El Capitan – Using make check with DYLD_LIBRARY_PATH

dynamic librarymacossip

I develop applications using the usual Unix tool set: a compiler, make, and shared libraries. The procedure is then traditionally something like

./configure, which tailors the sources for the features of the machine it is run on,
make, which actually compiles the shared libs, executables, etc.,
make check, which runs the tests before we install the package,
make install, if the package behaves properly, and finally, optionally,
make installcheck, to make sure the installation works.

During make, the shared libs and executables are compiled in their final form: the executables are compiled with a dependency to the shared libs in their final destination (i.e., they depend on libraries in /usr/local/lib although they are not there yet, they are still in the build tree). Then make install is, roughly, just using cp to install libs and executables from the build tree to the final place.

During the make check phase, we are running the program uninstalled: the shared libs, executables and auxiliary files are still in the build tree. To run the tests you have to set up a few custom environment variables (for instance to tell your program that your auxiliary data files are not in /usr/local/share but in the source tree), and some system environment variables, to tell your share lib loader to look for the shared libs. The environment variables on traditional Unices is LD_LIBRARY_PATH, on OS X it is DYLD_LIBRARY_PATH. This has worked for (dozens of) years.

But now, El Capitan broke this.

$ (export FOO=foo; env) | grep foo
FOO=foo
$ (export DYLDFOO=foo; env) | grep foo
DYLDFOO=foo
$ (export DYLD_FOO=foo; env) | grep foo
$

now, when SIP is enabled, no DYLD_* is exported from a process to its children.

So my question is: How can we run programs that are not installed? What is the procedure to follow to be able to run the traditional Unix sequence ./configure && make && make check?

Please, no answer such as "run make install first". That's not the point. I am a developper, and running "make check" (and more generally running a non-installed version of a program) is something I do very frequently. Even installing to a dummy place is time consuming. I need something effective, and efficient. And disabling SIP will not fix the issue for users of my packages that want to run make check.

Best Answer

It seems like DYLD_* only gets stripped out for “protected” binaries (I’m not sure exactly what that means, but apparently anything in /bin and /usr/bin for starters) However, if you copy /usr/bin/env to somewhere else, it gets to keep its DYLD_* stuff:

$ cp /usr/bin/env ~/Desktop; (DYLD_FOO=bar ~/Desktop/env)|grep DY
dyld: warning, unknown environment variable: DYLD_FOO
DYLD_FOO=bar

I think make always runs commands via /bin/sh, so you can’t set “dangerous” variables in the makefile and have them affect the commands, but maybe you could move the test into a shell script, set the environment variables inside the script, and then invoke the script from make. Though obviously, this won’t help you if the tests, in turn, rely on shell scripts (or if the things tested are shell scripts!) because then they’re going to invoke /bin/sh and lose the variables again...

Related Solutions

MacOS – Need help creating Global Daemon for EyeFi Server

Don't point launchd to the init.d script but to the program the script executes. It is important that the program does not 'daemonize' (makes itself a background process) itself. This is launchd's job.

Put this in your ProgramArguments key and you should be fine:

<key>ProgramArguments</key>
<array>
    <string>/Users/Shared/eyefi/eyefiserver/bin/eyefiserver.py</string>
    <string>/Users/Shared/eyefi/eyefiserver/etc/eyefiserver.conf</string>
    <string>/Users/Shared/eyefi/eyefiserver/var/eyefiserver.log</string>
</array>

MacOS – python version 2.7.8 can’t run /usr/bin/easy_install. Try the alternative(s):

Okay.

Answer to number 1 is yes.

The fink developers recommend NOT removing the OSX versions of Python, simply because they are not terribly large files and may be necessary for certain OSX functions and programs.

And I want to have an additional version of at least python2.7 installed by fink, because it's a port tree that's designed to create a UNIX-like directory structure, which will hopefully make PostgreSQL and python play nicely together.

As far as question number 2, I'm not sure. I think this would work, but leaving the original OSX versions installed avoids the issue.

Question 3: yes. - see answer to question 1.

Making the fink version the one that runs via the terminal is a matter of:

make sure the directory containing the fink python binary precedes the OSX (or GUI-installed one) in the PATH, which can be done in users .profile or .bash_profile (located in directory ~/, the user's root) by either invoking the fink init script, . /sw/bin/init.sh, OR making sure that export PATH=/sw/bin:$PATH is included in the file AFTER any other line that exports a PATH with one of the other python paths at the beginning. For example, export PATH=/usr/bin:$PATH or export PATH=/usr/local/bin:$PATH.
Unless we want to invoke the python cli like python2.7, we'll need to make a symbolic link in the /sw/bin directory that points "python" to "python2.7", which is done by using sudo ln -s *source* *link*, which in this case looks like:

sudo ln -s /sw/bin/python2.7 /sw/bin/python

Not sure what the answer to question 4 is yet, but am seeing that any libraries that exist in /sw/bin are being called from there, as opposed to other installations. Good.

Got a copy of Learning UNIX for OS X Mountain Lion that looks quite promising.

Best Answer

Related Solutions

MacOS – Need help creating Global Daemon for EyeFi Server

MacOS – python version 2.7.8 can’t run /usr/bin/easy_install. Try the alternative(s):

Related Question