On Mar 2, 2012, at 4:02 PM, Stephane Sudre wrote: On Fri, Mar 2, 2012 at 7:03 AM, Michael Babin < email@hidden> wrote: Currently, I have a bundle package (metapackage, 10.4 style distribution) with a "Result of script" requirement. I'm investigating what changes will be required so that the installer package can be digitally signed (in anticipation of Gatekeeper).
The question and answer yesterday about digital signing requiring a flat package or distribution answers one of my questions. Thanks for the timely confirmation.
The other question I have regards the ability to use a "Result of script" requirement for a flat distribution. From my reading and my experience in trying to make it work, it would seem that it is not possible to successfully embed and run a script as a distribution requirement for a flat distribution. I'm looking for confirmation that this is not possible before moving on to explore other approaches.
Using an embedded script is only supported by Installer.app (or installer or installd) in Mac OS X 10.6 and later.
Let me point out a distinction here: You can always run any executable program as part of your installation "preflight" and "postflight."
However, it's difficult (on purpose) to run an executable program during the "InstallationCheck" and "VolumeCheck" part of your installation. Here's why:
There's a rule of Installers for Mac OS X: They are not supposed to change the user's computer until the user clicks "Install."
When the Installer is running the Distribution code, that code is _javascript_. Apple set up the _javascript_ environment so that the Distribution would not be able to modify the user's computer.
However, there are some things that the _javascript_ cannot do. For instance, maybe you have to run a unix executable to go look up some information to decide what should be installed. (Simple case: You are installing a unix program, and to find out its version, you have to get the result of the shell command myprogram --version)
In order to allow that, you use the _javascript_ command system.run. It is documented on page 31 of the Installer _javascript_ Reference.
HOWEVER THIS IS IMPORTANT AND YOU SHOULD READ IT AND PAY ATTENTION AND SWEAR TO TAKE IT TO HEART
Using sytem.run means that you could accidentally change the user's computer before they've even clicked "Install." That would be so uncool.
If there is any way to avoid using it, DO NOT USE IT. Apple has gone to rather interesting extremes to avoid using it.
Note that if you do use it, your user will see a scary dialog saying "This installer must run a program in order to decide if installation can proceed."
So, you can use it. But please do not, unless you have to.
I
|