directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stan R (JIRA)" <>
Subject [jira] [Comment Edited] (DIRSERVER-2175) startup script: support for more shells
Date Tue, 06 Dec 2016 21:53:58 GMT


Stan R edited comment on DIRSERVER-2175 at 12/6/16 9:53 PM:

I've attached a sample Dockerfile for a minimal container based on alpine if needed for build
testing. Generates an image just under 190mb all-in.

I can't say that it would work on Mac OSX, but it is probably at least more likely to than
it was before.

was (Author: stncr):
I've attached a sample Dockerfile for a minimal container based on alpine if needed for build
testing. Generates an image just under 190mb all-in.

> startup script: support for more shells
> ---------------------------------------------------
>                 Key: DIRSERVER-2175
>                 URL:
>             Project: Directory ApacheDS
>          Issue Type: Improvement
>    Affects Versions: 2.0.0-M23
>         Environment: Linux, Busybox Ash shell
>            Reporter: Stan R
>            Priority: Trivial
>         Attachments: Dockerfile.alpine.apacheds,
> Attempting to start ApacheDS via the startup script with a shell other than
bash, such as busybox Ash shell, results in the following error:
> {noformat}
> $ sh run
> line 113: syntax error: unexpected "(" (expecting ")")
> {noformat}
> The offending line 113 (and 1 previous) for reference:
> {noformat}
> # Build the classpath (
> CLASSPATH=$(JARS=("$ADS_HOME"/lib/*.jar); IFS=:; echo "${JARS[*]}")
> {noformat}
> Analyzing the offending line reveals that the classpath is built using a bash-specific
syntax/feature for arrays -- functionality not found in other shells. Following the helpful
link on line 112 to stackoverflow for further explanation reveals that while the manual classpath
creation methodology via bash arrays used to be the "best" available, it is now deprecated.
According to the stackoverflow page, building the classpath manually is no longer a necessity
as of at least 2012; the classpath can now contain wildcards, and Java will kindly resolve
the wildcards on its own. Further investigation of the classpath wildcard resolution functionality
reveals that the feature has been present in Java 1.7 since release 1 (I downloaded the first
release and looked at the manpage "java.1") in 2011.
> Since ApacheDS requires Java 1.7 as a prerequisite, and the wildcard classpath resolution
functionality is present in all versions of Java 1.7 and up, I propose eliminating the bash-only
manual classpath creation, and instead take advantage of the 5-year-old enhancement present
in Java, so that other shells may be supported when executing the script.
> The largest benefit to supporting shells other than bash, is for situations in which
ApacheDS is deployed in minimalized container environments for security reasons, where attempts
are made to reduce potential attack surface by removing all unnecessary features, libraries,
and software. To this end, bash is a prime candidate for removal as a dependency (see shellshock).
> Given the above, changing line 113 to the following allows the script to be executed,
and ApacheDS to be launched, without error in busybox's ash shell and bash shell (and perhaps
> {noformat}
> {noformat}
> I will attempt to attach a patchfile if I can.

This message was sent by Atlassian JIRA

View raw message