helloworld.app/Contents/Resources/en.lproj/MainMenu.nib 100644 0/0 27463 4224082203Īnd the checksum can be calculated with cksum which prints the size in bytes and the CRC32: helloworld.app/Contents/Resources/en.lproj 40755 0/0 helloworld.app/Contents/Resources 40755 0/0 helloworld.app/Contents/MacOS 40755 0/0 The BOM content for a simple package looks like this (path, octal mode, UID/GID, size, CRC32): While pkgutil/repair_packages could check file content hasn't changed by calculating the CRC32 and comparing that with the one in the BOM, it doesn't. $ lsbom -p MUGsf /private/var/db/receipts/ These options are more readable than the defaults: Always use pkgutil to query or modify them"). Use lsbom to inspect bill of materials files (note apple says "The files and directories where receipts are stored are subject to change. helloworld.app/Contents/Resources/en.lproj/MainMenu.nib helloworld.app/Contents/Resources/en.lproj/InfoPlist.strings helloworld.app/Contents/Resources/en.lproj/Credits.rtf helloworld.app/Contents/Resources/en.lproj helloworld.app/Contents/MacOS/helloworld
#Package files for mac install#
tar understands xar on OS X but on linux you'll need to install the xar package and use 'xar -xf helloworld.pkg': Here is a manual unpacking sequence (if you just want metadata use the pkgutil commands to avoid all this unpacking). To extract the files on OS X, use (note tempdir will be created and can't exist prior to running the command): PKG files are just XAR files that contain a bunch of metadata files and the app itself inside a zipped cpio. $ codesign -d -vvv /Applications/Safari.app/Įxecutable=/Applications/Safari.app/Contents/MacOS/Safariįormat=bundle with Mach-O universal (i386 x86_64)ĬodeDirectory v=20100 size=185 flags=0x0(none) hashes=3+3 location=embeddedĬDHash=66615ae53cb89ac254e4efc6d3eb2f93fa6a4a85Īuthority=Apple Code Signing Certification Authority $ pkgutil -check-signature /Applications/Safari.app/
Pkgutil has a code signing check feature, but it looks like it is broken or doesn't work how I expected it to: There isn't any uninstall functionality on OS X, this command just drops the metadata out of the receipts directory, which is handy if you want to re-install:
#Package files for mac how to#
See the end of this post for how to verify the file content. Verify file permissions and owner/group is the same as listed in the package BOM in /private/var/db/receipts/ (actually calls repair_packages).
0 kommentar(er)
