From: Tobias Geerinckx-Rice <me@tobias.gr>
To: Nam Nguyen <namn@berkeley.edu>
Cc: 32855@debbugs.gnu.org
Subject: bug#32855: sshuttle /usr/bin/env
Date: Sun, 30 Sep 2018 13:52:56 +0200 [thread overview]
Message-ID: <87h8i7cicn.fsf@tobias.gr> (raw)
In-Reply-To: <20180929224001.GA10179@antelope>
Hullo,
Nam Nguyen wrote:
> Hi Tobias,
>
> After testing, I think the /bin/sh substitution introduced a
> regression.
>
> Lines in question:
> (substitute* "sshuttle/ssh.py"
> ;; Perhaps this is unreachable, but don't let's take risks.
Oh, the irony.
> (("/bin/sh") (which "sh")))
This is just wrong: it calls the client's /gnu/store/.../sh on the
server.
> $ sshuttle -r user <at> server.com 0/0 -x server.com
> ksh: /gnu/store/rb...-bash-minimal-4.4.19/bin/sh: not found
> client: fatal: server died with error code 127
>
> The server I am sshing to is not running GuixSD. It is trying to
> find
> /gnu/store/.../bin/sh but it doesn't exst.
That's a good point (all my remotes run GuixSD, hiding the bug).
> The only requirements on the server side should be Python.
It's all well & good for upstream to say that (they do), but if
they explicitly call /bin/sh on the server then it's just not
true. A POSIX-compliant 'sh' was always an unstated server-side
dependency, and Guix happens to be very good at finding (and
breaking :-) those.
The hard-coded '/bin/' kluge was accepted later¹. Can't fathom
why. If brianmay's last comment is still true they'll accept the
correct 'exec sh' solution too.
Could you check whether replacing '(which "sh")' with '"sh"'
works? It does for me.
> Should those lines should be removed? I tested without, and it
> seems to work okay,
> at least for my particular setup: GuixSD client --> non-GuixSD
> server.
Wouldn't that break [any client -> vanilla GuixSD server] cases?
No denying that this regression needs to be fixed,
though. Apologies for breaking your 'flow.
> I suppose we have to state the assumptions of whether the client
> and
> server are running Guix or not, and arrive at good defaults.
I'd like to avoid such assumptions in general, and entirely on the
Internet.
Kind regards,
T G-R
1. https://github.com/sshuttle/sshuttle/pull/77
next prev parent reply other threads:[~2018-09-30 11:54 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-27 18:23 bug#32855: sshuttle /usr/bin/env Nam Nguyen
2018-09-27 19:11 ` Tobias Geerinckx-Rice
2018-09-27 19:22 ` Nam Nguyen
2018-09-27 22:04 ` Tobias Geerinckx-Rice
2018-09-29 22:40 ` Nam Nguyen
2018-09-30 11:52 ` Tobias Geerinckx-Rice [this message]
2018-09-30 14:45 ` Nam Nguyen
2018-10-06 14:19 ` Marius Bakke
2018-10-06 14:49 ` Tobias Geerinckx-Rice
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h8i7cicn.fsf@tobias.gr \
--to=me@tobias.gr \
--cc=32855@debbugs.gnu.org \
--cc=namn@berkeley.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.