[MacPorts] #52828: Use of --with-local-prefix= produces compilers which can mismatch headers and libs from /usr/local/lib by default

MacPorts noreply at macports.org
Sun Nov 6 11:58:51 CET 2016 

#52828: Use of --with-local-prefix= produces compilers which can mismatch headers
and libs from /usr/local/lib by default
-------------------------+-------------------------------------------------
 Reporter:  jwhowarth    |      Owner:  macports-tickets@…
     Type:  defect       |     Status:  new
 Priority:  Normal       |  Milestone:
Component:  ports        |    Version:  2.3.4
 Keywords:               |       Port:  gcc43 gcc44 gcc45 gcc46 gcc47 gcc48
                         |  gcc49 gcc5 gcc6 gcc7
-------------------------+-------------------------------------------------
 While implementing the same sandboxing in the fink project that MacPorts
 has been using, I noticed that the FSF gcc compilers fail to bootstrap
 under a sandbox with...


 {{{
 (version 1)

 (allow default)

 (deny file*
        (subpath "/usr/local")
 )
 }}}

 The bootstrap of the FSF gcc compilers fail due to an error...

 cc1: error: /usr/local/include: Operation not permitted

 One solution is to pass  '--with-local-prefix=' to configure when building
 FSF gcc with some path other than /usr/local. However this creates the
 undesirable side-effect of a FSF gcc compiler which doesn't have
 '/usr/local/include' in the header search paths but does include
 /usr/local/lib in the library search paths which makes the compiler
 susceptible to resulting in header/library mismatches out of /usr/local
 when used outside of the Apple sandbox.

 Interestingly, the clang compilers (both Apple and LLVM.org) don't have
 this issue when compiling under a sandbox which denies file access to
 /usr/local. Those compilers retain /usr/local in their search path without
 failing on file access errors in this case.

 I also noticed that the usage of '--with-local-prefix=' in the MacPorts
 FSF gcc packages dates back over nine years so it wasn't done explicitly
 to solve this issue in compiler failures under the Apple sandbox.

--
Ticket URL: <https://trac.macports.org/ticket/52828>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list