hadolint/DL4005

Use SHELL to change the default shell.

Property	Value
Severity	Warning
Category	Best Practice
Default	Enabled
Auto-fix	Yes (`--fix`)

Description

Docker provides a SHELL instruction which does not require overwriting /bin/sh in your container. Instead of using ln -sf to redirect /bin/sh, use the SHELL instruction to set the desired shell.

Examples

Problematic code

RUN apk add --update-cache bash=4.3.42-r3
RUN ln -sfv /bin/bash /bin/sh

Correct code

RUN apk add --update-cache bash=4.3.42-r3
SHELL ["/bin/bash", "-c"]

Auto-fix

Replaces ln -sf targeting /bin/sh with a SHELL instruction. If the ln command is part of a larger RUN, the ln portion is removed and a SHELL instruction is inserted after.

# Before
RUN ln -sf /bin/bash /bin/sh && apk add curl

# After (with --fix)
RUN apk add curl
SHELL ["/bin/bash", "-c"]

Reference

hadolint/DL4005

Overview

Security

Correctness

Performance

Style

GPU / CUDA

PHP

PowerShell

Windows

BuildKit Rules

Hadolint Rules

ShellCheck Rules

hadolint/DL4005

Description

Examples

Problematic code

Correct code

Auto-fix

Reference

Overview

Security

Correctness

Performance

Style

GPU / CUDA

PHP

PowerShell

Windows

BuildKit Rules

Hadolint Rules

ShellCheck Rules

​Description

​Examples

​Problematic code

​Correct code

​Auto-fix

​Reference

Description

Examples

Problematic code

Correct code

Auto-fix

Reference