2 - Minor  
  Status:None => Need Info  

___

Follow-up Comment #2:

Thank you for (re-)reporting this bug.  I agree that autoconf should make
reasonable efforts to run in a minimal environment and, when the environment
is too minimal to tolerate, it should give clear error messages.  In
particular I agree that neither `diff` nor `awk` (and arguably not even `sed`)
should be an implicit dependency.

That said, this kind of bug is very difficult to work on without concrete test
cases and test environments.  If you could provide us with both of

* a minimized configure.ac that produces a configure script that malfunctions
(meaning, neither runs to completion correctly nor produces a useful error
message and halts) in the minimal environment you're working with

* details of the minimal environment you're working with, in particular the
complete list of available shell commands ("command names" as defined in
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_09_01_01
-- most importantly, both shell built-ins and external executables) and any
cases where functionality guaranteed by POSIX.1-2001 is absent; f there is a
straightforward recipe for constructing a matching environment from widely
available free software, please describe it

that would be super helpful and would probably get the bug addressed orders of
magnitude faster.


___

Reply to this item at:

  

___
Message sent via Savannah
https://savannah.gnu.org/

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

2024-04-01 Thread anonymous

Follow-up Comment #1, sr #111044 (group autoconf):

To elaborate on that, people may use the output of such tools to enable or
disable certain compiler features. An example of such a case was found when
building OpenVPN [0].

This was also reported in 2008 [1].

[0] https://twitter.com/disconnect3d_pl/status/1774747022362325263 (probably
change twitter to nitter to get access without logging in)

[1] https://lists.gnu.org/archive/html/bug-autoconf/2008-03/msg00033.html


___

Reply to this item at:

  

___
Message sent via Savannah
https://savannah.gnu.org/

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

2024-04-01 Thread anonymous

URL:
  

 Summary: autoconf should assert existence of all subsidiary
tools at startup
   Group: Autoconf
   Submitter: None
   Submitted: Mon 01 Apr 2024 03:10:23 PM UTC
Priority: 5 - Unprioritized
Severity: 3 - Normal
  Status: None
 Privacy: Public
 Assigned to: None
Originator Email: f...@redhat.com
 Open/Closed: Open
 Discussion Lock: Any
Operating System: None


___

Follow-up Comments:


---
Date: Mon 01 Apr 2024 03:10:23 PM UTC By: Anonymous
The script generated by autoconf may run in environments even sparser than the
gnu standards.  One recentish example is missing "diff", which results in
confusing diagnostics but not an outright failure.

It'd be helpful - and possibly improve security overall - if autoconf's
generated shell script were to enumerate and assert the existence of every
/usr/bin type basic utility its code relies on, and if absent, abort abort
abort.  Better that than partial or obscured failures leading to oddly
configured target programs.







___

Reply to this item at:

  

___
Message sent via Savannah
https://savannah.gnu.org/

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

Re: [sr #111044] autoconf should assert existence of all subsidiary tools at startup

Re: [sr #111044] autoconf should assert existence of all subsidiary tools at startup

Re: [sr #111044] autoconf should assert existence of all subsidiary tools at startup

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

[sr #111044] autoconf should assert existence of all subsidiary tools at startup

8 matches

Site Navigation

Mail list logo

Footer information