abathur
commented
4 years ago @catern I definitely do find it amusing (and timely).
@grahamc asked lately about two specific ways to catch executables that might otherwise be leaking or falling through the cracks--an option to generate scripts with PATH unset (which is underway in #12), and a "trace" option which I'm still chewing on, since it doesn't square as readily with the model I use here. (Graham mentioned this alongside a few other issues; I split this specific topic out into #9, but you can also see his original comment in #4). I've updated that issue to cross-link here.
I also think the underlying idea here has some other interesting applications! Just a month ago I was talking (log) with @infinisil and @samueldr in nixos-chat and wondered aloud about the viability of a FUSE filesystem that denies information about valid paths by pretending all paths are valid (but only returning correct contents to certain requesting processes by PID).
catern
Instead of using a parser to parse the text of the shell script, you could point PATH at a FUSE filesystem and run the script to discover the executables the script runs. One might be concerned that one has to run the script, which might have annoying side-effects or be very slow - but that doesn't have to be the case, since you don't have to run the real executables: You can have the FUSE filesystem respond on-demand with stubs that do nothing for every executable that the script runs. This is kind of like what the Tup build system does. https://github.com/gittup/tup
Of course this is not a serious suggestion, parsing the shell script as in your current approach is certainly better (this dynamic way wouldn't even support the most basic functions). I just mention this because you might find it mildly amusing, because I implemented something like resholved using that strategy in this SIGBOVIK paper: https://github.com/catern/rsyscall/tree/master/research/sigbovik2020 https://github.com/catern/rsyscall/blob/master/research/sigbovik2020/paper.pdf