tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: rc.d/rndctl

    Date:        Fri, 19 Sep 2008 11:58:51 +1000
    From:        Luke Mewburn <>
    Message-ID:  <>

  | As an aside, you have to be careful with
  |     | while read foo; do
  |          ...
  |     done
  | in sh(1) because the code in `...' may or may not be executed
  | in a subshell depending upon the shell's implementation,
  | and therefore can't modify the state (including variables)
  | of the current shell.

In this context that's probably a good thing, and most likely the code
in rc.d/network now that is similar (but without the pipe, so there
should be no subshell) is probably kind of risky.

It is hard to imagine any reason commands meant for ifconfig (including
the route, brconfig, ... lines that are sometimes appropriate) should
ever be allowed to affect the rc.d/network script, let alone the rest
of the rc setup (if rc_fast_and_loose=YES)

There is certainly nothing being explicitly done in the loop that
is meant to be exported.

It would probably be a reasonable idea to actually force a separate shell
for the command execution (especially the ! commands, calls to ifconfig
don't really matter one way or the other).  It may also be useful to
explicitly cd that subshell to somewhere safe(r) before running commands
dug out of a config file this way (maybe even to chroot).

And while I was there looking, one trivial change that could be made ...

                                while read args; do
                                        [ -z "$args" ] && continue
                                        case "$args" in

could be written as

                                while read args; do
                                        case "$args" in

just as effectively (makes the file 28 or so bytes smaller...)


Home | Main Index | Thread Index | Old Index