Hacker Newsnew | comments | show | ask | jobs | submit | inportb's commentslogin

It appears that the tip of the chain housing fits into the lock "vestibule" to apply torque.

-----


I suspect that many folks who "don't run bash" actually do use bash quite a bit, e.g. in initscripts and various software packages.

-----


Any decent shell script is written to use "sh" not bash, and on debian/etc sh is provided by dash not bash.

So while a lot of people are affected, your reasoning points to other issues that are very solveable

-----


This more of a "should be", right? Maybe most shell scripts should use "sh" but I see "bash" way more often.

-----


I guess it comes down to how you interpret things.

I specifically said any decent shell script. My logic is that if it is not using "sh", but instead relying on bash (or any other specific shell really), it's not a decent shell script.

If I were to amend the sentence to make the meaning clearer, I would still not use "should be", I would use "must be".

-----


You're overreaching. I write scripts against bash, not sh, because it's a better scripting language for what I need. It's more readable and its constructs are easier (for me) to follow. I don't care about POSIX-compatibility when bash can be installed literally anywhere. It's a dependency for the devops stuff that I run and maintain, much like Ruby is a dependency and all the gems in my Gemfile.

It's a considered decision, not a sign of "indecency".

-----


I suggest you read the accepted answer at http://stackoverflow.com/questions/19428418/what-is-the-use-... for a brief look at why portable shell scripts are a better solution than bash specific scripts.

-----


I suggest you read my post and maybe let it roll around your head that I've considered my environment and the domain of my problems in a way you aren't giving me credit for. Perhaps even, with that whole mention of devops, I do something such as--crazy thought incoming--install an updated version of bash on every system I must provision, just as I do Ruby, Python, etc.?

"Decent shell script" is not a synonym for "portable shell script" and the presumption therein is what I was addressing.

-----


Exactly so. If I want PORTABLE, I write to "sh". If I want BASH, I write to BASH. The term "decent shell script" is wrong the way he uses it.

-----


Perhaps he didn't deliver the point... but BASH is not a good or safe language to write to.

Writing to '/bin/sh' is understandable due to its ubiquitousness.

Bash is a superset that is not so ubiquitous, so it doesn't have the advantage that writing to /bin/sh does.

If you don't want portable, then don't write to shell script. Write to Perl Ruby or Python, which is also safer and more secure.

-----


/bin/bash is on literally every machine I ever touch. It is on every Debian machine. It is on every Ubuntu machine. It is on every OS X machine. It is on every Windows (!) machine. And there are plenty of operations that are significantly more cumbersome to write in Ruby--otherwise, sure, I would do so. Backticks are nice, but there's no `set -e` (that I am aware of) and it becomes a huge hassle to do things in a smart, error-checking way.

-----


No-one claimed Bash isn't widely distributed and installed by default.

However, unless you are patching and compiling the same version of Bash, you absolutely do not have the same version on all those machines, and that is the whole reason NOT to target Bash in shell scripts - its features are not always consistent/compatible across versions.

-----


> /bin/bash is on literally every machine I ever touch. It is on every Debian machine. It is on every Ubuntu machine. It is on every OS X machine. It is on every Windows (!) machine.

Yes. Yes. Yes. Yes. No (unless Cygwin is installed).

-----


/bin/bash is on literally every machine I ever touch. Did you miss the operative phrase?

(I have init scripts for Cygwin, too, because I need Windows but life is too short for CSRSS.)

-----


> /bin/bash is on literally every machine I ever touch. Did you miss the operative phrase?

You intended that subjunctive clause to apply to all the sentences, an intent I missed. My mistake. :)

This may soon become a tempest in a teapot, as patched Bash versions are now appearing. I just patched all my machines.

-----


> "Decent shell script" is not a synonym for "portable shell script"

Only for you. For me and a lot of others I suspect, if it isn't portable it isn't worth the trouble.

If you have to re-compile a newer/older version of a shell to get the same results across machines, any potential benefits start to seem insignificant compared to the effort involved.

