wok-4.x view bash/receipt @ rev 12440
bash: apply *all* security fixes
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Wed Oct 08 14:53:31 2014 +0200 (2014-10-08) |
| parents | 4acc6a6b8f4f |
| children | fa8aff184d68 |
line source
1 # SliTaz package receipt.
3 PACKAGE="bash"
4 VERSION="4.2"
5 CATEGORY="system-tools"
6 SHORT_DESC="The GNU bourne SHell."
7 MAINTAINER="pankso@slitaz.org"
8 TARBALL="$PACKAGE-$VERSION.tar.gz"
9 WEB_SITE="http://www.gnu.org/software/bash/"
10 WGET_URL="$GNU_MIRROR/$PACKAGE/$TARBALL"
11 BASHCHECKURL="https://raw.githubusercontent.com/hannob/bashcheck/master/bashcheck"
12 BASHCHECK="$(basename $BASHCHECKURL)"
13 BASHPATCHES="$(for i in $(seq 1 53); do printf "bash${VERSION/./}-%03d " $i; done)"
14 EXTRA_SOURCE_FILES="$BASHCHECK $BASHPATCHES"
16 DEPENDS="readline"
17 BUILD_DEPENDS="readline bison wget texinfo"
19 patch_bash()
20 {
21 for i in $BASHPATCHES ; do
22 [ -s "$SOURCES_REPOSITORY/$i" ] ||
23 wget -O "$SOURCES_REPOSITORY/$i" \
24 http://ftp.gnu.org/gnu/bash/bash-$VERSION-patches/$i
25 echo "Apply $i ..."
26 patch -p0 < $SOURCES_REPOSITORY/$i
27 done
28 }
30 # Rules to compile & install the temporary toolchain.
31 cook_tmp_toolchain()
32 {
33 cd $src
34 patch_bash
35 ./configure --without-bash-malloc &&
36 make && make install
37 }
39 # Rules to configure and make the package.
40 compile_rules()
41 {
42 # Patch and then build.
43 cd $src
44 patch_bash
45 # Skip tests that can not run while cross-compiling.
46 cat > config.cache << "EOF"
47 ac_cv_func_mmap_fixed_mapped=yes
48 ac_cv_func_strcoll_works=yes
49 ac_cv_func_working_mktime=yes
50 bash_cv_func_sigsetjmp=present
51 bash_cv_getcwd_malloc=yes
52 bash_cv_job_control_missing=present
53 bash_cv_printf_a_format=yes
54 bash_cv_sys_named_pipes=present
55 bash_cv_ulimit_maxfds=yes
56 bash_cv_under_sys_siglist=yes
57 bash_cv_unusable_rtsigs=no
58 gt_cv_int_divbyzero_sigfpe=yes
59 EOF
60 ./configure \
61 $CONFIGURE_ARGS \
62 --cache-file=config.cache \
63 --bindir=/bin \
64 --enable-history --enable-alias \
65 --disable-nls --without-bash-malloc \
66 --disable-help-builtin \
67 --with-installed-readline &&
68 make &&
69 # Bash doesn't care about DESTDIR in environnment variable.
70 make DESTDIR=$DESTDIR install
71 [ -s "$SOURCES_REPOSITORY/$BASHCHECK" ] ||
72 wget --no-check-certificate -O "$SOURCES_REPOSITORY/$BASHCHECK" $BASHCHECKURL
73 $DESTDIR/bin/bash $SOURCES_REPOSITORY/$BASHCHECK | tee bashcheck.log
74 grep Vulnerable bashcheck.log && echo "ERROR: Vulnerable"
75 }
77 # Rules to gen a SliTaz package suitable for Tazpkg.
78 genpkg_rules()
79 {
80 cp -a $_pkg/bin $fs
81 # Config files.
82 #
83 mkdir $fs/etc
84 cp $stuff/example.bashrc $fs/etc/bashrc
85 }
87 # Post install commands for Tazpkg.
88 # Check /bin/sh stat.
89 #
90 post_install()
91 {
92 local root
93 root=$1
94 echo "Processing post-install commands..."
95 sh=`readlink $root/bin/sh`
96 if [ ! "$sh" = "/bin/bash" ]; then
97 echo ""
98 echo "**** Actual SH link : $sh"
99 echo ""
100 echo -n "Do you want Bash for /bin/sh (yes/No) ? : "
101 read -t 30 anser
102 if [ "$anser" == "yes" ]; then
103 echo ""
104 echo -n "Removing sh link to make a new one pointing on /bin/bash..."
105 rm $root/bin/sh && ln -s /bin/bash $root/bin/sh
106 status
107 else
108 echo ""
109 echo "Leaving /bin/sh to : $sh"
110 fi
111 fi
112 }
114 # Restore a valid sh link if needed.
115 pre_remove()
116 {
117 local root
118 root=$1
119 sh=`readlink $root/bin/sh`
120 if [ ! "$sh" = "busybox" ]; then
121 rm $root/bin/sh &&
122 ln -s /bin/busybox $root/bin/sh
123 fi
124 }