DYLD_LIBRARY_PATH ignored on Mac OS X 10.11.x
|Reported by:||borsboom||Owned by:|
|Operating System:||MacOS X||Architecture:||x86_64 (amd64)|
|Type of failure:||None/Unknown||Test Case:|
|Related Tickets:||#8266, #8721||Differential Rev(s):|
This was first reported on the Stack issue tracker at https://github.com/commercialhaskell/stack/issues/1161, but I've traced it to the fact that GHC uses shell script wrappers for many common commands, including
Background: Mac OS X 10.11 introduced System Integrity Protection, which treats parts of the filesystem specially to prevent tampering with the system. Among those protections is that executables in
/bin, such as
/bin/sh, have the DYLD_LIBRARY_PATH variable stripped from the environment before being invoked.
hsc2hs, and others are shell scripts that use
#!/bin/sh, it means DYLD_LIBRARY_PATH is stripped from the environment when invoking them. I was able to work around this issue by copying
/bin/sh to my home directory and then modifying the
#! path in the
hsc2hs to use the copy.
I'm not sure what the best way to move forward is. Some possibilities I can think of:
- Have installer tools for OS X (such as Stack, ghcformacosx, and Homebrew) apply the workaround themselves, although that leaves out anyone who installs directly from an official bindist or builds from source, and is a duplication of effort.
make installon OS X copy
/bin/shand "fix" the wrappers itself.
- Replace the shell script wrappers with something written in Haskell that reads the paths from a configuration file.
Note: I set the component to
hsc2hs since that's where I encountered the problem, but I wouldn't be surprised if it also effected other cases (like
ghc with Template Haskell). I also hesitated to categorize this a "bug" since it's OS X's weird behaviour, and not actually something I feel GHC is doing wrong, causing this problem. But I doubt OS X is going to change, although it is possible (but not recommended) to disable SIP by booting into recovery mode and running
csrutil disable, after which these protections are no longer in place.