Re: Permissions are driving me crazy!
Re: Permissions are driving me crazy!
- Subject: Re: Permissions are driving me crazy!
- From: Greg Neagle <email@hidden>
- Date: Sat, 15 Mar 2014 12:22:02 -0700
On Mar 15, 2014, at 11:59 AM, Edward Spiegel <email@hidden> wrote:
> HI all,
>
> I am a Packages newbie. In the past, we used FileStorm for our installers (which are quite simple) but are switching to Packages so that we can have GateKeeper-compatible installers.
>
> My installer installs a folder "MyApp Folder" into /Applications. The folder contains the app and a couple of folders of resources. The source files and folders all have permissions set so that myuser (the same as the user building the installer is the owner) has read/write permissions, admin group has read/write permissions and everyone has read-only.
Why? Applications should not store user data in /Applications, and therefore should not need write rights to /Applications or any subfolder thereof.
> With FileStorm, an installer like this would end up creating a folder and contents that had the same permissions as the source files/folders with the owner being whoever ran the installer.
>
> If I build the installer with require admin permissions off, the install fails (presumably because a non-admin user doesn't have permission to create a folder in /Applications).
Correct.
> If I build the installer with require admin permissions on, if a non-admin user runs the installer there are two problems:
> 1) the resulting files/folders don't have read/write permission for the person that installed the software
This is expected and normal. You'll notice that the normal owner is root, the group is admin or wheel, and the mode is 755.
> 2) Admin group does not have permissions. So, not even an Admin user has read/write permission for the contents.
Again, expected and normal.
> Note that in Packages, I set the group to admin with all permissions on for the payload. So, I have no idea why Admin group is being stripped.
Almost certainly Packages is applying the recommended permissions. If you select "Overwrite directory permissions" in the project settings you might get the behavior you want, but at some risk.
> The solution may be obvious to people with more experience. I have tried every combination of settings with no luck building an installer that will work for a non-admin user.
Non-admins cannot install to /Applications. This is normal, expected behavior on OS X. Either install to the user's home folder (in ~/Applications), or require admin to install in /Applications.
> Any help would be much appreciated. Just need to know how to start with a source folder and contents that have the owner with read/write, admin group read/write and everyone read and end up with installed files/folders that have the same permissions.
It's not clear why you need this. This is not standard. When the OS is fighting what you are trying to do, there is often a reason...
You can almost certainly get the behavior you want, but there are reasons the OS doesn't want to help you with this.
>
> Thank you for your help,
>
> Edward
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden