On 21 Jan 2019, at 5:41, Pierre Malard wrote:
It’s a great new for me but I have a subsidiary question:
« How can I use the MacPort BASH in place of Apple one? »
If you have a solution…
I have options for that specific task...
1. Switch to the MacPorts bash without looping
Put these 4 lines at the top of ~/.bash_profile:
if [ -z "$MACPORTS_BASH" ] && [ -x /opt/local/bin/bash ]
then
MACPORTS_BASH=DONE PATH=/opt/local/bin:$PATH exec -l bash -l
fi
You could probably put those in /etc/profile with equivalent safety and
make it happen for all login shells. This approach WILL NOT fix older
versions of MacOS X, where /bin/sh (the POSIX default shell) is a
version of bash which is vulnerable to serious security flaws. There is
a risk in this because the MacPorts bash depends on MacPorts dynamic
libraries. Adding precautionary checks inside the conditional might be
able to mitigate those risks.
OR:
2. Replace /bin/sh
The following patch will add a "static" variant to the bash port and
includes a message describing how to replace /bin/sh with that build. If
you use it, you MUST re-patch the Portfile every time the bash port is
updated. It SHOULD NOT be in the MacPorts core because it is a
horrifically unsupportable hack that no one should ever use because it
violates the core of the OS.
HOWEVER: it has worked for me for a few years on a Snow Leopard machine
where the last Apple bash cannot be allowed to exist...
************************ BEGIN PATCH ********************************
---
/opt/local/var/macports/sources/rsync.macports.org/macports/release/tarballs/ports/shells/bash/Portfile.orig 2018-06-02
09:27:05.000000000 -0400
+++
/opt/local/var/macports/sources/rsync.macports.org/macports/release/tarballs/ports/shells/bash/Portfile 2018-06-09
21:24:27.000000000 -0400
@@ -123,6 +123,29 @@
# Always source .bashrc when connecting remotely with ssh, #40603
configure.cflags-append -DSSH_SOURCE_BASHRC
+variant static description "Links all MacPorts library dependencies
statically to allow the binary to replace the system shell" {
+ system "mkdir -p ${prefix}/lib/statics"
+ system "ln -f ${prefix}/lib/*.a ${prefix}/lib/statics/"
+ system "ln -f ${prefix}/lib/*.o ${prefix}/lib/statics/"
+ configure.args-append "--with-included-gettext
--libdir=/opt/local/lib/statics "
+ configure.ldflags-delete "-L${prefix}/lib"
+ configure.ldflags-append "-L${prefix}/lib/statics"
+}
+
+post-install {
+ if {[variant_isset static]} {
+ ui_msg
"***************************************************************"
+ ui_msg "If you want to replace the system shell with this build
of bash,"
+ ui_msg "you must do so manually by copying or hardlinking it into
/bin !"
+ ui_msg " ln -f /opt/local/bin/bash /bin/bash"
+ ui_msg " ln -f /opt/local/bin/bash /bin/sh"
+ ui_msg "OR:"
+ ui_msg " cp /opt/local/bin/bash /bin/bash"
+ ui_msg " cp /opt/local/bin/bash /bin/sh"
+ ui_msg
"***************************************************************"
+ }
+}
+
livecheck.type regex
livecheck.url
http://ftp.gnu.org/gnu/${name}/${name}-${bash_version}-patches/?C=M&O=D
livecheck.version [format %03d ${bash_patchlevel}]
************************ END PATCH ********************************
The goal here is to build a shell that can replace /bin/sh and be
independent of every dynamic shared library for which a linkable static
library exists. The result on the Snow Leopard machine where I hacked
this up is a /bin/sh which depends only on /usr/lib/libSystem.B.dylib,
so in an emergency single-user boot where /opt/local is unmounted or
mangled, the shell still can work.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
