Fixing packages with expired signatures
In my previous post, I provided a tool to enable you to check your collection(s) of packages to determine if any are affected by the Package Apocalypse.
But what to do once you’ve found packages with expired signatures? If Apple has provided an updated replacement package at http://support.apple.com/downloads/, it’s probably best to replace the package with the expired signature with the updated one.
But that might not always be possible — Apple has not provided replacements for every package that has been affected, or the replacement might not be practical to use.
For example, the packages included in the iLife ’11 Install DVD have expired signatures. The only “replacement” available would be the Mac App Store versions of the iLife 11 apps. Not all iLife ’11 apps from the DVD have App Store equivalents, and distributing the App Store versions is a whole different set of issues.
So the ideal solution here is to somehow fix the packages with expired signatures so they will work with your software distribution mechanism. It turns out that you can do this with an Apple-provided tool — pkgutil.
pkgutil --expand SomeFlat.pkg /tmp/SomeFlat.pkg
pkgutil --flatten /tmp/SomeFlat.pkg SomeFlatFixed.pkg
Expanding and reflattening a flat package has a side-effect of removing the package signing. the command-line installer tool will happily (at least as of this writing) install unsigned flat packages.
So there you have it — a way to fix packages broken by the Package Apocalypse. But it’s a tedious process. To help, I offer yet another tool — flatpkgfixer.py.
This tool will remove package signing either from a single flat package:
./flatpkgfixer.py /path/to/expired.pkg /path/to/new_fixed.pkg
or can fix up an entire disk image containing packages:
./flatpkgfixer.py /path/to/iLife11.dmg /path/to/iLife11_fixed.dmg
This tool is brand new, and could very well have bugs, but I hope it’s useful to some!
Explore posts in the same categories: Deployment, Leopard, Lion, OS X, Python, Security
March 24, 2012 at 7:30 pm
[...] Greg Neagle’s checkPackageSignatures and flatpkgfixer scripts are extremely helpful here. checkPackageSignatures will help you find expired certificates [...]
March 24, 2012 at 7:33 pm
I’ve tested this on a iLife 11 retail disk image and it works as advertised. Once package signing was removed from the flat packages contained in iLife .dmg, I was able to install iLife 11 and then update it with the correct updates from Software Update.
March 24, 2012 at 7:40 pm
[...] this after Friday, March 23 2012, make sure to remove iLife 11′s package signing using Greg Neagle’s flatpkgfixer script prior to using the repackaging procedure [...]
March 25, 2012 at 2:51 am
Thanks so much Greg this has saved the day.
March 25, 2012 at 4:28 am
How do you do it? I’m clueless, pls help ASAP!
April 27, 2012 at 10:10 am
You must be as confused as I was Matthew. I figured it out though. In my case I used a iLife 11 Install DMG that I created in Disk Utility. Saved that to the desktop. We ultimately are modifying this DMG, which is the whole point of this script to a new DMG, that has the flat files repaired. First you have to take the script that he makes available and save it as a text document, saving it as a .py (Python Script) extension. in this case flatpkgfixer.py . I saved the file to my desktop. From there you have to give the script executable permissions by opening up the terminal and running the command:
sudo chmod a+x ~/Desktop/flatpkgfixer.py
from there it should promt you for your password. Enter it and continue.
Now comes time to execute the script. I will tell you what worked for me.
From terminal
sudo python ~/Desktop/flatpkgfixer.py ~/Desktop/iLife\ \’11\ Install\ DVD.dmg ~/Desktop/iLife11_fixed.dmg
From there it will create a newly repaired iLife 11 DMG. Hope that explains it.
May 22, 2012 at 10:37 am
Does anyone here know of a way to add a bundle identifier to an existing package? When I run Apple software update, I get a ton of errors for “missing bundle identifiers” in Office 2008 receipt files. I know that Office is running fine and the problem is limited only to the Office packages in /Library/Receipts. So I thought if I could somehow add a bundle identifier to each of the offending packages, I’d stop getting the errors for my users.
June 20, 2012 at 8:08 am
Followed your very clear instructions and all when well.
Installed iLife 2011 on Lion 10.7.4 without problem.
The only FLAW is with software update.
Do not offering me iPhoto updates (only all the other).
iPhoto is not working on Lion without update (9.1 follow by 9.2.3).
Do you met the same problem.
