Re: Bridging Installer Plug in and PostInstall , debugging
Re: Bridging Installer Plug in and PostInstall , debugging
- Subject: Re: Bridging Installer Plug in and PostInstall , debugging
- From: Colin Ryan <email@hidden>
- Date: Mon, 24 Sep 2018 13:46:00 -0400
Folks,
Update: Figured out how to use a semaphore controlled series of
NSSessionDataTasks and NSURLSessions to to the HTTPS based verification
sequences I needed.
However the challenge of getting this "verified" data to my postinstall
script is still looming. Obviously I'd prefer to not just write a file
to /private/tmp and all reading I've done in addition to Stephane's
comments to me seem to indicate there is not way to use the
Installer.app's INSTALLER_TMP and SECURE_TMP for this. Calling
NSTemporaryDirectory with in plug-in creates it's own /var/private/....
that is different than the ENV variables available to the postinstall
script.
Another fellow suggested running the task with privileges from the
Installer Plug-In itself, but this leads to a area of fair complexity
ranging from using launchd to NSTask calls to sudo etc etc.
Then again even if I figured out the best approach for that I need to
run the script that is embedded in the installer bundle.
So
a) Any suggestions as to best execute a script with elevated privileges
- the script itself is fairly secure..all paths are hard coded, there
are no user inputs for paths or content, no forking or anything like
that - on a one time basis.
b) What is the path for a script from the viewpoint of the Installer
Plug-In when the script is in the bundle.
Sorry for the begging off, but as mentioned before, getting this deep
into Obj-C just to get this done has been....entertaining to say the
least...
Cheers
Colin
On 2018-09-05 6:05 PM, Colin Ryan wrote:
Stephane,
Yes thanks for this, between another couple of fellows I figured it out.
Follow on question was I was hoping to use the INSTALLER_TEMP or
SECURE_TEMP directories to get some sensitive ephemeral data to my
postinstall scripts..any idea how to get a file or directory handle on
these from within a plug-in.
Thanks all for your responses.
Colin
On 2018-09-05 5:11 PM, Stephane Sudre wrote:
Longer answer now that I have access to a productive device:
To be able to debug the Installer.app application (and therefore the
loaded plugin), you would need to disable SIP on the Mac. Here is what
you see when you try to debug the Installer.app application directly
with lldb.
-------8<--------8<--------8<--------8<--------8<--------8<--------
$ lldb
/System/Library/CoreServices/Installer.app/Contents/MacOS/Installer
(lldb) target create
"/System/Library/CoreServices/Installer.app/Contents/MacOS/Installer"
Current executable set to
'/System/Library/CoreServices/Installer.app/Contents/MacOS/Installer'
(x86_64).
(lldb) run
error: process exited with status -1 (cannot attach to process due to
System Integrity Protection)
-------8<--------8<--------8<--------8<--------8<--------8<--------
On Wed, Sep 5, 2018 at 1:10 PM, dev.iceberg <email@hidden>
wrote:
You would need to disable SIP.
Envoyé de mon iPhone
Le 4 sept. 2018 à 21:41, Colin Ryan <email@hidden> a écrit :
Folks,
I've used Packages for a number of years and thing it's a great
tool. I currently have a new need that I'm stuck on. I've scoured
the resources I could find regarding Installer Plug-Ins and have
managed to develop the framework for a basic Installer plug in. But
I've come across a challenge, that I believe I know the solution
two but would like some input as to best approach.
Fundamentally I need the installer to request a site name, user and
password and then do a secure POST to a web site to get an
authentication token and then a subsequent file. I have mocked this
up with curl in a postinstall script.
a) Originally I was going to merely have the installer plug in
request the user input, but I don't see how to pass this data to
the postinstall script. My reading leads me to believe I will need
to pass this data via temporary file. I see the various shell
environment variables available to the postinstall script but am
uncertain how to grab a handle on this same temporary directories
within the plug-in itself. For example the environment variable for
SHARED_INSTALLER_TEMP or INSTALLER_SECURE_TEMP are available to my
postinstall, but how are these referred to in the actual Plug-In?
b) Or I can do all the URL stuff in the plug-in, dump the file to a
temporary directory and then have my postinstall merely do the
final copy and move into the users directories etc, but again I
face the same issue as above.
And finally as an aside, is it possible to debug the plug-in
somehow. I've tried adding the Installer.app to the debug
executable in the XCode scheme but can't seem to get the debugger
to stop on my break points so I can investigate the stack,
variables etc within the plug-in. If I could see this information
a) might be obvious to me and if I do b) I will for certain need to
be able to debug it. The Installer.app opens and prompts me to open
a file but it won't let me open just the plug-in bundle, it want's
me to open the Test .pkg I've made with Packages (with the plug-in
installed), and even so no debugging.
Thanks
Colin Ryan
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden