[MacPorts] #3075: BUG: ghostview-1.5.mpkg in Tiger-Packages overwrites /etc, kills system login

MacPorts noreply at macports.org
Fri Sep 26 22:31:50 PDT 2008


#3075: BUG: ghostview-1.5.mpkg in Tiger-Packages overwrites /etc, kills system
login
--------------------------------+-------------------------------------------
  Reporter:  rajeev at cns.bu.edu  |       Owner:  toby at macports.org
      Type:  defect             |      Status:  closed           
  Priority:  Normal             |   Milestone:  Port Bugs        
 Component:  ports              |     Version:  1.0              
Resolution:  invalid            |    Keywords:                   
      Port:  ghostview          |  
--------------------------------+-------------------------------------------
Changes (by ryandesign at macports.org):

  * port:  => ghostview


Old description:

> Dear Darwinports,
> I tried installing the ghostview-1.5.mpkg (the binary from the Tiger-
> Packages
> dir in the packages.opendarwin.org WebDAV.
> It seemed to go fine, apart from the very old version of ghostview that
> it
> installed! But then no new terminal windows would open, and sudo would
> give
> "unable to initialize PAM: No such file or directory"
> It turns out that the package had overwritten /etc/, so that instead of
> being
> linked to /private/etc/ where master.passwd resides, instead there was a
> dir
> /etc/X11/app-defaults/ghostview (if I remember it correctly, it's deleted
> now).
>
> A reboot failed --- dropping me into a bare shell, and a second reboot
> hung
> completely. Luckily I still had a 10.3.9 partition to boot from, from
> where I
> was able to figure out what the problem was and fix the /etc link.
>
> This ghostview package (or maybe the ghostscript package that it also
> installs?)
> is extremely dangerous! For a while I thought that I would have to
> completely
> reinstall Tiger.
>
> I thought that darwinports installs were all meant to go into
> /opt/local/,
> leaving system files untouched? Overwriting the main system password file
> is
> definitely bad behaviour!
>
> Raj

New description:

 Dear Darwinports,
 I tried installing the ghostview-1.5.mpkg (the binary from the Tiger-
 Packages
 dir in the packages.opendarwin.org WebDAV.
 It seemed to go fine, apart from the very old version of ghostview that it
 installed! But then no new terminal windows would open, and sudo would
 give
 "unable to initialize PAM: No such file or directory"
 It turns out that the package had overwritten /etc/, so that instead of
 being
 linked to /private/etc/ where master.passwd resides, instead there was a
 dir
 /etc/X11/app-defaults/ghostview (if I remember it correctly, it's deleted
 now).

 A reboot failed --- dropping me into a bare shell, and a second reboot
 hung
 completely. Luckily I still had a 10.3.9 partition to boot from, from
 where I
 was able to figure out what the problem was and fix the /etc link.

 This ghostview package (or maybe the ghostscript package that it also
 installs?)
 is extremely dangerous! For a while I thought that I would have to
 completely
 reinstall Tiger.

 I thought that darwinports installs were all meant to go into /opt/local/,
 leaving system files untouched? Overwriting the main system password file
 is
 definitely bad behaviour!

 Raj

--

-- 
Ticket URL: <http://trac.macports.org/ticket/3075#comment:17>
MacPorts <http://www.macports.org/>
Ports system for Mac OS


More information about the macports-tickets mailing list