wok view bash/receipt @ rev 17196

bash: apply *all* security fixes (again)
author Pascal Bellard <pascal.bellard@slitaz.org>
date Wed Oct 08 15:03:17 2014 +0200 (2014-10-08)
parents 121d29ca7ca8
children 142a4a0548c5
line source
1 # SliTaz package receipt.
2
3 PACKAGE="bash"
4 VERSION="4.2"
5 CATEGORY="system-tools"
6 SHORT_DESC="The GNU bourne SHell."
7 MAINTAINER="pankso@slitaz.org"
8 LICENSE="GPL3"
9 TARBALL="$PACKAGE-$VERSION.tar.gz"
10 WEB_SITE="http://www.gnu.org/software/bash/"
11 WGET_URL="$GNU_MIRROR/$PACKAGE/$TARBALL"
12 BASHCHECKURL="https://raw.githubusercontent.com/hannob/bashcheck/master/bashcheck"
13 BASHCHECK="$(basename $BASHCHECKURL)"
14 BASHPATCHES="$(for i in $(seq 1 53); do printf "bash${VERSION/./}-%03d " $i; done)"
15 EXTRA_SOURCE_FILES="$BASHCHECK $BASHPATCHES"
16
17 DEPENDS="readline"
18 BUILD_DEPENDS="readline bison wget texinfo"
19
20 patch_bash()
21 {
22 for i in $BASHPATCHES ; do
23 [ -s "$SOURCES_REPOSITORY/$i" ] ||
24 wget -O "$SOURCES_REPOSITORY/$i" \
25 http://ftp.gnu.org/gnu/bash/bash-$VERSION-patches/$i
26 echo "Apply $i ..."
27 patch -p0 < $SOURCES_REPOSITORY/$i
28 done
29 }
30
31 # Rules to compile & install the temporary toolchain.
32 cook_tmp_toolchain()
33 {
34 cd $src
35 patch_bash
36 ./configure --without-bash-malloc &&
37 make && make install
38 }
39
40 # Rules to configure and make the package.
41 compile_rules()
42 {
43 # Patch and then build.
44 cd $src
45 patch_bash
46 # Skip tests that can not run while cross-compiling.
47 cat > config.cache << "EOF"
48 ac_cv_func_mmap_fixed_mapped=yes
49 ac_cv_func_strcoll_works=yes
50 ac_cv_func_working_mktime=yes
51 bash_cv_func_sigsetjmp=present
52 bash_cv_getcwd_malloc=yes
53 bash_cv_job_control_missing=present
54 bash_cv_printf_a_format=yes
55 bash_cv_sys_named_pipes=present
56 bash_cv_ulimit_maxfds=yes
57 bash_cv_under_sys_siglist=yes
58 bash_cv_unusable_rtsigs=no
59 gt_cv_int_divbyzero_sigfpe=yes
60 EOF
61 ./configure \
62 $CONFIGURE_ARGS \
63 --cache-file=config.cache \
64 --bindir=/bin \
65 --enable-history --enable-alias \
66 --disable-nls --without-bash-malloc \
67 --disable-help-builtin \
68 --with-installed-readline &&
69 make &&
70 # Bash doesn't care about DESTDIR in environnment variable.
71 make DESTDIR=$DESTDIR install
72 [ -s "$SOURCES_REPOSITORY/$BASHCHECK" ] ||
73 wget --no-check-certificate -O "$SOURCES_REPOSITORY/$BASHCHECK" $BASHCHECKURL
74 $DESTDIR/bin/bash $SOURCES_REPOSITORY/$BASHCHECK $DESTDIR/bin/bash | tee bashcheck.log
75 grep Vulnerable bashcheck.log && echo "ERROR: Vulnerable"
76 }
77
78 # Rules to gen a SliTaz package suitable for Tazpkg.
79 genpkg_rules()
80 {
81 cp -a $install/bin $fs
82 # Config files.
83 #
84 mkdir $fs/etc
85 cp $stuff/example.bashrc $fs/etc/bashrc
86 }
87
88
89 post_install()
90 {
91 local root
92 root=$1
93 echo "Processing post-install commands..."
94 echo -n "Do you want to set Bash to default (y/N) ? : "
95 read -t 30 anser
96 if [ "$anser" == "y" ]; then
97 echo ""
98 echo "Setting bash as default for all users"
99 sed -i "s/:\/bin\/sh$/:\/bin\/bash/g" /etc/passwd
100 sed -i "s/:\/bin\/ksh$/:\/bin\/bash/g" /etc/passwd
101 sed -i "s/:\/bin\/zsh$/:\/bin\/bash/g" /etc/passwd
102 sed -i "s/:\/bin\/csh$/:\/bin\/bash/g" /etc/passwd
103 echo "Creating .bashrc file for all users"
104 for i in `ls -d /home/*`
105 do
106 cp /etc/bashrc $i/.bashrc
107 done
108 cp /etc/bashrc /root/.bashrc
109 cp /etc/bashrc /etc/skel/.bashrc
110 fi
111 }
112
113
114 pre_remove()
115 {
116 local root
117 root=$1
118 echo "Setting back sh as default for all users"
119 sed -i "s/:\/bin\/bash$/:\/bin\/sh/g" /etc/passwd
120 if [ -f /etc/skel/.bashrc ]; then
121 rm /etc/skel/.bashrc
122 fi
123 }