[MacPorts] #50469: Git clone fails - SSL certificate problem: Couldn't understand the server certificate format
MacPorts
noreply at macports.org
Sat Apr 29 06:33:08 UTC 2017
#50469: Git clone fails - SSL certificate problem: Couldn't understand the server
certificate format
---------------------+--------------------------------
Reporter: breun | Owner: macports-tickets@…
Type: defect | Status: new
Priority: Normal | Milestone:
Component: base | Version: 2.3.4
Resolution: | Keywords:
Port: |
---------------------+--------------------------------
Changes (by ryandesign):
* cc: neverpanic, jmroot (added)
Comment:
Replying to [ticket:50469 breun]:
> {{{
> SSL certificate problem: Couldn't understand the server certificate
format
> }}}
The Homebrew folks ran into and analyzed this problem
[https://github.com/Homebrew/brew/issues/785 here]. They say the
combination of using the root user, plus the use of `sandbox-exec`, leads
to this problem, because:
{{{
Aug 22 14:53:23 kernel[0]: Sandbox: curl(43548) deny(1) file-write-data
/private/var/db/mds/system/mds.lock
}}}
MacPorts does use `sandbox-exec` when using `system`, and does use
`system` when fetching from git. Can we add that location to the list of
locations allowed by the sandbox? From the end of portsandbox.tcl it looks
like we already allow everything in /private/var/tmp and
/private/var/folders so adding /private/var/db might be reasonable.
--
Ticket URL: <https://trac.macports.org/ticket/50469#comment:47>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list