From aacc7c0a4b6f37c5d40473edfe0c9654fee1f4f5 Mon Sep 17 00:00:00 2001
From: "Kyle J. McKay" <mackyle@gmail.com>
Date: Tue, 6 Dec 2016 00:16:31 -0800
Subject: [PATCH] install.sh: verify POSIX sh sanity

Verify that the choice of POSIX sh actually has the built-in
commands that are expected and at the same time warn if any
commands that should be built-in for performance reasons are
not.  In which case, also arrange for them to be installed into
the chroot when it's set up.

Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
---
 install.sh   | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 jailsetup.sh |  7 +++++++
 2 files changed, 68 insertions(+)

diff --git a/install.sh b/install.sh
index 6ba41b8..09abb4c 100755
--- a/install.sh
+++ b/install.sh
@@ -49,6 +49,11 @@ quick_move() {
 	}
 }
 
+check_sh_builtin() (
+	"unset" -f command
+	"command" "$var_sh_bin" -c '{ "unset" -f unalias command "$1" || :; "unalias" "$1" || :; } >/dev/null 2>&1; "command" -v "$1"' "$var_sh_bin" "$1"
+) 2>/dev/null
+
 owngroup=""
 [ -z "$cfg_owning_group" ] || owngroup=":$cfg_owning_group"
 if [ -n "$cfg_httpspushurl" -a -z "$cfg_certsdir" ]; then
@@ -425,18 +430,69 @@ cp -p gitweb/*.sh gitweb/*.perl "$basedir/gitweb"
 [ "$GIROCCO_CONF" = "Girocco::Config" ] || cp "$(echo "$GIROCCO_CONF" | sed 's#::#/#g; s/$/.pm/')" "$basedir/Girocco/Config.pm"
 
 ln -s "$cfg_git_bin" "$basedir/bin/git"
+echo "*** Verifying selected POSIX sh is sane..."
 shbin="$var_sh_bin"
 [ -n "$shbin" ] && [ -x "$shbin" ] && [ "$("$shbin" -c 'echo sh $(( 1 + 1 ))' 2>/dev/null)" = "sh 2" ] || {
 	echo 'ERROR: invalid $Girocco::Config::posix_sh_bin setting' >&2
 	exit 1
 }
+[ "$(check_sh_builtin command)" = "command" ] || {
+	echo 'ERROR: invalid $Girocco::Config::posix_sh_bin setting (does not understand command -v)' >&2
+	exit 1
+}
+sh_not_builtin=
+sh_extra_chroot_installs=
+badsh=
+for sbi in cd pwd read umask unset unalias; do
+	if [ "$(check_sh_builtin "$sbi")" != "$sbi" ]; then
+		echo "ERROR: invalid \$Girocco::Config::posix_sh_bin setting (missing built-in $sbi)" >&2
+		badsh=1
+	fi
+done
+[ -z "$badsh" ] || exit 1
+for sbi in '[' echo printf test; do
+	if ! extra="$(check_sh_builtin "$sbi")"; then
+		echo "ERROR: invalid \$Girocco::Config::posix_sh_bin setting (missing command $sbi)" >&2
+		badsh=1
+		continue
+	fi
+	if [ "$extra" != "$sbi" ]; then
+		case "$extra" in /*) :;; *)
+			echo "ERROR: invalid \$Girocco::Config::posix_sh_bin setting (bad command -v $sbi result: $extra)" >&2
+			badsh=1
+			continue
+		esac
+		withspc=
+		case "$extra" in *" "*) withspc=1; esac
+		[ -z "$withspc" ] && [ -f "$extra" ] && [ -r "$extra" ] && [ -x "$extra" ] || {
+			echo "ERROR: invalid \$Girocco::Config::posix_sh_bin setting (unusable command -v $sbi result: $extra)" >&2
+			badsh=1
+			continue
+		}
+		echo "WARNING: slow \$Girocco::Config::posix_sh_bin setting (not built-in $sbi)" >&2
+		sh_not_builtin="$sh_not_builtin $sbi"
+		sh_extra_chroot_installs="$sh_extra_chroot_installs $extra"
+	fi
+done
+[ -z "$badsh" ] || exit 1
+[ -z "$sh_extra_chroot_installs" ] || {
+	echo "WARNING: the selected POSIX sh implements these as non-built-in:$sh_not_builtin" >&2
+	echo "WARNING: as a result it will run slower than necessary" >&2
+	echo "WARNING: consider building and switching to dash which can be found at:" >&2
+	echo "WARNING:   http://gondor.apana.org.au/~herbert/dash/" >&2
+	echo "WARNING: (download a tarball from the files section or clone the Git repository" >&2
+	echo "WARNING:  and checkout the latest tag, run autogen.sh, configure and build)" >&2
+	echo "WARNING: dash is licensed under the 3-clause BSD license" >&2
+}
 ln -s "$shbin" "$basedir/bin/sh"
+echo "*** Verifying selected perl is sane..."
 perlbin="$var_perl_bin"
 [ -n "$perlbin" ] && [ -x "$perlbin" ] && [ "$("$perlbin" -wle 'print STDOUT "perl ", + ( 1 + 1 )' 2>/dev/null)" = "perl 2" ] || {
 	echo 'ERROR: invalid $Girocco::Config::perl_bin setting' >&2
 	exit 1
 }
 ln -s "$perlbin" "$basedir/bin/perl"
+echo "*** Verifying selected gzip is sane..."
 gzipbin="$var_gzip_bin"
 [ -n "$gzipbin" ] && [ -x "$gzipbin" ] && "$gzipbin" -V 2>&1 | grep -q gzip && \
     [ "$(echo Girocco | "$gzipbin" -c -n -9 | "$gzipbin" -c -d)" = "Girocco" ] || {
@@ -554,7 +610,12 @@ if [ -n "$cfg_chrooted" ]; then
 		rm -rf "$cfg_basedir/bin-old"
 		quick_move "$cfg_basedir/bin-new" "$cfg_basedir/bin" "$cfg_basedir/bin-old"
 		rm -rf "$cfg_basedir/bin-old"
+		if [ -n "$sh_extra_chroot_installs" ]; then
+			GIROCCO_CHROOT_EXTRA_INSTALLS="$sh_extra_chroot_installs"
+			export GIROCCO_CHROOT_EXTRA_INSTALLS
+		fi
 		./jailsetup.sh
+		unset GIROCCO_CHROOT_EXTRA_INSTALLS
 	else
 		echo "WARNING: Skipping jail setup, not root"
 	fi
diff --git a/jailsetup.sh b/jailsetup.sh
index 215e26f..b0946fe 100755
--- a/jailsetup.sh
+++ b/jailsetup.sh
@@ -355,6 +355,13 @@ for i in git git-index-pack git-receive-pack git-shell git-update-server-info gi
 	pull_in_bin "$var_git_exec_path/$i" bin git
 done
 
+# ...and any extras identified by install.sh
+if [ -n "$GIROCCO_CHROOT_EXTRA_INSTALLS" ]; then
+	for i in $GIROCCO_CHROOT_EXTRA_INSTALLS; do
+		pull_in_bin "$i" bin
+	done
+fi
+
 # Note time of last jailsetup
 > etc/sshactive/_jailsetup
 
-- 
2.11.4.GIT