March 25, 2012 at 4:43 am
This is great news to wake up to this morning. Thanks for finding this for us and sharing, Greg- our workflows aren’t as broken as they looked on Friday.
March 25, 2012 at 9:58 am
[...] Trials and Tribulations of an OS X Administrator « Xcode 4 Cocoa-Python Templates Fixing packages with expired signatures [...]
March 25, 2012 at 5:25 pm
Reblogged this on acdesigntech and commented:
Since this is a pretty big deal in the world of Apple System Management, I am re-blogging this on acdesigntech so it gets more coverage. Thanks for everything, Greg!
March 25, 2012 at 5:28 pm
It’s so nice not to have my hands tied with this anymore (or at least, less tied). Despite underscoring a true need for some enterprise support oversight at Apple, this is going to give way too much ammo to our windows admins now. le sigh…
March 25, 2012 at 6:13 pm
Wow…dude….U ROK!!!!!
:):)
March 25, 2012 at 6:23 pm
Why am i getting failed to create at the end? Am i doing anything wrong?
March 25, 2012 at 6:24 pm
Is the destination directory writable and does it have enough space? What is the specific error?
March 25, 2012 at 6:37 pm
It was my fault, re-did it and it work! Thanks man
March 26, 2012 at 7:22 am
do in terminal “chmod a+x /path/flatpkgfixer.py before using.
Thank you for the script, is perfect!
March 26, 2012 at 7:24 am
oops! don’t use “, is only chmod a+x /path/flatpkgfixer.py
March 26, 2012 at 7:54 am
Thank you, thank you, thank you!
Now we have an automated solution for those packages not re-signed by Apple, and don’t have to task some monkey with repackaging them all!
March 26, 2012 at 7:58 am
Greg,
What can I say man?? Your work and diligence saved me again. Luckily, I had some time and plenty of bandwidth over our spring break this week to deal with re-downloading our software update mirrors.
Without your fix, imaging this summer would have been very bad!! Not fond of having to apply this to legitimate installer CDs such as iLife 11 and iWork 09, but at least I know of the issue and have a fix thanks to you.
Made sure to kick a note up to the Apple rep though on the discs and forwarded your posts on to other K-12 Mac admins in Indiana and Michigan so maybe they can plan accordingly.
March 26, 2012 at 3:23 pm
Quick question…that you can run the script on a DMG and have it recursively “fix” all the PKG installers within it…does this mean we can run it on an entire share and have it “fix” all the PKG installers on that share?
Else do we have to run it once on each PKG on that share?
Thanks,
Don
March 26, 2012 at 3:25 pm
Sorry, flatpkgfixer.py works on a single flat package or single disk image at a time. It needs a source and destination.
Someone else can write a wrapper that fixes up an entire share!
March 26, 2012 at 10:32 pm
I can’t seem to get the script to work on the GarageBandBasicContent.pkg package that the App Store version of Garage Band 6.x downloads and installs when you run Garage Band the first time.
pkgutil has problems trying to extract the Payload file.
Any ideas how to fix this?
March 27, 2012 at 12:57 am
[...] http://managingosx.wordpress.com/2012/03/24/package-apocalypse/ http://managingosx.wordpress.com/2012/03/24/fixing-packages-with-expired-signatures/ [...]
March 27, 2012 at 5:21 am
We were massdeploying when i strumbled upon your news: know we know why iLife11, Garageband, ARD, … refuse to install and how to fix it.
You saved our day!
Thank you very much for sharing.
Greetings from some grateful swiss k-12 macadmins.
March 27, 2012 at 11:42 am
I have fixed all iLife11 pkg with /flatpkgfixer.py /path/to/iLife11.dmg /path/to/iLife11_fixed.dmg command line, copyed all the fixed pkg to my Iceberg project and, after that, I have replaced the untouched iLife.pkg (original one) to my Iceberg project to get the compilated package to work.
thanks for your help!!
Pour que iLife11 fonctionne j’ai utilisé le script flatpkgfixer.py en corrigeant les signatures des pkg de iLife a l’aide de la commande /flatpkgfixer.py /path/to/iLife11.dmg /path/to/iLife11_fixed.dmg, après avoir déplacé les pkg fixé dans mon dossier projet de Iceberg, j’ai remis l’original iLife.pkg dans mon dossier projet de Iceberg avant la compilation final.
Merci pour votre précieuse aide.
March 28, 2012 at 11:34 am
This is wonderful work and the fix looks great. Sadly I’m stuck on 10.6.8 for some months to come and was wondering if there was anything I could do to fix the packages that I hanve now.
March 28, 2012 at 11:38 am
You should be able to run the flatpkgfixer.py script on Snow Leopard.
March 28, 2012 at 7:04 pm
Good Day Sir
Sorry for a very dumb question but I really need to fix my ilife2011.dmg.
where will I open the flatpkgfixer.py and where will i type
./flatpkgfixer.py /path/to/iLife11.dmg /path/to/iLife11_fixed.dmg
Thank You so much!!! I really need your help
March 28, 2012 at 7:08 pm
its says…
Last login: Thu Mar 29 11:04:27 on ttys000
cd ‘/Users/macservemanila/’ && ‘/usr/bin/pythonw’ ‘/Users/macservemanila/flatpkgfixer.py’ && echo Exit status: $? && exit 1
MacServeManilas-MacBook:~ macservemanila$ cd ‘/Users/macservemanila/’ && ‘/usr/bin/pythonw’ ‘/Users/macservemanila/flatpkgfixer.py’ && echo Exit status: $? && exit 1
Too few arguments!
Usage: flatpkgfixer.py sourceitem destination
MacServeManilas-MacBook:~ macservemanila$ ./flatpkgfixer.py /Users/macservemanila/iLife.dmg /Users/macservemanila/iLife11_fixed.dmg-bash: ./flatpkgfixer.py: Permission denied
MacServeManilas-MacBook:~ macservemanila$
Please help me sir… Thank You so much
March 28, 2012 at 8:00 pm
flatpackagefixer.py is a Python script. You’ll either need to set the execute bit:
chmod a+x /Users/macservemanila/flatpackagefixer.py
Then:
/Users/macservemanila/flatpackagefixer.py /Users/macservemanila/iLife.dmg /Users/macservemanila/iLife11_fixed.dmg
(all one line)
Or call it from python:
python /Users/macservemanila/flatpackagefixer.py /Users/macservemanila/iLife.dmg /Users/macservemanila/iLife11_fixed.dmg
(all one line)
March 28, 2012 at 8:21 pm
I knew how to run it. Thank you sir!!!!
March 30, 2012 at 4:25 am
A big thank you for sharing this tool!
It could be enhanced if it also converted the packages within a .mpkg file.
March 30, 2012 at 4:39 am
Never mind, I was a bit too eager.
I wanted to use the tool with iWork09.mpkg. But that file doesn’t have a certificate to begin with.
April 2, 2012 at 5:47 pm
love your work, thanks heaps!
April 6, 2012 at 5:04 am
I am not able to download flatpackagefixer.py using the link you’ve provided. Is that link now dead?
April 6, 2012 at 6:20 am
Nope — I just checked it and it’s fine. Maybe Dropbox was down for a bit?
April 8, 2012 at 12:19 am
Another solution to the problem is to set the clock in an earlier date. I’ve installed all iTunes updates after setting the clock prior to March 23th and the installation worked like a charm.
June 6, 2012 at 5:39 pm
that totally worked for me as well! thanks Greg for making this post and for the script. Thanks John for the alternate solution!
April 12, 2012 at 4:08 pm
The signature on a pkg can be quickly identified and stripped without extracting and flattening the package. I put together a quick proof of concept tool to do it: https://github.com/etrepum/strip_pkg_signature
April 12, 2012 at 4:11 pm
That seems like it would be a lot faster than my method! Please go back in time three weeks and release your tool!
April 13, 2012 at 7:37 am
[...] posted as reply to Greg Neagle’s post regarding his very helpful tool to fix PKG installers with expired certs, this deserves some [...]
April 23, 2012 at 10:15 am
[...] [...]
May 3, 2012 at 2:14 am
Thanks a lot, you’re my hero
May 15, 2012 at 12:02 am
I just ran into this with deploystudio trying to install some (still current) Apple distributed printer drivers.
I found it easier to just add the -allowUntrusted flag to the /usr/bin/installer command, but of course I’m only comfortable with that because I know every package on the server, there’s an obvious security risk in doing it this way.
May 17, 2012 at 11:38 pm
[...] Neagle has released two extremely useful scripts, checkPackageSignatures and flatpkgfixer. checkPackageSignatures will help you find expired certificates in your packages and disk [...]
