Slashdot Mirror
Apple's Mac OS X Update Breaks Perl
mir writes "It looks like if you use CPAN to install modules, Apple's latest security update might just have broken your Perl. According to Tatsuhiko Miyagawa 'The Security Update brings (old) IO.bundle with version 1.22 but your IO.pm has been updated to the latest 1.23 on CPAN shell. (But hey, 1.23 was released in 2006...Why do you bring that ancient version back, Apple!?)'."
We don't exactly have "package managers" in OS X. The BSD side of OS X is only barely "maintained" at all, and then in some truly obscure and incoherent bubble-headed Cupertino fashion. Anything you really want to actually work with, you have to maintain yourself: PHP, Apache, rsync, ffmpeg, Perl -- all the seriously useful stuff like that you put into /usr/local and set your $PATH accordingly. You _cannot_ trust Apple not to break things.
Doh.
Umm, what about Fink?
http://www.finkproject.org/
It's an XS module: They include components that are written in a language other than Perl, and have to be compiled against perl.
Which means that if the perl binary they are pointing to changes, they break. The code itself is fine: You just need to recompile.
Apple helpfully recompiled all the ones they shipped, so they would work. The only problem is for people who updated the modules that Apple shipped: They now have a miss-match between the Perl code that is running (that they updated) and the code that is compiled (that Apple shipped).
Basically, you've got a library header and the library object. If the header and the object don't match exactly, you've got problems. No interface was changed, no major important pieces were changed, but now you've got 1.23 headers and a 1.22 object. Change one or the other, and everything will be fine again.
Or MacPorts, formerly DarwinPorts: http://macports.org/
Wes
Why are Apple's updater and Perl's CPAN shell both trying to update the same file?
Probably this is the real point, as mentioned in the TFA:
"This is another reason why you shouldn't use Perl that comes from vendors," Miyagawa says. "Apple isn't any different from Fedora on this!"
I might add Mandriva, SuSe and most others. Distribution managers want it just run and be stable for users who do not want to know what is going on inside. If there is a need for messing with details, originally packaged software by developer is the best alternative...
CPAN is the closest thing to DLL hell on Unix systems. Modules are updated willy-nilly. No attempt is made to preserve compatibility between versions, or between modules and their dependencies. A company I used to work for had to totally abandon a large program because it was impossible to keep it working in the face of CPAN-driven upgrades, even if they did manage to get it installed the first time (by totally bypassing CPAN).
Disinfect the GNU General Public Virus!
As an XServe administrator, Apple's cryptic security updates are really starting to get on my nerves.
You would expect that, since it is based on multiple open-source projects that are freely available, Apple would push compiled updates through Software Update to its OS X Server users. Instead, they wait so long to patch things (like Amavis or the BIND patch for Dan Kaminsky's DNS bug) that I just get frustrated and apply the patch myself. Then, when a Apple Software Update does come down the pipe, I have to consider if installing it will break my configuration and land me in hot water with my boss when he can't get his e-mail anymore.
Apple needs to decide if they're going to regularly and consistently update the open-source software that their Server OS runs. If not, leave it alone and let the users apply and configure updates. This wishy-washy, middle-ground, Jobsy-come-lately approach is just an annoyance and an inconvenience.
This is not a first Apple's blopper. Any OS vendor might have those.
The question is how long would it take for Apple to fix that. In the blog post linked Fedora Perl issues actually took about year to deliver fix for RHEL.
While compiling and using your own build of Perl (or using Fink) on Mac OS X is absolutely OK, under RHEL that might easily screw up your RH support contract...
All hope abandon ye who enter here.
This is a classic problem with most *nix distribution packages and CPAN usage. This is not Apple specific.
Not to pick nits too much here, but
1) Apple stopped using 5.25" FDDs well before the 1990s. Every Mac that came with a floppy drive from their inception in 1984 came with a 3.5" FDD.
2) You can always buy a third-party CRT if you want a CRT on your Mac, iMac excepted (obviously). Aside from that, having used expensive color-calibrated displays and printers and so forth with high-end color management, etc., I'll let you all in on a big secret: There's no such thing as true color matching. The laws of physics don't allow for it (light vs. pigment).
3) By the time most need to replace the battery in your notebook, it's usually time to get a new notebook. ;)
4) Another big secret: It's perfectly possible to write clear, self-documenting code in Perl. It's only the fact that Perl programmers seem to refuse to do this that allows Python to exist ;).
My blog
from the IO.pm changelog:
IO 1.23 -- Sat Mar 25 19:28:28 CST 2006
looks to me like it's mostly bug fixes and optimization, and not a major rewrite (which would more likely warrant a major version change).
When you recognize love in another and realize how precious it is, everything else seems so insignificant.
With MacPorts you can provide a keyword before installing to see what options an install might have.
So for instance, for apache2 you might type:
port install apache2
to install. Before doing this, try:
port variants apache2
This should produce a list. Hopefully X11 is in there (I can't verify right now). Anyway, find any options you want to enable or disable, and reform your install to look like this:
port install apache2 +enable_option -disable_option
This will usually let you strip away a goofy dep like X11 from programs that don't really need it.
For the last time, PIN Number and ATM Machine are redundancies!
Quicktime is used on the Mac for much more than just showing a video - converting sound and image files from any format to any format (the reason my program can play AIFF, wav, MP3, AAC, etc is because Quicktime converts it to a stardard format for me). Therefore if the game is multiplatform like the Sims and all the sound effects are .wav files, Quicktime will probably be used as the standard API to convert them for playback.
CAn'T CompreHend SARcaSm?
Apple seems to have a separation between its left-brain UNIX underpinnings and its right-brain Quartz GUI.
For example, with the last several Security Updates, which contain very little information about what all's rolled in, Apple modifies /etc/postfix/main.cf
to
This effectively breaks all Internet-accessible postfix installs. Now, the question is why does Apple apply this to postfix installations explicitly enabled as Internet-accessible? I can't think of any good answer for this except as part of some other bass-ackwards security measures Apple applies in a schizophrenic attitude to the server functions of its UNIX-based client OS.
For another example, the Aiport Extreme Base Station prior to firmware 7.3.1 had a version of DMZ host (default host in Apple bizarro-world) that worked flawlessly. In April 2007 or thereabouts, Apple rolls out firmware 7.3.1, since which default host is broken for only for BIND (UDP port 53) and all mail ports (587, 110. 995, etc) but works for WoW, BitTorrent, and all other ports. WTF?! If I set my router to designate one computer as the default/universal host, why is it still blocking certain ports that have to be opened using port mapping?
This split-mind on UNIX vs. GUI seems to pervade Apple's mentality everywhere which is especially problematic to people like me that are not full-time developers but make extensive use of UNIX-layer services.
Really stupid stuff, Apple. I wish you'd cut it out.
blog
Serious question. When they could use Debian instead, and given these problems, why does anyone use Apple servers?
If you're a sysadmin, I imagine it is because you need one of the few bits Apple does better right now (like CalDAV) or some Apple specific technology to support Mac clients (Spotlight Server).
If you're not a sysadmin, because you're looking for an easy to admin server that you don't need any real skills to get configured and keep running.
No, this is a compiled language problem. The module is an XS module, and it has components written in C. The Perl update causes a mismatch between the library referenced by the user's compile and the system supplied one.
Just another form of DLL hell.
If this was a Pure Perl module, this issue would never have mattered. Scripting languages have the same problems as any compiled language when you break libraries.
And if you are upgrading your base code in production without any form of testing, your code deserves to crash.
I can throw myself at the ground, and miss.