PLAN: Bash Standardization (v2)

Supersedes: plan-bash-upgrade v1
Change: Bash 5.2 is acceptable. No compile-from-source needed. Focus shifts to ensuring minimum Bash 4+ fleet-wide and fixing shebangs.

Situation

Walter runs Bash 5.2.21 (Ubuntu 24.04). The latest release is 5.3. After review, Daniel determined that 5.2 is perfectly acceptable — the minimum requirement is Bash 4.0+ fleet-wide.

The concern: some machines might be running Bash 3.2 (the ancient macOS-era version stuck on GPLv2). Bash 3.2 lacks associative arrays, mapfile, readarray, ** globbing, and many other features we use. If any machine is on 3.2, that's the real problem.

Secondary concern: all our scripts use #!/bin/bash which hardcodes the path. Should be #!/usr/bin/env bash so it finds the best available bash.

Severity Tiers

Bash Version	Status	Action
3.2 or below	Critical — upgrade immediately	Install bash 4+ via apt or compile from source
4.x	Acceptable but curious	Investigate why not 5.x (old distro? manual install?)
5.x	Good — no action needed	Just fix shebang

The Plan

Step 1: Audit all machines.
SSH to each reachable VM, run bash --version. Report a table of every machine's bash version.
Deliverable: version table. No changes.

⏸ STOP — Show the table. If everything is 5.x, skip to Step 3. If anything is 3.2, discuss upgrade strategy for that specific machine.

Step 2: Fix any machines on Bash 3.2 (if found).
For Debian/Ubuntu: sudo apt update && sudo apt install bash should bring it to 5.x.
For anything weird: investigate why, report, wait for Daniel.
Deliverable: before/after version for each fixed machine.

⏸ STOP — Confirm all machines are now Bash 4+.

Step 3: Fix shebangs fleet-wide.
On each machine, find all our scripts with #!/bin/bash and change to #!/usr/bin/env bash.
Command: grep -rl '#!/bin/bash' /home/daniel/bin/ | head -20
Deliverable: diff of all shebang changes per machine.

⏸ STOP — Show the diffs. Confirm scripts still work.

Machines to Audit

Machine	Host	Expected OS	Expected Bash
🦉 Walter	walter.1.foo	Ubuntu 24.04	5.2.21 ✓ (confirmed)
🦉 Walter Jr	walter-jr.1.foo	Debian 12	TBD
🏦 Vault	vault.1.foo	Debian/Ubuntu	TBD
🌸 Matilda	matilda.1.foo	Debian 12	TBD
📋 Foreman	foreman.1.foo	Debian/Ubuntu	TBD
🐕 Jamie	jamie.1.foo	Debian/Ubuntu	TBD
👻 Ghost Jr	ghost-jr.1.foo	Debian/Ubuntu	TBD
🐱 Amy	amy.1.foo	Debian/Ubuntu	TBD (stopped)
🐱🇮🇱 Amy Israel	amy-israel.1.foo	Debian/Ubuntu	TBD (stopped)
🚀 Captain Kirk	captain-kirk.1.foo	Debian/Ubuntu	TBD (stopped)
🤖 RMS	rms.1.foo	Debian/Ubuntu	TBD (stopped)

Note: All GCP VMs run Debian or Ubuntu. These distros ship Bash 5.x for years now. The probability of finding Bash 3.2 is very low — but the audit confirms it rather than assuming it.

What We're NOT Doing

We are NOT compiling Bash 5.3 from source. 5.2 is fine. The original v1 plan explored this but Daniel determined it's unnecessary overhead for minimal gain.

We are NOT replacing /usr/bin/bash on any machine. The system bash belongs to the package manager.

We are only changing shebangs in OUR scripts (under /home/daniel/), not system scripts.

Risks

Shebang change from #!/bin/bash to #!/usr/bin/env bash — extremely low risk. If /usr/bin/env doesn't exist (it does on every modern Linux), the script would fail to start. But env is part of coreutils, present everywhere.

SSH unreachable machines (Amy, RMS, Kirk, etc.) can't be audited until they're started. The plan covers running machines first, stopped machines whenever they're next started.

Success Criteria

✓ Every running machine confirmed Bash 4+
✓ No machine on Bash 3.2
✓ All scripts under /home/daniel/bin/ use #!/usr/bin/env bash
✓ Results documented in this plan (status updated to COMPLETE)