On 20 July 2017 at 07:29, <rpjday@crashcourse.ca> wrote:
  (admittedly not an actual "fedora" topic but i'm sure i'll get some
good advice here.)

  i'm currently perusing someone else's collection of shell scripts,
and looking to add more, and want to clarify once and for all the
meaning of writing (and verifying) the "POSIX-ness" of shell scripts,
and what tools i can use to detect "bashisms" (or lack of POSIX-ness)
in scripts. 

  first, can i verify that trying to keep my scripts as POSIX-compatible
as possible is a good thing? i've always assumed that, just curious as
to what others think, and how much effort they put into adhering to
the POSIX standard (thereby giving up all those cool bash extensions).

Bash has a lot of overhead that isn't essential for batch scripts, but
requires lots of code.  Experience has shown that the bigger the code, 
the more security and reliability issues will be found, which is one
reason some distros switched to dash for system scripts.

Rigid adherence to a standard is often overkill.  Bashisms have been a 
practical problem for systems that use dash for /bin/sh.  Have you
seen https://www.debian.org/doc/debian-policy/ch-files.html#s-scripts (section 10.4)?
This includes recommendations to actually use some "standard"
SUS/POSIX capabilities that are too often negelected, e.g., "set -e" and 
some X/Open System Interface (XSI) extensions.

Most collections of shell scripts rely on a small number of idioms.
Some of these may be POSIX compliant but ill-conceived, so it is 
often best to make a list of idioms and investigate each one 
to see if it needs to be modified to follow "best practices".  One
best practice is to avoid using shell scripts where better tools
exist, so you could end up discarding some scripts in the 
collection.

https://google.github.io/styleguide/shell.xml
 

  next, if i want to enforce POSIX-ness, is it just a matter of using

    #!/bin/sh --posix

actually, i already know it's not that simple, since i'm sure i've
read that even adding that "--posix" option still leaves some
non-POSIX features active; i'll re-read the docs to verify that.

  finally, pointers to shell analysis utilities? WRT fedora packages,
i've already found:

  * devscripts-checkbashisms
  * ShellCheck

and i suspect there are others.

  so, thoughts? and any pointers to online coverage of this stuff?
thank you kindly.


https://sipb.mit.edu/doc/safe-shell/

https://google.github.io/styleguide/shell.xml
 
Fedora -- you have lots of scripts you can study.  You may find good and bad
examples (file bugs for the bad ones!).


--
George N. White III <aa056@chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia