rpm: don't specify the full path for systemctl and other commands

keszybz · keszybz · commit 7d9ee15d0fc2 · 2021-07-21T10:57:35.000+02:00
We can make things a bit simpler and more readable by not specifying the path.
Since we didn't specify the full path for all commands (including those invoked
recursively by anythign we invoke), this didn't really privide any security or
robustness benefits. I guess that full paths were used because this style of
rpm packagnig was popular in the past, with macros used for everything
possible, with special macros for common commands like %{__ln} and %{__mkdir}.
diff --git a/src/rpm/macros.systemd.in b/src/rpm/macros.systemd.in
@@ -46,31 +46,31 @@ OrderWithRequires(postun): systemd \
 
 %systemd_post() \
 %{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_post}} \
-if [ $1 -eq 1 ] && [ -x %{_bindir}/systemctl ]; then \
+if [ $1 -eq 1 ] && command -v systemctl >/dev/null; then \
     # Initial installation \
-    %{_bindir}/systemctl --no-reload preset %{?*} || : \
+    systemctl --no-reload preset %{?*} || : \
 fi \
 %{nil}
 
 %systemd_user_post() %{expand:%systemd_post \\--global %%{?*}}
 
 %systemd_preun() \
 %{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_preun}} \
-if [ $1 -eq 0 ] && [ -x %{_bindir}/systemctl ]; then \
+if [ $1 -eq 0 ] && command -v systemctl >/dev/null; then \
     # Package removal, not upgrade \
     if [ -d /run/systemd/system ]; then \
-          %{_bindir}/systemctl --no-reload disable --now %{?*} || : \
+          systemctl --no-reload disable --now %{?*} || : \
     else \
-          %{_bindir}/systemctl --no-reload disable %{?*} || : \
+          systemctl --no-reload disable %{?*} || : \
     fi \
 fi \
 %{nil}
 
 %systemd_user_preun() \
 %{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_user_preun}} \
-if [ $1 -eq 0 ] && [ -x %{_bindir}/systemctl ]; then \
+if [ $1 -eq 0 ] && command -v systemctl >/dev/null; then \
     # Package removal, not upgrade \
-    %{_bindir}/systemctl --global disable %{?*} || : \
+    systemctl --global disable %{?*} || : \
 fi \
 %{nil}
 
@@ -84,10 +84,10 @@ fi \
 
 %systemd_postun_with_restart() \
 %{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_postun_with_restart}} \
-if [ $1 -ge 1 ] && [ -x %{_bindir}/systemctl ]; then \
+if [ $1 -ge 1 ] && command -v systemctl >/dev/null; then \
     # Package upgrade, not uninstall \
     for unit in %{?*}; do \
-         %{_bindir}/systemctl set-property $unit Markers=+needs-restart || : \
+        systemctl set-property $unit Markers=+needs-restart || : \
     done \
 fi \
 %{nil}
@@ -105,17 +105,17 @@ fi \
 # Deprecated. Use %tmpfiles_create_package instead
 %tmpfiles_create() \
 %{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# tmpfiles_create}} \
-[ -x %{_bindir}/systemd-tmpfiles ] && %{_bindir}/systemd-tmpfiles --create %{?*} || : \
+command -v systemd-tmpfiles >/dev/null && systemd-tmpfiles --create %{?*} || : \
 %{nil}
 
 # Deprecated. Use %sysusers_create_package instead
 %sysusers_create() \
 %{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# sysusers_create}} \
-[ -x %{_bindir}/systemd-sysusers ] && %{_bindir}/systemd-sysusers %{?*} || : \
+command -v systemd-sysusers >/dev/null && systemd-sysusers %{?*} || : \
 %{nil}
 
 %sysusers_create_inline() \
-[ -x %{_bindir}/systemd-sysusers ] && %{_bindir}/systemd-sysusers - <<SYSTEMD_INLINE_EOF || : \
+command -v systemd-sysusers >/dev/null && systemd-sysusers - <<SYSTEMD_INLINE_EOF || : \
 %{?*} \
 SYSTEMD_INLINE_EOF\
 %{nil}
diff --git a/src/rpm/triggers.systemd.in b/src/rpm/triggers.systemd.in
@@ -16,14 +16,14 @@
 if posix.access("/run/systemd/system") then
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/systemctl", "daemon-reload"))
+        assert(posix.execp("systemctl", "daemon-reload"))
     elseif pid > 0 then
         posix.wait(pid)
     end
 
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/systemctl", "reload-or-restart", "--marked"))
+        assert(posix.execp("systemctl", "reload-or-restart", "--marked"))
     elseif pid > 0 then
         posix.wait(pid)
     end
@@ -38,7 +38,7 @@ end
 if posix.access("/run/systemd/system") then
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/systemctl", "daemon-reload"))
+        assert(posix.execp("systemctl", "daemon-reload"))
     elseif pid > 0 then
         posix.wait(pid)
     end
@@ -49,7 +49,7 @@ end
 if posix.access("/run/systemd/system") then
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/systemctl", "reload-or-restart", "--marked"))
+        assert(posix.execp("systemctl", "reload-or-restart", "--marked"))
     elseif pid > 0 then
         posix.wait(pid)
     end
@@ -62,7 +62,7 @@ end
 if posix.access("/run/systemd/system") then
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/systemd-sysusers"))
+        assert(posix.execp("systemd-sysusers"))
     elseif pid > 0 then
         posix.wait(pid)
     end
@@ -74,7 +74,7 @@ end
 if posix.access("/run/systemd/system") then
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/systemd-hwdb", "update"))
+        assert(posix.execp("systemd-hwdb", "update"))
     elseif pid > 0 then
         posix.wait(pid)
     end
@@ -86,7 +86,7 @@ end
 if posix.access("/run/systemd/system") then
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/journalctl", "--update-catalog"))
+        assert(posix.execp("journalctl", "--update-catalog"))
     elseif pid > 0 then
         posix.wait(pid)
     end
@@ -111,7 +111,7 @@ end
 if posix.access("/run/systemd/system") then
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/systemd-tmpfiles", "--create"))
+        assert(posix.execp("systemd-tmpfiles", "--create"))
     elseif pid > 0 then
         posix.wait(pid)
     end
@@ -123,7 +123,7 @@ end
 if posix.access("/run/systemd/system") then
     pid = posix.fork()
     if pid == 0 then
-        assert(posix.exec("%{_bindir}/udevadm", "control", "--reload"))
+        assert(posix.execp("udevadm", "control", "--reload"))
     elseif pid > 0 then
         posix.wait(pid)
     end
diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in
@@ -15,8 +15,8 @@
 # installed, because other cases are covered by the *un scriptlets,
 # so sometimes we will reload needlessly.
 if test -d "/run/systemd/system"; then
-  %{_bindir}/systemctl daemon-reload || :
-  %{_bindir}/systemctl reload-or-restart --marked || :
+  systemctl daemon-reload || :
+  systemctl reload-or-restart --marked || :
 fi
 
 %transfiletriggerpostun -P 1000100 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
@@ -26,35 +26,35 @@ fi
 # have been installed, but before %postun scripts in packages get
 # executed.
 if test -d "/run/systemd/system"; then
-  %{_bindir}/systemctl daemon-reload || :
+  systemctl daemon-reload || :
 fi
 
 %transfiletriggerpostun -P 10000 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
 # We restart remaining services that should be restarted here.
 if test -d "/run/systemd/system"; then
-  %{_bindir}/systemctl reload-or-restart --marked || :
+  systemctl reload-or-restart --marked || :
 fi
 
 %transfiletriggerin -P 1000700 -- {{SYSUSERS_DIR}}
 # This script will process files installed in {{SYSUSERS_DIR}} to create
 # specified users automatically. The priority is set such that it
 # will run before the tmpfiles file trigger.
 if test -d "/run/systemd/system"; then
-  %{_bindir}/systemd-sysusers || :
+  systemd-sysusers || :
 fi
 
 %transfiletriggerin -P 1000700 udev -- {{UDEV_HWDB_DIR}}
 # This script will automatically invoke hwdb update if files have been
 # installed or updated in {{UDEV_HWDB_DIR}}.
 if test -d "/run/systemd/system"; then
-  %{_bindir}/systemd-hwdb update || :
+  systemd-hwdb update || :
 fi
 
 %transfiletriggerin -P 1000700 -- {{SYSTEMD_CATALOG_DIR}}
 # This script will automatically invoke journal catalog update if files
 # have been installed or updated in {{SYSTEMD_CATALOG_DIR}}.
 if test -d "/run/systemd/system"; then
-  %{_bindir}/journalctl --update-catalog || :
+  journalctl --update-catalog || :
 fi
 
 %transfiletriggerin -P 1000700 -- {{BINFMT_DIR}}
@@ -71,14 +71,14 @@ fi
 # tmpfiles automatically. The priority is set such that it will run
 # after the sysusers file trigger, but before any other triggers.
 if test -d "/run/systemd/system"; then
-  %{_bindir}/systemd-tmpfiles --create || :
+  systemd-tmpfiles --create || :
 fi
 
 %transfiletriggerin -P 1000600 udev -- {{UDEV_RULES_DIR}}
 # This script will automatically update udev with new rules if files
 # have been installed or updated in {{UDEV_RULES_DIR}}.
 if test -e /run/udev/control; then
-  %{_bindir}/udevadm control --reload || :
+  udevadm control --reload || :
 fi
 
 %transfiletriggerin -P 1000500 -- {{SYSCTL_DIR}}