May 28, 2012 at 4:40 am
Many thanks for this script
May 31, 2012 at 6:17 am
this is a life saver for me! Thanks!
June 5, 2012 at 10:17 am
thank you thank you thank you sooooo much !! you saved my day !! make my life so much easier !! you’re my heroe ! marry me !!
June 19, 2012 at 2:52 am
thankyou for this. i thought i have to redownload combo update , but with your help, i could update easily without doing it…
June 20, 2012 at 6:33 am
Worked for me but for one thing.
After installation software update do not offer me update for iPhoto.
iPhoto not working, have to be updated.
Somebody have the same problem.
July 6, 2012 at 9:12 am
See this:
http://managingosx.wordpress.com/2012/07/06/iphoto-9-vs-software-update/
July 6, 2012 at 10:11 am
Thank for your answer Greg
I did the updates downloading manually from Apple site.
At least I have now a iLife 2011.dmg that is working without unexpected error or expired certificate.
July 10, 2012 at 9:17 am
Still lost. Uncertain what my dmg needs to be named. I named it “iLife ’11 Install DVD” but get a file doesn’t exist error. What should my dog be named?
July 10, 2012 at 9:20 am
You may name it anything you’d like. Are you tripping over embedded spaces in the name? Perhaps you might want to copy and paste exactly what you are trying and what results you have.
July 10, 2012 at 9:18 am
What should my dog be named? Ooops! What should my dog be named?
July 10, 2012 at 9:20 am
dog = .dmg What the hell?
July 10, 2012 at 9:24 am
embedded spaces in the name? Don’t understand
July 10, 2012 at 9:25 am
I’m guessing you haven’t used the command-line much, then. Please copy and paste what you are trying to do so we don’t have to guess.
July 10, 2012 at 9:28 am
can you call me, or can I call you?
July 10, 2012 at 9:46 am
I think I got it going. Says: Mounting /Users/richarddwyer/Desktop/iLife ’11 Install DVD.dmg…
July 13, 2012 at 7:18 am
File “strip_pkg_signature.py”, line 28
VERSIONS = {0, 1}
^
SyntaxError: invalid syntax
July 13, 2012 at 7:19 am
Did not work for me
July 13, 2012 at 7:27 am
That’s not my script. Looks like you are trying to use Bob Ippolito (@etrepum)’s script.
You might want to open an issue here:
https://github.com/etrepum/strip_pkg_signature
July 13, 2012 at 11:40 am
I tried your script with success however, it still says that I need to update to the latest version before I can run the software…
July 13, 2012 at 12:01 pm
Yes Taycha, you have to update manually especially for iPhoto.
This a post from this forum, READ THAT:
More info for iPhoto 9 vs Software Update
It appears that the only update for iPhoto 9 currently offered in Apple Software Update is the iPhoto 9.3 update.
There are two problems with this.
This update requires Mac OS X 10.7.4. If you are running anything older, it will not be shown as an available update.
This update requires iPhoto 9.1. If you are running iPhoto 9.0, it will not be shown as an available update.
Workarounds:
For 10.7.4 machines, install the standalone iPhoto 9.1 update. The 9.3 update will become available. (Of course you could just use the standalone updates to update all the way to iPhoto 9.3.)
For machines running OS X versions earlier than 10.7.4, you’ll need to use the standalone updates to first update to iPhoto 9.1, then to iPhoto 9.2.3.
You will have to download the updates from the Apple site:
iMovie 9.0.4
http://support.apple.com/kb/DL1412
iPhoto 9.1 first and 9.2.3 second (the two are necessary if you are not on Lion 10.7.4).
http://support.apple.com/kb/DL1322
http://support.apple.com/kb/DL1514
Hope that help
July 13, 2012 at 12:19 pm
This is all the info I have collected from the different posts and from my own experience with it to have a perfectly working iLife 2011 installed over Lion and Snow Leopard.
I put everything together in one post to facilitate the use of this wonderful script to everybody.
This is for the one that have a problem to install iLife 2011 from the original DVD or .dmg – unexpected error or Expired certificate.
The solution is a script that will remove the certificate from iLife 2011.dmg using terminal.
Expanding and reflattening a flat package has a side-effect of removing the package signing
So there you have it — a way to fix packages broken by the Package Apocalypse.
You can also use that script for others Apple broken package (you change the name in the script).
The source for this information: Forum: http://managingosx.wordpress.com/2012/03/24/fixing-packages-with-expired-signatures/#comment-10832
Download link for the script flatpkgfixer.py:
http://dl.dropbox.com/u/8119814/flatpkgfixer.py
HOW TO by Joe Sofia:
In my case I used a iLife 11 Install DMG that I created in Disk Utility. Saved that to the desktop. We ultimately are modifying this DMG, which is the whole point of this script to a new DMG, that has the flat files repaired. First you have to take the script that he makes available and save it as a text document, saving it as a .py (Python Script) extension. in this case flatpkgfixer.py . I saved the file to my desktop. From there you have to give the script executable permissions by opening up the terminal and running the command:
sudo chmod a+x ~/Desktop/flatpkgfixer.py
from there it should promt you for your password. Enter it and continue.
Now comes time to execute the script. I will tell you what worked for me.
From terminal
sudo python ~/Desktop/flatpkgfixer.py ~/Desktop/iLife\ \’11\ Install\ DVD.dmg ~/Desktop/iLife11_fixed.dmg
From there it will create a newly repaired iLife 11 DMG. Hope that explains it.
Note: you have to have a password in order to use the Terminal
Make sure that the name (iLife ’2011) in the script is exactly the name of your .dmg
If not the terminal will tell you that he cannot find your .dmg (copy the name from terminal and paste it on your .dmg
Software update will NOT offer you the update for iPhoto and iMovie but you gone have it for GarageBand, iDVD and iWeb.
You will have to download the updates from the Apple site:
iMovie 9.0.4
http://support.apple.com/kb/DL1412
iPhoto 9.1 first and 9.2.3 second (the two are necessary if you are not on Lion 10.7.4).
http://support.apple.com/kb/DL1322
http://support.apple.com/kb/DL1514
More info for iPhoto 9 vs Software Update
It appears that the only update for iPhoto 9 currently offered in Apple Software Update is the iPhoto 9.3 update.
There are two problems with this.
This update requires Mac OS X 10.7.4. If you are running anything older, it will not be shown as an available update.
This update requires iPhoto 9.1. If you are running iPhoto 9.0, it will not be shown as an available update.
Workarounds:
For 10.7.4 machines, install the standalone iPhoto 9.1 update. The 9.3 update will become available. (Of course you could just use the standalone updates to update all the way to iPhoto 9.3.)
For machines running OS X versions earlier than 10.7.4, you’ll need to use the standalone updates to first update to iPhoto 9.1, then to iPhoto 9.2.3.
Hope that help
July 17, 2012 at 1:25 pm
just worked like a charm for iLife11. many thanks for this tool !
August 9, 2012 at 9:03 am
OK, so I am running Mountain Lion (10.8) and I am trying to install iWeb 3.0.4 manual update using the DMG file from CNET downloads. I currently have an older version of iWeb installed, but it doesn’t give me an error that others are having where it tells you it cannot find the previous version. I followed the instructions above using the Python script. Everything was successful, and the _fixed.dmg was created on the Desktop path with no errors. When I try to install from the fixed DMG, I still get the error, “iWeb Update can’t be installed on this disk. This update requires Mac OS X 10.7 or newer.”
Any ideas?
August 30, 2012 at 2:09 pm
Hello, thank you for your help! When I write sudo python ~/Desktop/flatpkgfixer.py ~/Volumes/iLife\ \’11\ Install\ DVD.dmg ~/Desktop/iLife11_fixed.dmg in Terminal, the answer is that it doesn’t exist. And when I open the finder, I can’t see it on User/Desktop, but I can see it on my real desktop. I don’t understand at all. Is that because I’m working on Snow Leopard?
August 30, 2012 at 2:21 pm
Do this instead:
Make sure the iLife ’11 Install DVD is NOT mounted. If the dmg is on your desktop then:
sudo python ~/Desktop/flatpkgfixer.py ~/Desktop/iLife\ \’11\ Install\ DVD.dmg ~/Desktop/iLife11_fixed.dmg
August 31, 2012 at 1:37 pm
It works!! Wonderful. Thank you very much.
