gamcall64

Q: Updating individual libraries in Darwin?

Hi,

 

I was wondering how one would go about doing this rather than waiting for them to be updated in a maybe too-distant System update? I receive notifications of security updates to Unix libraries like http://www.debian.org/security/2016/dsa-3574 and, while this is primarily an update for Debian, the alert says it's for "Unix variants" - including OS X. I see this library exists under /usr/lib, so, is it possible to update it independently of OS X updates? Presumably, you'd have to obtain the updated source from, where - FreeBSD & then compile it? Does anyone ever do this? I've heard Apple can be a bit tardy in its application of Unix security updates so there could be a reason to do this for a particularly severe case applicable to one's environment.

 

T.I.A.

 

GAM

iMac, OS X El Capitan (10.11.4)

Posted on May 11, 2016 12:33 AM

Close

Q: Updating individual libraries in Darwin?

  • All replies
  • Helpful answers

  • by Keith Barkley,Helpful

    Keith Barkley Keith Barkley May 13, 2016 4:43 AM in response to gamcall64
    Level 5 (6,382 points)
    May 13, 2016 4:43 AM in response to gamcall64

    I am going to go out on a limb and say "No"

    While OSX is a unix variant, I doubt that random files for other unices will be able to be compiled and stuffed into OSX.

  • by VikingOSX,Helpful

    VikingOSX VikingOSX May 13, 2016 4:44 AM in response to Keith Barkley
    Level 7 (20,606 points)
    Mac OS X
    May 13, 2016 4:44 AM in response to Keith Barkley

    Agree with Keith Barkley. There is no limb to go out on. It is simply taboo if you care about the normal operation of OS X. There is just too much inter-dependent stuff to start mucking with it.

     

    The entire operating system, for the version that is released, goes through regression testing with the library versions that ship with it. Any application, or System process that expects explicit library functionality, or checks the library version, may explode if it finds something newer, or whose functionality has changed from what the code expects. Even a change in a library module that departs from a previous, expected data type can wreak havoc.

  • by Keith Barkley,

    Keith Barkley Keith Barkley May 13, 2016 7:41 AM in response to gamcall64
    Level 5 (6,382 points)
    May 13, 2016 7:41 AM in response to gamcall64

    Not to mention that OSX/Darwin might put different libraries in different kext or frameworks so you would not be able to even figure out where to put the object file.

  • by Mark Jalbert,Solvedanswer

    Mark Jalbert Mark Jalbert May 13, 2016 9:17 AM in response to gamcall64
    Level 5 (4,649 points)
    May 13, 2016 9:17 AM in response to gamcall64

    libarchive is compiled on OS X with the same source code found at http://www.libarchive.org/ . Apple does change the configuration. You can find the xcode project file for your version of libarchive at http://opensource.apple.com//. Now, it is possible to apply the libarchive.org patches to the the source code found at opensource.apple then build the patched version but.... Well, you still have to overcome sip and the possibility that the finished product is not codesigned properly. Assuming that you got the patched version files installed and working, at anytime a software update could overwrite your changes.

     

    If you need the updated library or want to use the updated bsdtar or bsdcpio, then download the patched source code and compile it in a prefix such as /usr/local or $HOME/local.

  • by gamcall64,

    gamcall64 gamcall64 May 13, 2016 7:25 PM in response to Mark Jalbert
    Level 1 (8 points)
    Mac OS X
    May 13, 2016 7:25 PM in response to Mark Jalbert

    Thanks for your comprehensive reply. I understand why I'd compile bsdtar or cpio to "lesser" paths like /usr/local, but I can't avoid putting the libarchive objects in the "proper" locations (like /usr/lib) for them to work properly can I?

  • by BobHarris,

    BobHarris BobHarris May 14, 2016 8:22 AM in response to gamcall64
    Level 6 (19,272 points)
    Mac OS X
    May 14, 2016 8:22 AM in response to gamcall64

    gamcall64 wrote:

     

    Thanks for your comprehensive reply. I understand why I'd compile bsdtar or cpio to "lesser" paths like /usr/local, but I can't avoid putting the libarchive objects in the "proper" locations (like /usr/lib) for them to work properly can I?

    Look at

        man dyld

    I think you want to look closely at DYLD_LIBRARY_PATH

  • by gamcall64,

    gamcall64 gamcall64 May 14, 2016 4:26 PM in response to BobHarris
    Level 1 (8 points)
    Mac OS X
    May 14, 2016 4:26 PM in response to BobHarris

    Ah - ok. Should have known Unix would already have a mechanism in place for that type of situation. Thanks. I tried to mark your answer as helpful but it wasn't having it. Is there some type of forum limit for the number of helpful answers? Presumably there can be only one correct answer.

  • by BobHarris,

    BobHarris BobHarris May 14, 2016 7:16 PM in response to gamcall64
    Level 6 (19,272 points)
    Mac OS X
    May 14, 2016 7:16 PM in response to gamcall64

    Is there some type of forum limit for the number of helpful answers?

    1 Answer

    2 Helpful

     

    Presumably there can be only one correct answer.

    If you use the word "Correct" loosely

    Whatever the person that started the thread chooses as Answered.  But you would be surprised at the number of times they choose themselves, or accidentally click answered when the problem is not solved and they still need help, however, an answered question draws less viewers.

    I tried to mark your answer as helpful but it wasn't having it.

    That is perfectly OK.