Simplify linux install scripts

[mmuman]

Looking at Ventoy2Disk.sh & friends, I'm quite perplex as to why it's so convoluted:

• I see absolutely no reason to bundle a shell binary alongside. Even if you require bash features it's quite easy to test if bash is present and rerun oneself with it without a separate script.

• Why compress those binaries? The archive is already compressed, and it's not like they take as much as the payload that is copied to the usb key anyway.

• Why ship binary tools instead of testing for existing tools and propose installing them if missing? Most people should have those already anyway. Besides, the number of Raspberry Pi users now likely outweighs the number of people who don't have them, and those won't be able to run the script due to x86 binaries being required.

• Some home-made tools can very well be replaced by a single line of shell, like vtoy_gen_uuid which is basically dd if=/dev/random bs=16 count=1… Would need some error checking, but then the current code doesn't have it either.

As such, I'm really not inclined to trust this script to run it as root, due to its apparent useless complexity. For such a tool that is used to install distros to many computers, One should probably expect some guaranties in terms of code auditability, perhaps even reproducible builds. Admittedly I didn't check others like MultibootUSB, but at least the code I've seen from them seems less convoluted so I'm more inclined to trust them.

So before I start cleaning those up I'd like any rationale as to why we should keep them…

[ventoy]

Hi,

1. ash is just for the enviroment that doesn't have a bash(eg. mksh ksh..)
2. compression is to decrease the size of the install package.
3. the same as 1, just for the envrioment that doesn't contains them, for example my ubuntu server enviroment has no hexdump. currently ventoy only support x86, and for arm there will obviously another install package for arm.
4. this can be optimized as you said, but at the beginning I want to generate a real uuid like uuidgen not random.

Anyway, all the binaries are open source and can be reproduced. So I think there is no security problem.

[mmuman]

Hmm, removing bashisms will likely reduce the package size way more than compressing ash…
Still, depending on x86 linux binaries forbids using the scripts on other platforms. No need for separate install package if you just use host tools. I might want to use that from Haiku someday…

Most tools have a simpler version that's always there, like, hexdump can be replaced by od which is quite always present. For uuids, well if uuidgen is present you can use:
printf "`uuidgen | sed 's/-//g;s/../\\\x&/g'`" and fallback to dd.

[ventoy]

Yes, but if I don't use bashisms scripts, I will have to deal with many compatibility probems. For example dash/mksh/ksh ... may have different behaviors for some shell commands like echo, let, expr, output redirection and so on.

Take mkfs.exfat for example, it is necessary to Ventoy, but many distros don't contain it by default.
So I put it in the package for convenience.

[mmuman]

Well the complexity you remove by shipping bins for a single platforms will just come back when having to deal with the other platforms. You'll end up having to ship bins for BSD, Haiku… (well, some do like kBuild for VirtualBox, but that's build tools that have to bootstrap themselves…) 🤔
I understand you favor ease of use to avoid frightening newbies, but that's quite extreme. Instead of little more complexity for all you make it impossible for some to just use it. Would you find acceptable to check for bins and apt-get/rpm install them if not found, for example? The script must already be run as root anyway so it wouldn't have to ask for password or anything. And then we could just go with bash since we make sure it's installed.

[ventoy]

As for the script compatibility problem, you will only know if someone reports it, unless you test all the ksh/mksh/dash ... with ash I will have the same behavior in any envrioment.

As for BSD/Haiku, I prefer to provide a new install package with full test.

As for apt-get/rpm, there are many cases without an internet connect.

[ventoy]

Of course I can also provide a pure shell script.
In this script, I will always exit if it doesn't match my request.
For example, if any of these binaries doesn't exist it will exit immediatly. bash/fdisk/mkfs.exfat/hexdump/uuidgen/xz/...

But the binaries should also be shipped. If your system contains all the needed things you can choose the pure shell script and these binraries will not be used.

[mmuman]

Hmm, another option could be to check for host tools and if not present prepend ./tools to PATH?
Or append it anyway, so they will be used as fallback regardless… but not everyone might like this behavior (some sysadmins for ex.)

[silvernode]

As for the script compatibility problem, you will only know if someone reports it, unless you test all the ksh/mksh/dash ... with ash I will have the same behavior in any envrioment.

As for BSD/Haiku, I prefer to provide a new install package with full test.

As for apt-get/rpm, there are many cases without an internet connect.

Unrelated
Just wanted to pop in and say it is awesome that you mentioned Haiku. Thank you for your hard work on this project.

[PERCE-NEIGE]

I do agree 100%.

Ventoy is said to be really easy to use, but it's not really easy to install, when someone uses Linux.
If it could have a ppa or an appimage, it would be blissful, but even without it, even the installation process for Linux is not very detailed and well explained on the site.

[silvernode]

I do agree 100%.

Ventoy is said to be really easy to use, but it's not really easy to install, when someone uses Linux.
If it could have a ppa or an appimage, it would be blissful, but even without it, even the installation process for Linux is not very detailed and well explained on the site.

Maybe a series of zenity prompts would help. Some sort of basic GUI for installation would be nice for a lot of people. I am ok with how things are now but accessibility for many others is very low, especially for non Linux users .