#3075 closed defect (invalid)
BUG: ghostview-1.5.mpkg in Tiger-Packages overwrites /etc, kills system login
| Reported by: | rajeev@… | Owned by: | tobypeterson |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | 1.0 |
| Keywords: | Cc: | mabuice@…,markd@… | |
| Port: | ghostview |
Description (last modified by ryandesign (Ryan Carsten Schmidt))
Dear Darwinports, I tried installing the ghostview-1.5.mpkg (the binary from the Tiger-Packages dir in the packages.opendarwin.org WebDAV. It seemed to go fine, apart from the very old version of ghostview that it installed! But then no new terminal windows would open, and sudo would give "unable to initialize PAM: No such file or directory" It turns out that the package had overwritten /etc/, so that instead of being linked to /private/etc/ where master.passwd resides, instead there was a dir /etc/X11/app-defaults/ghostview (if I remember it correctly, it's deleted now).
A reboot failed --- dropping me into a bare shell, and a second reboot hung completely. Luckily I still had a 10.3.9 partition to boot from, from where I was able to figure out what the problem was and fix the /etc link.
This ghostview package (or maybe the ghostscript package that it also installs?) is extremely dangerous! For a while I thought that I would have to completely reinstall Tiger.
I thought that darwinports installs were all meant to go into /opt/local/, leaving system files untouched? Overwriting the main system password file is definitely bad behaviour!
Raj
Change History (18)
comment:1 Changed 20 years ago by toby@…
| severity: | critical → normal |
|---|
comment:2 Changed 20 years ago by jjramsey@…
| severity: | normal → critical |
|---|
comment:3 Changed 20 years ago by toby@…
| severity: | critical → normal |
|---|
comment:4 Changed 20 years ago by jjramsey@…
| Owner: | changed from darwinports-bugs@… to toby@… |
|---|
comment:5 Changed 20 years ago by jmpp@…
| Cc: | mabuice@… added |
|---|
comment:7 Changed 20 years ago by snu@…
| Priority: | expected → blocker |
|---|---|
| severity: | normal → critical |
| Summary: | ghostview-1.5.mpkg in Tiger-Packages overwrites /etc, kills system login → BUG: ghostview-1.5.mpkg in Tiger-Packages overwrites /etc, kills system login |
comment:8 Changed 20 years ago by rajeev@…
The ghostview and ghostscript packages are both still on packages.opendarwin.org (both last modified Apr.30,2005). It strikes me that maybe they should be removed until the bug has been fixed, so that other people don't have their systems messed up in the meantime. I'm not sure which of the two packages is the one that overwrote /etc, I guess probably only one is the guilty package and should be removed.
comment:9 Changed 19 years ago by toby@…
This is actually easier to fix than you'd think:
rm -fr /etc ln -s private/etc /etc
comment:10 Changed 19 years ago by toby@…
| severity: | critical → normal |
|---|
comment:11 Changed 19 years ago by toby@…
| Priority: | blocker → expected |
|---|
comment:12 Changed 19 years ago by toby@…
| Status: | new → assigned |
|---|
comment:13 Changed 19 years ago by toby@…
Heh, I'm somewhat interested in knowing where you found out about packages.opendarwin.org in the first place. It's far from supported, and mostly exists as a test of our packaging stuff. Anyway, I've finally got X11 installed on a box, and and working on fixing this.
comment:14 Changed 18 years ago by pipping@…
| Milestone: | → Available Ports |
|---|
comment:15 Changed 18 years ago by pipping@…
| Milestone: | Available Ports → Port Bugs |
|---|
comment:16 Changed 17 years ago by markd@…
| Cc: | markd@… added |
|---|---|
| Resolution: | → invalid |
| Status: | assigned → closed |
I have seen this but not for a long time. I think it must be fixed by now, and I'm sure it doesn't have to do with this port anyway. If the problem resurfaces we should have some more up-to-date information anyway. Closing.
comment:17 Changed 16 years ago by ryandesign (Ryan Carsten Schmidt)
| Description: | modified (diff) |
|---|---|
| Port: | ghostview added |
I was hit by this bug, too. I recovered by doing an upgrade from the Tiger CD. Raising the severity to critical, since wiping out the /etc directory is pretty severe.