On Nov 6, 2014, at 10:14 AM, Ian Jackson <ijack...@chiark.greenend.org.uk>
wrote:
> Chet Ramey writes ("Re: Shellshock-vulnerable version still most obvious on
> ftp.gnu.org"):
>> On 11/6/14, 7:47 AM, Ian Jackson wrote:
>>> But in the current environment it's looking rather quaint. We could
>>> probably provide a full tarball for each patch release.
>>
>> That is supposed to be one of the advantages of using git. You can always
>> get a tarball of the latest release with all patches applied using
>>
>> http://git.savannah.gnu.org/cgit/bash.git/snapshot/bash-master.tar.gz
>
> Right. That's great. But that's not the official primary
> distribution channel for bash, as I understand it.
>
> Thanks,
> Ian.
Don't get me wrong, I love git and it's my mechanism of choice for updates. But
that requires folks to be pretty up-to-date themselves on how to do stuff. As
we were doing the shellshock updates here, I found it a helluva lot easier to
deal with legacy system owners who couldn't do much more than cut and paste of
gunzip bash-N.M.P.tgz
tar xpf bash-N.M.P.tar ; cd bash-N.M.P
./configure && make && make install
They've never run patch, and in some cases don't even have a patch command.
Luckily those folks have legacy admins like me.
For them I built up-to-date tarballs of all the bash-N.M.P versions. Not only
was it a big win for them, it also turned out to be useful for me when trying
to install onto hosts that didn't have git or reasonably recent autoconf chains.
There are a lot of systems out there with custom device drivers for ten- and
twenty-year-old equipment that are monitoring satellites nobody ever thought
would stay up this long, or controlling custom-built devices that need to run
for another 5 years to finish their longitudinal surveys. We're lucky that most
of them at least have a cc and make that works, and we for damned sure don't
have the money to go rebuild them in place with up-to-the-minute tool chains.
Making those folks happy and secure makes my life happier and more secure.
In short, current tarballs are a win, both for the relatively naive admin and
for the old guys. I'm fer it.
Steve
