Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Debian Package setup fails if the setup password contains spaces #6918
Installing the tine20 Debian Package always failed on my system, even after unsetting the LANG variable.
/var/lib/dpkg/info/tine20.postinst: 58: [: pJBBCGS9: unexpected operator
I had to take a look at the postinst script to understand it was caused by my auto-generated setup password containing spaces...
It's somewhat dangerous to use a completely unquoted password there, and also other special characters in the password may cause script failures / syntax error and whatever.
At least, the password should be quoted everywhere where it's used in the script, but in addition, the password selection dialog should explicitly warn about the password being used in unsafe ways in shell scripts and ask to avoid special characters.
A user won't try to perform code injections on her/his own server, of course, but inadvertedly using "wrong" characters in ones password really happens easily.