-----


How? I already am running Chef on every machine I touch.

-----


So you have a chef recipe to download and compile the same version of bash on every platform you use?

How do you handle situations where bash is included by default?

Do you remove the package or just push your binary over the top?

If you don't remove it, what happens when a package update then replaces your binary?

How often do you update the recipe to make sure it's getting the latest stable version and applying security patches?

-----


> So you have a chef recipe to download and compile the same version of bash on every platform you use?

No, I have a chef recipe to install the newest version of bash 4 everywhere. How is an implementation detail. (I use Ubuntu packages and Homebrew, I only compile on cygwin.)

> How do you handle situations where bash is included by default? Do you remove the package or just push your binary over the top?

On OS X, the only place that's the case, I replace the binary (by using the Homebrew-compiled one).

> How often do you update the recipe to make sure it's getting the latest stable version and applying security patches?

I've written the Chef recipe to not need regular updates. I run my Chef update stuff on a weekly basis. I can do so manually if I need to.

-----


Bash is known to have version/compatibility issues - Homebrew reports Bash 4.3, but Ubuntu only has 4.3 available for the most recent version - anything from before April will only get 4.2.

This is my whole point - targeting /bin/sh means targeting a POSIX compliant shell, which may be implemented by any number of different codebases, with a defined standard to meet. Posix mode in Bash 4.3 should be the same as Posix mode in Bash 3.9, etc. - targeting /bin/bash means targeting whatever specific bash oddities come with the version installed.

-----


That's a fair point for bash ultra-power users. It doesn't really reflect on my use case. I don't exactly pull out all the stops. I use [[ ]] and set -e, which have very familiar semantics that haven't changed for a long time, and that's about it. I am very confident in my selection of "portable bash"-isms as far back as 3.2 (running 4.x on OS X has only come on recent, I added it a couple months ago).

Don't get me wrong: I could use /bin/sh. But I would have to write worse code to do it. I'll take the possibility of a bash regression over writing all my shell scripts in sh.

-----


Gosh, you are so clever.

-----


If you can confidently assert that every shell script your system runs is "decent", then you'll have no problem. The thing is, very few of us can confidently make that assertion.

-----


That all depends where your shell scripts come from.

In my experience most of the shell scripts provided by packages for debian, do use /bin/sh.

A quick check of .sh files on a couple of squeeze/wheezy installs showed that the vast majority of shell scripts using Bash come from node modules, which quite frankly is not surprising.

-----


There is tremendous range in what a "shell script" might be. I vastly prefer bash to sh as a user shell. Often times, I have bits of logic I express in a command that I want to capture and reuse, and they get grabbed and dropped in a (frequently context specific) bin directory. I would contend that these "save me from typing it out" shell scripts should mimic what I would type myself. Once they wind up being more general, I usually rewrite them in a different language entirely. That's a very different context than something like an init script, though.

-----


Still, isn't sh quite often implemented as an alias/symlink for bash nowdays?

-----


Yes, but Debian and Ubuntu has changed their default shell to Dash (in 2006 I think), and embedded systems usually use some lightweight shell such as BusyBox. So far from all systems do.

-----


Just to clarify a little:

By default Debian still uses Bash for interactive user shells, but since Squeeze (early 2011), /bin/sh is provided by Dash.

Dash is used because it's faster than Bash and has less dependencies so its more resilient to failures.

for more info see https://wiki.debian.org/Shell, https://wiki.debian.org/DashAsBinSh and https://packages.debian.org/wheezy/dash

-----


Thanks for clarification!

-----


> Why is it immature to see people preach one way, behave a separate way, and conclude they're full of shit?

It's not. Concluding that people are unreasonable and summarily dismissing what they preach is what seems immature. One might instead realize that a church and its religion are related but distinct... that although people may not perfectly embody what they preach, the beliefs themselves may be virtuous.

-----


I don't think anyone these days comes to religion as a logical explanation for observed facts. The nonexistence of a personal interventionist god (Clarke's "Alpha") is a couple of lines and Occam's razor; the nonexistence of a universe-creating god (Clarke's "Omega") doesn't even need the couple of lines.

