Hi, Effectively, the problem was the risk of loop. My preference would be toward the second solution but with a mechanism like the « alternatives » Debian. So, my solution could be:
# File to replace with alternative
File="/bin/bash"
OptFile="/opt/local/bin/bash"
AlternDir="/etc/alternatives"
# Creation of a directory to be use with alternative mechanism.
[ -d "${AlternDir}" ] || mkdir -p "${AlternDir}"
# If it’s a symbolic?
if [ -h "${File}" ] ; then
mv "${File}" "${File}.traditional"
ln -s "${File}.traditional" "${File}"
fi
# Creation of the alternative
[ -f "${File}" ] && /bin/rm "${File}"
ln -s "${OptFile}" "${File}"
As is, if an OS upgrade arrive, if this one change something about /bin/bash, I
can reactive it simply.
Best wishes.
> Le 22 janv. 2019 à 07:23, Bill Cole
> <macportsusers-20171...@billmail.scconsult.com> a écrit :
>
> On 21 Jan 2019, at 5:41, Pierre Malard wrote:
>
>> It’s a great new for me but I have a subsidiary question:
>> « How can I use the MacPort BASH in place of Apple one? »
>>
>> If you have a solution…
>
> I have options for that specific task...
>
>
> 1. Switch to the MacPorts bash without looping
>
> Put these 4 lines at the top of ~/.bash_profile:
>
> if [ -z "$MACPORTS_BASH" ] && [ -x /opt/local/bin/bash ]
> then
> MACPORTS_BASH=DONE PATH=/opt/local/bin:$PATH exec -l bash -l
> fi
>
> You could probably put those in /etc/profile with equivalent safety and make
> it happen for all login shells. This approach WILL NOT fix older versions of
> MacOS X, where /bin/sh (the POSIX default shell) is a version of bash which
> is vulnerable to serious security flaws. There is a risk in this because the
> MacPorts bash depends on MacPorts dynamic libraries. Adding precautionary
> checks inside the conditional might be able to mitigate those risks.
>
> OR:
>
> 2. Replace /bin/sh
>
> The following patch will add a "static" variant to the bash port and
> includes a message describing how to replace /bin/sh with that build. If you
> use it, you MUST re-patch the Portfile every time the bash port is updated.
> It SHOULD NOT be in the MacPorts core because it is a horrifically
> unsupportable hack that no one should ever use because it violates the core
> of the OS.
>
> HOWEVER: it has worked for me for a few years on a Snow Leopard machine where
> the last Apple bash cannot be allowed to exist...
>
> ************************ BEGIN PATCH ********************************
> ---
> /opt/local/var/macports/sources/rsync.macports.org/macports/release/tarballs/ports/shells/bash/Portfile.orig
> 2018-06-02 09:27:05.000000000 -0400
> +++
> /opt/local/var/macports/sources/rsync.macports.org/macports/release/tarballs/ports/shells/bash/Portfile
> 2018-06-09 21:24:27.000000000 -0400
> @@ -123,6 +123,29 @@
> # Always source .bashrc when connecting remotely with ssh, #40603
> configure.cflags-append -DSSH_SOURCE_BASHRC
>
> +variant static description "Links all MacPorts library dependencies
> statically to allow the binary to replace the system shell" {
> + system "mkdir -p ${prefix}/lib/statics"
> + system "ln -f ${prefix}/lib/*.a ${prefix}/lib/statics/"
> + system "ln -f ${prefix}/lib/*.o ${prefix}/lib/statics/"
> + configure.args-append "--with-included-gettext
> --libdir=/opt/local/lib/statics "
> + configure.ldflags-delete "-L${prefix}/lib"
> + configure.ldflags-append "-L${prefix}/lib/statics"
> +}
> +
> +post-install {
> + if {[variant_isset static]} {
> + ui_msg
> "***************************************************************"
> + ui_msg "If you want to replace the system shell with this build of
> bash,"
> + ui_msg "you must do so manually by copying or hardlinking it into /bin
> !"
> + ui_msg " ln -f /opt/local/bin/bash /bin/bash"
> + ui_msg " ln -f /opt/local/bin/bash /bin/sh"
> + ui_msg "OR:"
> + ui_msg " cp /opt/local/bin/bash /bin/bash"
> + ui_msg " cp /opt/local/bin/bash /bin/sh"
> + ui_msg
> "***************************************************************"
> + }
> +}
> +
> livecheck.type regex
> livecheck.url
> http://ftp.gnu.org/gnu/${name}/${name}-${bash_version}-patches/?C=M&O=D
> livecheck.version [format %03d ${bash_patchlevel}]
> ************************ END PATCH ********************************
>
> The goal here is to build a shell that can replace /bin/sh and be independent
> of every dynamic shared library for which a linkable static library exists.
> The result on the Snow Leopard machine where I hacked this up is a /bin/sh
> which depends only on /usr/lib/libSystem.B.dylib, so in an emergency
> single-user boot where /opt/local is unmounted or mangled, the shell still
> can work.
>
>
>
> --
> Bill Cole
> b...@scconsult.com or billc...@apache.org
> (AKA @grumpybozo and many *@billmail.scconsult.com addresses)
> Available For Hire: https://linkedin.com/in/billcole
--
Pierre Malard
« Ce qui tombe sous le sens rebondit ailleurs »
Jacques Prévert
|\ _,,,---,,_
/,`.-'`' -. ;-;;,_
|,4- ) )-,_. ,\ ( `'-'
'---''(_/--' `-'\_) πr
perl -e '$_=q#: 3|\ 5_,3-3,2_: 3/,`.'"'"'`'"'"' 5-. ;-;;,_: |,A- ) )-,_. ,\
( `'"'"'-'"'"': '"'"'-3'"'"'2(_/--'"'"' `-'"'"'\_):
24πr::#;y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
- --> Ce message n’engage que son auteur <--
signature.asc
Description: Message signed with OpenPGP
