wok-current annotate bash/receipt @ rev 17195
bash: apply *all* security fixes
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Wed Oct 08 14:52:55 2014 +0200 (2014-10-08) |
parents | 40e999c964ea |
children | e76deed8769f |
rev | line source |
---|---|
pankso@14 | 1 # SliTaz package receipt. |
pankso@14 | 2 |
pankso@14 | 3 PACKAGE="bash" |
slaxemulator@8720 | 4 VERSION="4.2" |
pankso@202 | 5 CATEGORY="system-tools" |
pankso@14 | 6 SHORT_DESC="The GNU bourne SHell." |
pankso@14 | 7 MAINTAINER="pankso@slitaz.org" |
pascal@15201 | 8 LICENSE="GPL3" |
pankso@14 | 9 TARBALL="$PACKAGE-$VERSION.tar.gz" |
pankso@14 | 10 WEB_SITE="http://www.gnu.org/software/bash/" |
pankso@14 | 11 WGET_URL="$GNU_MIRROR/$PACKAGE/$TARBALL" |
pascal@17195 | 12 BASHCHECKURL="https://raw.githubusercontent.com/hannob/bashcheck/master/bashcheck" |
pascal@17195 | 13 BASHCHECK="$(basename $BASHCHECKURL)" |
pascal@17195 | 14 BASHPATCHES="$(for i in $(seq 1 53); do printf "bash${VERSION/./}-%03d " $i; done)" |
pascal@17195 | 15 EXTRA_SOURCE_FILES="$BASHCHECK $BASHPATCHES" |
pankso@14 | 16 |
slaxemulator@10407 | 17 DEPENDS="readline" |
pascal@17195 | 18 BUILD_DEPENDS="readline bison wget texinfo" |
pascal@17195 | 19 |
pascal@17195 | 20 patch_bash() |
pascal@17195 | 21 { |
pascal@17195 | 22 for i in $BASHPATCHES ; do |
pascal@17195 | 23 [ -s "$SOURCES_REPOSITORY/$i" ] || |
pascal@17195 | 24 wget -O "$SOURCES_REPOSITORY/$i" \ |
pascal@17195 | 25 http://ftp.gnu.org/gnu/bash/bash-$VERSION-patches/$i |
pascal@17195 | 26 echo "Apply $i ..." |
pascal@17195 | 27 patch -p0 < $SOURCES_REPOSITORY/$i |
pascal@17195 | 28 done |
pascal@17195 | 29 } |
slaxemulator@10407 | 30 |
gokhlayeh@8171 | 31 # Rules to compile & install the temporary toolchain. |
gokhlayeh@8171 | 32 cook_tmp_toolchain() |
gokhlayeh@8171 | 33 { |
gokhlayeh@8171 | 34 cd $src |
pascal@17195 | 35 patch_bash |
gokhlayeh@8171 | 36 ./configure --without-bash-malloc && |
gokhlayeh@8171 | 37 make && make install |
gokhlayeh@8171 | 38 } |
gokhlayeh@8171 | 39 |
pankso@14 | 40 # Rules to configure and make the package. |
pankso@14 | 41 compile_rules() |
pankso@14 | 42 { |
pankso@14 | 43 # Patch and then build. |
pankso@14 | 44 cd $src |
pascal@17195 | 45 patch_bash |
pankso@10352 | 46 # Skip tests that can not run while cross-compiling. |
pankso@10352 | 47 cat > config.cache << "EOF" |
pankso@10352 | 48 ac_cv_func_mmap_fixed_mapped=yes |
pankso@10352 | 49 ac_cv_func_strcoll_works=yes |
pankso@10352 | 50 ac_cv_func_working_mktime=yes |
pankso@10352 | 51 bash_cv_func_sigsetjmp=present |
pankso@10352 | 52 bash_cv_getcwd_malloc=yes |
pankso@10352 | 53 bash_cv_job_control_missing=present |
pankso@10352 | 54 bash_cv_printf_a_format=yes |
pankso@10352 | 55 bash_cv_sys_named_pipes=present |
pankso@10352 | 56 bash_cv_ulimit_maxfds=yes |
pankso@10352 | 57 bash_cv_under_sys_siglist=yes |
pankso@10352 | 58 bash_cv_unusable_rtsigs=no |
pankso@10352 | 59 gt_cv_int_divbyzero_sigfpe=yes |
pankso@10352 | 60 EOF |
pankso@10344 | 61 ./configure \ |
pankso@10352 | 62 $CONFIGURE_ARGS \ |
pankso@10352 | 63 --cache-file=config.cache \ |
pankso@10344 | 64 --bindir=/bin \ |
gokhlayeh@8171 | 65 --enable-history --enable-alias \ |
gokhlayeh@8171 | 66 --disable-nls --without-bash-malloc \ |
pankso@10344 | 67 --disable-help-builtin \ |
pankso@10344 | 68 --with-installed-readline && |
pascal@1553 | 69 make && |
gokhlayeh@8171 | 70 # Bash doesn't care about DESTDIR in environnment variable. |
gokhlayeh@8171 | 71 make DESTDIR=$DESTDIR install |
pascal@17195 | 72 [ -s "$SOURCES_REPOSITORY/$BASHCHECK" ] || |
pascal@17195 | 73 wget --no-check-certificate -O "$SOURCES_REPOSITORY/$BASHCHECK" $BASHCHECKURL |
pascal@17195 | 74 $DESTDIR/bin/bash $SOURCES_REPOSITORY/$BASHCHECK | tee bashcheck.log |
pascal@17195 | 75 grep Vulnerable bashcheck.log && echo "ERROR: Vulnerable" |
pankso@14 | 76 } |
pankso@14 | 77 |
pankso@14 | 78 # Rules to gen a SliTaz package suitable for Tazpkg. |
pankso@14 | 79 genpkg_rules() |
pankso@14 | 80 { |
pascal@14999 | 81 cp -a $install/bin $fs |
pankso@14 | 82 # Config files. |
pankso@14 | 83 # |
pankso@14 | 84 mkdir $fs/etc |
pankso@9697 | 85 cp $stuff/example.bashrc $fs/etc/bashrc |
pankso@14 | 86 } |
pankso@14 | 87 |
xfred222@13689 | 88 |
pankso@14 | 89 post_install() |
pankso@14 | 90 { |
pankso@14 | 91 local root |
pankso@14 | 92 root=$1 |
pankso@14 | 93 echo "Processing post-install commands..." |
xfred222@13689 | 94 echo -n "Do you want to set Bash to default (y/N) ? : " |
gokhlayeh@7635 | 95 read -t 30 anser |
xfred222@13689 | 96 if [ "$anser" == "y" ]; then |
pankso@14 | 97 echo "" |
xfred222@13689 | 98 echo "Setting bash as default for all users" |
xfred222@13689 | 99 sed -i "s/:\/bin\/sh$/:\/bin\/bash/g" /etc/passwd |
xfred222@13689 | 100 sed -i "s/:\/bin\/ksh$/:\/bin\/bash/g" /etc/passwd |
xfred222@13689 | 101 sed -i "s/:\/bin\/zsh$/:\/bin\/bash/g" /etc/passwd |
xfred222@13689 | 102 sed -i "s/:\/bin\/csh$/:\/bin\/bash/g" /etc/passwd |
xfred222@13689 | 103 echo "Creating .bashrc file for all users" |
xfred222@13689 | 104 for i in `ls -d /home/*` |
xfred222@13689 | 105 do |
xfred222@13689 | 106 cp /etc/bashrc $i/.bashrc |
xfred222@13689 | 107 done |
xfred222@13689 | 108 cp /etc/bashrc /root/.bashrc |
xfred222@13689 | 109 cp /etc/bashrc /etc/skel/.bashrc |
pankso@14 | 110 fi |
pankso@14 | 111 } |
pankso@2156 | 112 |
xfred222@13689 | 113 |
pankso@2156 | 114 pre_remove() |
pankso@2156 | 115 { |
slaxemulator@9610 | 116 local root |
slaxemulator@9610 | 117 root=$1 |
xfred222@13689 | 118 echo "Setting back sh as default for all users" |
xfred222@13689 | 119 sed -i "s/:\/bin\/bash$/:\/bin\/sh/g" /etc/passwd |
mojo@15805 | 120 if [ -f /etc/skel/.bashrc ]; then |
xfred222@13689 | 121 rm /etc/skel/.bashrc |
mojo@15805 | 122 fi |
pankso@2156 | 123 } |