The rationale usually given for religion these days is as a source of moral guidance; the bible may not be literally true, but it's full of wisdom you can apply to your daily life. The Church isn't really about preparing for the second coming of Jesus, but it helps bind the community together; it provides a place you can go for moral advice, a way to direct charitable efforts, shared rituals that help people know each other and so on.

But those matters are things you can judge through observation. If I know christians and atheists, and I observe that the atheists are living more moral lives than the christians, then even on the kind of grounds I've described above, I absolutely should choose to be atheist.

-----


A lack of a belief in God, Atheism, isn't equal to Naturalism, a belief that there is nothing but what is measurable. There is quite a bit of room between the two.

Many early Christians were called Atheists because they denied the existence of other gods. Yet today they (and others) have forgotten the times before they were a dominant world view. True religious imperialists.

-----


atheists don't go around evangelizing, do they?

-----


I believe reasonable people should conclude that when people systemically preach X and behave !X that they, and their beliefs, are addled. Or more likely that they're hucksters. They're using their credibility to sell something, and they have no credibility.

Not to mention the bible, a rorshach of self-contradictory beliefs; christians regularly attempt to avoid standing behind their opinions or condemnation thereof via the "bible says so" ruse, though they're notably happy to lawyer their way out of biblical rules that have fallen out of favor (clothes of two threads, slavery, wife as chattel, homosexuality for some.)

-----


I believe I should not lie. But sometimes I lie. I find this hard. It is a personal struggle, something I meditate on and genuinely try to improve myself. When others lie, I want to say that lying is wrong and simultaneously acknowledge that it's difficult to do the right thing.

I preach X and behave !X. But I don't think I'm a huckster, nor trying to sell anything. I'm just me. I'm not vying for credibility. But I still encourage people not to lie, even though it's hard.

Is there anyone who lives in perfect accordance with their ideals for how people should live?

-----


People turn away from those that Preach "Everyone that does X is evil, and will go to hell," then are found out to be doing "X." Then they claim that they are not going to hell because they are the exception to the rule.

Doesn't even have to be around religion. Rush Limbaugh laughed at the idea that addiction was a 'disease' until it came out that he was an addict. Then all of the sudden it's a disease, with no apology to all of the others that were decried as stupid/wrong/etc over the years.

-----


What would you think of a similar experiment to probe deception in academic research?

-----


I think we need to balance the need for deception in some cases, against the fact that tricking/pranking people is fun, and makes you look cool. There is an inherent ego boost from making other people look stupid and foolish, and that applies as much to the Sokal hoax as this.

That said, there are some reasons why I would be more in favor of using deception in your example:

- Facebook doesn't claim to have mechanisms that prevent deception. It is an extension of social life, and people are already equipped to understand that other people might lie to them. Academia claims to be robust against deception, because of the impact that a single faked academic result could have.

- The purpose of a probe into academic deception would probably be to prove that the safeguards were inadequate. This research, on the other hand, is used as evidence that people are always being dishonest when they use Facebook. It is very bad evidence for this claim. I would object to submitting a fake paper, and using it as evidence that all academics are biased.

-----


Radiation would probably be analogous to burning out random transistors, and you could target specific areas if you wanted to.

-----


Probably... though I have an easier time imagining someone picking a lock or, in the case of fuzzing, using a bump key.

-----


Objectification is in the eye of the beholder.

-----


I can appreciate your point, but this is a poor analogy. There are people who do exactly that which you find objectionable, and cultures in which it is perfectly acceptable.

-----


What are you thinking of?

-----


Those that don't do such abuse, obviously.

-----


I think this[0] is what you are looking for

[0] https://en.wikipedia.org/wiki/Health_insurance_cooperative

-----


It would be fun to actually compute the center of mass, knowing that people are not uniformly massive.

-----


A good starting point might be average weight statistics on a per-state level. I doubt you could get any finer-grained information though.

-----

More

Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: