• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Admin authorization vs Root authorization
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Admin authorization vs Root authorization


  • Subject: Re: Admin authorization vs Root authorization
  • From: Mike Fischer <email@hidden>
  • Date: Tue, 27 Jun 2006 00:09:31 +0200

Am 26.06.2006 um 21:02 schrieb "Perbix, Michael" <email@hidden>:

I have a meta-package with several components, one of which is a preference
file being put into a local user account. When I use ROOT AUTH required
(making the package with Iceberg) and choose the preferences folder as the
default install spot, it modifies the permissions on the folder.

How do you get Iceberg to build a package that will place anything into a local user account? I don't think that is a supported thing to do in installer packages at the moment. I hope you're not hard-coding your short username into the base path of an installer package?


Usually the only way to install things into a local user account is by using something like a postflight script to put it there. Get the package to install to some temporary place then use the script to move the installed files to the user folder and correct the owner and permission info as necessary.


As for setting the permissions, you set them on the files when you build your file structure in Iceberg. If you set the wrong permissions then those will be installed. Or did I miss something here?



I know this is a bug (or perhaps design) of the installer...but how can I
force authentication of a package without the path getting munged like that?
Would Admin Auth be a better choice?

Probably not. Having root (or admin) rights should enable the installer to install anything with whatever permissions you specified.



I am also installing a kernel extension, so that causes authentication for
the whole metapackage....by not requiring authentication on the other
components, they all install correctly.

As an aside: admin authorization seems to be enough for installing a kernel extension. But apart from that I don't know how to deal with differing authorization requirements in the subpackages of a metapackage. I'd assume that having too much authorization would not hurt the installation process in any way. (It might only be a security risk.)


You can get the real uid and gid of the user who is installing your package using the SUDO_UID and SUDO_GID environment variables in the postflight script (and probably other scripts as well) when those scripts are executed as root due the admin or root authentication. This may help in finding the current local user home as well as the necessary permissions for files and folders installed there.


What is the best manner in which to do this...I am designing custom software
installs of all our used software with all customizations and
preferences...I install the apps, support files, and preferences (to the
template, and 2 local users).

So you are not looking at a general solution? I take it that you have a lab situation where multiple machines have the exact same users? In that case hard-coding paths to user home directories might be possible. But I haven't tried what happens.


If there is a problem IMHO it's probably not with Iceberg (or any other tool used to build the packages) but with the Installer.app unpacking your archive.


HTH Mike -- Mike Fischer Softwareentwicklung, EDV-Beratung Schulung, Vertrieb Web: <http://homepage.mac.com/mike_fischer/index.html> Note: I read this list in digest mode! Send me a private copy for faster responses.

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


  • Prev by Date: Re: privilage exception raised during execution
  • Next by Date: Re: Admin authorization vs Root authorization
  • Previous by thread: Re: Admin authorization vs Root authorization
  • Next by thread: Mac OS X 10.4.7 & Relocatable packages
  • Index(es):
    • Date
    • Thread