September 20, 2012 at 8:06 am
I think you are missing further information about the code I had to refer to some commentary
October 5, 2012 at 5:30 am
thank you so much for this – it worked with the newly installed mountain lion – now Iphoto works again. Had I known it would cause so many problems I would not have bothered with it at all. Thanks again.
December 2, 2012 at 7:34 am
Sorry Greg for the complete noob question. I googled a lot on how to execute .py on mac. How do I execute your script python on ML ?
December 2, 2012 at 7:54 am
A similar question was asked and answered earlier in this set of comments. I replied then:
flatpackagefixer.py is a Python script. You’ll either need to set the execute bit:
chmod a+x /path/to/flatpackagefixer.py
Then:
/path/to/flatpackagefixer.py /path/to/iLife.dmg /path/to/iLife11_fixed.dmg
(all one line)
Or call it from python:
python /path/to/flatpackagefixer.py /path/to/iLife.dmg /path/to/iLife11_fixed.dmg
(all one line)
March 5, 2013 at 7:35 am
Reblogged this on Zanuf….
March 5, 2013 at 2:21 pm
[...] I was not able to install the downloaded MAC to the flash drive for the installation. I was getting the "Certificate Expired Error" and by doing google I found a script which fixes this issue. http://managingosx.wordpress.com/201…ed-signatures/ [...]
March 22, 2013 at 11:10 pm
Great tool–thank you!!! Unfortunately, I’m unable to get it to work properly. After the python script runs for a few minutes (expanding/flattening the different packages), it ends up giving me an error during what I think is nearly the end of the process:
Excerpt of lines just prior to the failure:
Expanding /private/tmp/dmg.1NOv20/Installer/Packages/iPhotoLibraryUpgradeTool.pkg to /tmp/tmpo8zsi9/iPhotoLibraryUpgradeTool.pkg…
Flattening /tmp/tmpo8zsi9/iPhotoLibraryUpgradeTool.pkg to /tmp/tmpKWA4TZ/iPhotoLibraryUpgradeTool.pkg…
Expanding /private/tmp/dmg.1NOv20/Installer/Packages/iWeb.pkg to /tmp/tmpo8zsi9/iWeb.pkg…
Problem extracting file from package: /tmp/tmpo8zsi9/iWeb.pkg/Payload
ERROR: Command ‘['/usr/sbin/pkgutil', '--expand', '/private/tmp/dmg.1NOv20/Installer/Packages/iWeb.pkg', '/tmp/tmpo8zsi9/iWeb.pkg']‘ returned non-zero exit status 1 expanding /private/tmp/dmg.1NOv20/Installer/Packages/iWeb.pkg
I tried re-running the entire workflow, step-by-step as described on this page (thanks for the wonderful instructions). However, it failed at the exact same place again, with the same error message. I know just enough to be dangerous, so could somebody please kindly enlighten me as to what my problem might be, and how I might go around fixing it? Just in case it helps, here are the exact commands I’m running:
sudo chmod a+x ~/Desktop/flatpkgfixer.py
sudo python ~/Desktop/flatpkgfixer.py ~/Desktop/Apple/iLife\ \’11\ Install\ DVD.dmg ~/Desktop/iLife11_fixed.dmg
March 23, 2013 at 6:14 am
Sounds like the disk image of your iLife DVD might be corrupt, since it can’t successfully expand the iWeb.pkg.
You could confirm by trying to do it manually.
March 23, 2013 at 8:16 am
Thanks for the tip! Fortunately, iWeb is one of the features I DON’T want, so maybe I can redo all the others individually. I believe there are instructions above to do just that (I was trying to do the whole install dmg in one fell swoop), but I’ll re-read this page. Thank you.
March 23, 2013 at 8:49 am
I was able to successfully complete the process, though I had to use the script referenced above on this page:
Bob Ippolito (@etrepum) Says:
April 12, 2012 at 4:08 pm
The signature on a pkg can be quickly identified and stripped without extracting and flattening the package. I put together a quick proof of concept tool to do it: https://github.com/etrepum/strip_pkg_signature
Reply
GregN Says:
April 12, 2012 at 4:11 pm
That seems like it would be a lot faster than my method! Please go back in time three weeks and release your tool!
Reply
This process worked well, and was very fast indeed! I had to make a new dmg, but I deleted the programs I don’t want anyway to make a smaller dmg. THANK YOU for hosting this page and creating the solutions!!! Install was successful, THANKS TO YOU!!