• atzanteol@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    23
    arrow-down
    1
    ·
    2 days ago

    I feel like it should be self evident - but I’ll outline a few of the specifics.

    “Hey kids - just run this rando internet script directly without inspecting it first”

    Firstly - you shouldn’t copy/paste directly into the terminal at all. What you copy and paste may not be what you see: example. So even “simple” things could turn bad. Paste to an editor first, then your terminal - especially if you’ve used “sudo” recently. It’s simply bad security hygiene to just run random code in a shell and to get people used to doing so.

    Secondly - you’re just running some rando un-structured shell script. They can, and do, do whatever they want and put things wherever the developer felt they should go. It can re-configure your system in ways you may not want. In fact in this specific case it will add repositories to your system without asking. Did you want EPEL setup on your system? Did you want to add an external NVidia repo to your system? Too bad, it’s done. Hope you saw the “Installing NVIDIA repository…” message as it flew past because that’s all the notice you’ll get - and you only get that because the developers told you about it.

    Thirdly - since these are completely unstructured there is no uninstall without sifting through the script (which you didn’t keep because it’s a “curl | sh”). Again lets use this one as an example:

    How many things do you think that shell script installs?

    • It puts a binary in one of /usr/local/bin, /usr/bin or /bin
    • It then downloads a bunch of stuff to one of /usr/local/lib/ollama, /usr/lib/ollama or /lib/ollama.
    • It sets up external repositories to fetch nvidia dependencies
    • It proceeds to install dependencies from those external repos
    • It creates a service file for ollama and starts it.
    • It configures /etc/modules.d to load nvidia drivers

    And that’s all I see on a cursory walk through the 300+ lines of script. All of that may be reasonable to get things working - but that’s a lot for you to find and undo if you wish to remove this later.

    There are better ways to distribute software and handle dependencies.