Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 30 Sep 2014 15:28:01 +0200
From:      Polytropon <freebsd@edvax.de>
To:        Sandeep Gangadharan1 <sandegan@in.ibm.com>
Cc:        questions@freebsd.org
Subject:   Re: Bash Shellshock Bug
Message-ID:  <20140930152801.cd7a2a5e.freebsd@edvax.de>
In-Reply-To: <OFC03B0588.4C96789C-ON65257D63.00324F6D-CA257D63.0032A7E5@in.ibm.com>
References:  <OFBBD12885.C6A08B7B-ON65257D63.002E6EFF-CA257D63.002F0BCD@in.ibm.com> <20140930110034.a637ab6d.freebsd@edvax.de> <OFC03B0588.4C96789C-ON65257D63.00324F6D-CA257D63.0032A7E5@in.ibm.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Tue, 30 Sep 2014 20:10:47 +1100, Sandeep Gangadharan1 wrote:
> Hi Team
> 
> Is there anyway to get patch for my FreeBSD 6.2 . If  I enable internet
> connection is it possible.

It is possible, but not trivial. The thread mentioned
should give you an impression of the _different_ ways
that exist to perform the bash update. However, _you_
need to decide which approach you want to try. Keep in
mind either way might work, or might not (simply because
FreeBSD 6 isn't supported anymore, and things have changed,
especially the package management and the ports infra-
structure).



> I cannot upgrade the version right now.

That should not be the primary problem, even though you
should consider upgrading to a supported FreeBSD version
(v9 and v10 currently). :-)



> Can you please share the method of upgrading the package.

Read the mentioned ways before you start. This is not a
"follow step by step" procedure - it involves decisions
and is a little bit of "trial & error". ;-)

I'll simply quote parts from the discussion thread, if this
is okay for you. Still you need to check which works for
you. Make a backup (!) first (at least of the installed
bash package). Before you do _anything_ to your current
ports tree, do this:

	# cd /usr/ports/shells/bash
	# make package

This will make a backup package in /usr/ports/packages of
your _current_ bash (the _working_ one), in case anything
should go wrong. You can then later on re-install bash
with

	# pkg_add /usr/ports/packages/All/bash-x.y.z.tbz

(where x.y.z reflects the version number of bash prior to
your upgrade attempts).

If you can still access FreeBSD 6 packages (note that you
might point $PACKAGESITE at the _archives_ section of the
FreeBSD FTP server; see "man pkg_add" for details.

	# setenv PACKAGESITE=ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/6.2-RELEASE/packages/Latest
	# pkg_delete -f /var/db/pkg/bash-x.y.z
	# pkg_add -r bash

Use the [Tab] key to autocomplete the correct version number
in the 2nd command.

Probably that won't work; bash-3.2.25 seems the last version
available here. So you'll probably have to build from source.
That might be a problem due to the architectural difference
between FreeBSD 6 and the current build system... so the
"obvious"

	# pkg upgrade bash

doesn't work for you, because FreeBSD 6 doesn't have pkgng
yet.

Again note: Make a backup (!) of your current /usr/ports
tree before you start! Updating the ports tree is possible,
but probably you don't even have portsnap on FreeBSD 6 yet.
I'm not sure when it has been introduced, but I assume it
was somewhere betweeen FreeBSD 7 and 8...

This is how you would do it:

	# portsnap fetch update
	# cd /usr/ports/shells/bash
	# make deinstall
	# make
	# make reinstall

If you have any other means to update your ports tree (CVS
was the standard at FreeBSD 6, I don't know if this is still
supported, as FreeBSD now uses Subversion), you could also
try the equivalent with binary packages:

	# portsnap fetch update
	# portupgrade -P bash

or

	# portsnap fetch update
	# portmaster -P shells/bash

depending on your use of a port management tool. Omit -P to
try to build from source.

I'd like to emphasize the advice I've provided in the thread
mentioned, after being informed that building _with_ the ports
tree will probably be problematic:

''On the other hand, maybe it would even be possible to check
out the current source for bssh (and maybe its dependencies)
and build them "off the track", i. e., not using the ports
infrastructure at all, and then manually copying the resulting
binary to the required place, as well as its libraries (unless
static linking has been enabled). It's worth having a look at
./configure's options to tune this approach.''

This is probably the "easiest" way to try. You don't mess up
things with your ports collection here. Again, please note:
Make a backup copy of your working bash version, as I said
above.




You can find the full source here:

http://lists.freebsd.org/pipermail/freebsd-questions/2014-September/261423.html

Take your time to read, and to think about the problem. I'm
sure you'll be successful once you've figured out which way
works for you.

Also note that I haven't tested _anything_ of the methods
mentioned here, so I can't promise they'll work.



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20140930152801.cd7a2a5e.freebsd>