How can I programmatically verify if a CYGWIN app is installed in a SH script ?

Question

Here's the situation :

I am writing a SH deployment script that will deploy a website with an RSYNC command in CYGWIN. After the installation, I want to send an e-mail to the development team to say that a deployment has been made with some details. I will use "exim" to send the mail from CYGWIN.

The thing is that, exim is only optional when installing CYGWIN and I would like to quit my SH script if it's not installed. Any idea to check in UNIX (and working in CYGWIN) if an app is installed in a script ?

Thanks in advance !

Answer 1

# bash script (should also work with sh)
# someprog must be on the path for type to find it
if type -p "someprog"
then
    echo "it's there"
else
    echo "it isn't"
fi

Answer 2

You can use the 'which' command. It will return you the location of the program or nothing if not present.

Answer 3

Specifically to check for 'exim', execute

exim -bV

On my Cygwin it gives an output like,

Exim version 4.69 #1 built 28-Jan-2008 21:59:08
Copyright (c) University of Cambridge 2006
Probably GDBM (native mode)
Support for: crypteq iconv() PAM OpenSSL Content_Scanning
Lookups: lsearch wildlsearch nwildlsearch iplsearch dbm dbmnz dnsdb dsearch ldap
    ldapdn ldapm passwd
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply pipe smtp
Size of off_t: 8
Configuration file is /etc/exim.conf

From the 'exim' manual on 'exim -bV',

This option causes Exim to write the current version number, compilation number, and compilation date of the exim binary to the standard output. It also lists the DBM library this is being used, the optional modules (such as specific lookup types), the drivers that are included in the binary, and the name of the run time configuration file that is in use.

As part of its operation, -bV causes Exim to read and syntax check its configuration file. However, this is a static check only. It cannot check values that are to be expanded. For example, although a misspelt ACL verb is detected, an error in the verb's arguments is not. You cannot rely on -bV alone to discover (for example) all the typos in the configuration; some realistic testing is needed. The -bh and -N options provide more dynamic testing facilities.

---

Comparing with the type and which checks.

type is a shell builtin command. It indicates how a name will be interpreted by the shell if used as a command. The -p option causes it to return the name of the disk file that would be executed if the command was issued.

which simply searches for an executable by the given name in the search PATH using the same bash algorithm.

Either of these will return true if someone puts an executable file called by the same name in the path. You should be more careful about invoking commands from a script, if security is a concern.

It may be prudent to know what you are running.
Of course, I can also implement a shell script called exim that will return the above input on -bV; and mess-up things in the background -- what is your level of paranoia?

Answer 4

To alleviate the security concerns that nik brought up you can check the location of the executable against an expected list of locations:

case $(type -p someprog) in

    /usr/bin/someprog \
    | /bin/someprog \
    | /usr/local/someprog)

        echo "Valid location";; 
    *)
        echo "Invalid location";;
esac