diff options
-rw-r--r-- | chapter01/changelog.xml | 3 | ||||
-rw-r--r-- | chapter05/chapter05.xml | 38 | ||||
-rw-r--r-- | index.xml | 4 |
3 files changed, 31 insertions, 14 deletions
diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml index 16462bc06..852fb0b4b 100644 --- a/chapter01/changelog.xml +++ b/chapter01/changelog.xml @@ -35,6 +35,9 @@ </itemizedlist> </listitem> +<listitem><para>November 19th, 2003 [greg]: Chapter 6: - Setting up the +environment: Reworked the Bash startup files to enforce a clean environment. +Closes Bug 714.</para></listitem> <listitem><para>November 17th, 2003 [jeremy]: Upgraded Man-Pages to 1.63</para></listitem> diff --git a/chapter05/chapter05.xml b/chapter05/chapter05.xml index 88e71ceb0..6ae7a7d4f 100644 --- a/chapter05/chapter05.xml +++ b/chapter05/chapter05.xml @@ -346,20 +346,36 @@ start a new, clean shell.</para> <title>Setting up the environment</title> <?dbhtml filename="settingenvironment.html" dir="chapter05"?> -<para>While logged in as user <emphasis>lfs</emphasis>, issue the -following commands to set up a good work environment:</para> +<para>We're going to set up a good working environment by creating two new +startup files for the Bash shell. While logged in as user +<emphasis>lfs</emphasis>, issue the following commands to create a new +<filename>.bash_profile</filename>:</para> <screen><userinput>cat > ~/.bash_profile << "EOF"</userinput> +exec env -i TERM=$TERM /bin/bash +<userinput>EOF</userinput></screen> + +<para>The <userinput>exec env -i TERM=$TERM /bin/bash</userinput> command +creates a new instance of Bash with a completely empty environment, except for +the TERM variable. This is needed to ensure that no unwanted and potentially +hazardous environment variables from the host system leak into our build +environment. The technique used here is a little non-standard but it achieves +the goal of enforcing a clean environment. By way of explanation, the initial +shell is a <emphasis>login</emphasis> shell which reads the +<filename>.bash_profile</filename>. The new shell instance is a +<emphasis>non-login</emphasis> shell which reads the +<filename>.bashrc</filename> (created next).</para> + +<para>Now create a new <filename>.bashrc</filename>:</para> + +<screen><userinput>cat > ~/.bashrc << "EOF"</userinput> set +h umask 022 LFS=/mnt/lfs LC_ALL=POSIX -PATH=/tools/bin:$PATH +PATH=/tools/bin:/bin:/usr/bin export LFS LC_ALL PATH -unset CC CXX CPP LD_LIBRARY_PATH LD_PRELOAD -<userinput>EOF - -source ~/.bash_profile</userinput></screen> +<userinput>EOF</userinput></screen> <para>The <userinput>set +h</userinput> command turns off <userinput>bash</userinput>'s hash function. Normally hashing is a useful @@ -391,13 +407,11 @@ everything will work as expected in the chroot environment.</para> that, as we move along through this chapter, the tools we build will get used during the rest of the building process.</para> -<para>The CC, CXX, CPP, LD_LIBRARY_PATH and LD_PRELOAD environment variables all -have the potential to cause havoc with our Chapter 5 toolchain. We therefore -unset them to prevent any chance of this happening.</para> - -<para>Now, after sourcing the just-created profile, we're all set to begin +<para>Finally, source the just-created profile so that we're all set to begin building the temporary tools that will support us in later chapters.</para> +<screen><userinput>source ~/.bash_profile</userinput></screen> + </sect1> @@ -3,8 +3,8 @@ "/usr/share/docbook/docbookx.dtd" [ -<!ENTITY version "CVS-20031117"> -<!ENTITY releasedate "November 17th, 2003"> +<!ENTITY version "CVS-20031119"> +<!ENTITY releasedate "November 19th, 2003"> <!ENTITY milestone "5.1"> <!ENTITY nbsp " "> |