Installing Docker on Debian Wheezy

I was installing docker in order to run a test harness in radiusclient. I was reading from:

and it says to do this: curl -sSL | sh

So please don’t. It’s just a really really bad habit, and it’s totally lazy, and yet they expended significant effort making this work. What does it do in the end:

sudo apt-get install -y -q apt-transport-https ca-certificates mkdir -p /etc/apt/sources.list.d echo 'deb debian-wheezy main' | sudo tee -a /etc/apt/sources.list.d/docker.list sudo -E sh -c 'apt-key adv --keyserver hkp:// --recv-keys 58118E89F3A912897C070ADBF76221572C52609D' sudo apt-get update; sudo apt-get install -y -q docker-engine

That’s all. One can argue that this is more secure than piping network content into “sh”: at the best the pipe into sh can be made as secure as the underlying apt-get comments. What matters to me is that it’s more transparent, and it makes it pretty clear to the owner of the system what actually happened, and what to do if something went wrong.

The issue here is: is it a good thing to train junior people (who I guess, can’t be trusted to type “apt-get install” properly), to blindly trust code from the network like this? Remember that this shell script is going to ask them for their sudo password.