system(NULL) overly restrictive?

Mon, 23 Oct 2023 18:38:48 -0700 

C23 ("7.24.4.8 The system function") is stricter
than POSIX: "If the argument is a null pointer, the system function
returns nonzero only if a command processor is available".

POSIX: "If command is a
null pointer, system() shall return non-zero to indicate that a
command processor is available, or zero if none is available. [CX] The
system() function shall always return non-zero when command is NULL."

i'm assuming the intention here was "you're not a POSIX system without
a shell, so it's not possible for system(NULL) to fail to report that
a command processor is available" ... but is that true? what does
"available" mean?

openbsd and freebsd and musl and android's bionic libc always just
return 1. netbsd checks that _PATH_BSHELL is exectuable with access(2)
(but doesn't actually _execute_ anything). apple's copy of freebsd has
a local change similar to the netbsd one. glibc seems to actually try
to _run_ a shell:
```
[pid 3612818] execve("/bin/sh", ["sh", "-c", "exit 0"], 0x7fff98502fe8
```

i'd taken POSIX literally in bionic because "who cares?" --- i'd never
seen anyone actually try to use this. perhaps inspired by the man7.org
and macOS man pages, though, since then we've seen a few projects
(many admittedly seemingly copy & pastes of one another) try
system(NULL) before trying the command they _actually_ want.

which brings me back to (a) is POSIX being overly restrictive here?
and (b) what should i actually do in bionic? i'm unconvinced by the
access(X_OK) of netbsd/macOS: that seems neither one thing nor the
other. either `return 1` on the basis of "sure, there's a shell [but
if you want to know whether the command you want to run is going to
work, you'd better actually try it, because nothing else will
guarantee that]" seems fair enough, or "i actually ran a shell command
[like glibc does] and checked the result was what i expected [where
something like `exit 22` might be a bit more convincing]" seems fair
enough too, and at least "less useless".

i'm struggling to think of a POSIX way to end up in a situation where
your shell doesn't work; no chroots or containers or whatever. but a
POSIX system can have those kinds of features that could mean
system(3) doesn't actually work _for this process_, so "The
system() function shall always return non-zero when command is NULL"
seems like a bug?
  • system(NULL) overly r... enh via austin-group-l at The Open Group
    • Re: system(NULL)... Oğuz via austin-group-l at The Open Group
      • Re: system(N... Jonathan Wakely via austin-group-l at The Open Group
        • Re: syst... Oğuz via austin-group-l at The Open Group
          • Re: ... Gabriel Ravier via austin-group-l at The Open Group
            • ... enh via austin-group-l at The Open Group
              • ... Gabriel Ravier via austin-group-l at The Open Group
            • ... Oğuz via austin-group-l at The Open Group
              • ... Gabriel Ravier via austin-group-l at The Open Group
                • ... Oğuz via austin-group-l at The Open Group
    • Re: system(NULL)... Robert Elz via austin-group-l at The Open Group

Reply via email to