tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: sanitizing the environment



   Date: Tue, 28 May 2013 22:29:42 +0100
   From: David Brownlee <abs%netbsd.org@localhost>

   On 26 May 2013 19:09, Taylor R Campbell
   <campbell+netbsd-tech-pkg%mumble.net@localhost> wrote:
   >
   > - Setting `PKGSRC_SETENV= ${SETENV} -i' would probably fix this, but
   > that option seems to have bitrotted and I'm not immediately clear on
   > why.

   What issues are you seeing with PKGSRC_SETENV ? I've been using it set
   to env -i since it was added...

Some further investigation revealed that this was my own doing and
applied only to cross-compilation: all of pkgsrc's recursive makes
need USE_CROSS_COMPILE and MACHINE_ARCH passed down to them, which
happens via the environment...unless you clear it with `env -i'.

I think tonight I'll do some surgery to _DEPENDS_INSTALL_CMD to avoid
passing any variables for the native compilation case so that we can
fix security/openssl and any other instances of the problem in that
case for now (sorry for the delay about doing that).

As an aside, would anyone object to making `env -i' the default for
PKGSRC_SETENV?



Home | Main Index | Thread Index | Old Index