site_archiver@lists.apple.com Delivered-To: installer-dev@lists.apple.com User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 For example from within the Plugin the following is the TMPDIR /var/folders/2g/84l654h904bc1n8hcbhngb3w0000gn/T/ exec:@"/var/folders/2g/84l654h904bc1n8hcbhngb3w0000gn/T/com.apple.install.jDYLoE3z/AnywhereLANRetriever.bundle/Contents/Resources/myscript"; Thoughts, confirmations on my understandings? Thanks to all Colin On 2018-09-24 1:46 PM, Colin Ryan wrote: Folks, So Cheers Colin On 2018-09-05 6:05 PM, Colin Ryan wrote: Stephane, Yes thanks for this, between another couple of fellows I figured it out. Thanks all for your responses. Colin On 2018-09-05 5:11 PM, Stephane Sudre wrote: Longer answer now that I have access to a productive device: To be able to debug the Installer.app application (and therefore the loaded plugin), you would need to disable SIP on the Mac. Here is what you see when you try to debug the Installer.app application directly with lldb. -------8<--------8<--------8<--------8<--------8<--------8<-------- (lldb) target create "/System/Library/CoreServices/Installer.app/Contents/MacOS/Installer" Current executable set to '/System/Library/CoreServices/Installer.app/Contents/MacOS/Installer' (x86_64). (lldb) run error: process exited with status -1 (cannot attach to process due to System Integrity Protection) -------8<--------8<--------8<--------8<--------8<--------8<-------- You would need to disable SIP. Envoyé de mon iPhone Le 4 sept. 2018 à 21:41, Colin Ryan <colinr@caveo.ca> a écrit : Folks, Thanks Colin Ryan _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: This email sent to dev.iceberg@gmail.com _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list      (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/installer-dev/colinr%40caveo.ca This email sent to colinr@caveo.ca _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list      (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/installer-dev/colinr%40caveo.ca This email sent to colinr@caveo.ca _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.... This email sent to site_archiver@lists.apple.com Ok, I'm befuddled, it really seems that the Installer API provides no tools for interacting with the other elements of the Installer process. I can't seem to reference the Installer app's various temporary directories via process environment, forked shell or anything...frankly seems terribly limiting..oh well, it's almost like the plug-in runs as it's own independent executable. So one last question before as far as I can see I'll have to use /private/tmp (yuck) as a data transfer point. If I put a script into the PlugIn bundle itself does anyone know if there is a virtualized/abstracted path to it when it resides when it's running. If I debug the plugin and look in the TMPDIR of the bundle while it's running the script is there, but alas, while I know the base path of the temporary directory there seems to be no method w.r.t to the next hop in the path to which I could define an exec path to the script. However the com.apple.install.JDYLE3z component doesn't seem to have a root in reality anywhere, i.e. process PID or anything so I can't programmatically to for example (exec is just an illustration). Someone had mentioned using Library/Application Support versus /private/tmp...but again I can't seem to find a way to determine where that would be inside the plug-in, unless of course one hard codes it somehow. Update: Figured out how to use a semaphore controlled series of NSSessionDataTasks and NSURLSessions to to the HTTPS based verification sequences I needed. However the challenge of getting this "verified" data to my postinstall script is still looming. Obviously I'd prefer to not just write a file to /private/tmp and all reading I've done in addition to Stephane's comments to me seem to indicate there is not way to use the Installer.app's INSTALLER_TMP and SECURE_TMP for this. Calling NSTemporaryDirectory with in plug-in creates it's own /var/private/.... that is different than the ENV variables available to the postinstall script. Another fellow suggested running the task with privileges from the Installer Plug-In itself, but this leads to a area of fair complexity ranging from using launchd to NSTask calls to sudo etc etc. Then again even if I figured out the best approach for that I need to run the script that is embedded in the installer bundle. a) Any suggestions as to best execute a script with elevated privileges - the script itself is fairly secure..all paths are hard coded, there are no user inputs for paths or content, no forking or anything like that - on a one time basis. b) What is the path for a script from the viewpoint of the Installer Plug-In when the script is in the bundle. Sorry for the begging off, but as mentioned before, getting this deep into Obj-C just to get this done has been....entertaining to say the least... Follow on question was I was hoping to use the INSTALLER_TEMP or SECURE_TEMP directories to get some sensitive ephemeral data to my postinstall scripts..any idea how to get a file or directory handle on these from within a plug-in. $ lldb /System/Library/CoreServices/Installer.app/Contents/MacOS/Installer On Wed, Sep 5, 2018 at 1:10 PM, dev.iceberg <dev.iceberg@gmail.com> wrote: I've used Packages for a number of years and thing it's a great tool. I currently have a new need that I'm stuck on. I've scoured the resources I could find regarding Installer Plug-Ins and have managed to develop the framework for a basic Installer plug in. But I've come across a challenge, that I believe I know the solution two but would like some input as to best approach. Fundamentally I need the installer to request a site name, user and password and then do a secure POST to a web site to get an authentication token and then a subsequent file. I have mocked this up with curl in a postinstall script. a) Originally I was going to merely have the installer plug in request the user input, but I don't see how to pass this data to the postinstall script. My reading leads me to believe I will need to pass this data via temporary file. I see the various shell environment variables available to the postinstall script but am uncertain how to grab a handle on this same temporary directories within the plug-in itself. For example the environment variable for SHARED_INSTALLER_TEMP or INSTALLER_SECURE_TEMP are available to my postinstall, but how are these referred to in the actual Plug-In? b) Or I can do all the URL stuff in the plug-in, dump the file to a temporary directory and then have my postinstall merely do the final copy and move into the users directories etc, but again I face the same issue as above. And finally as an aside, is it possible to debug the plug-in somehow. I've tried adding the Installer.app to the debug executable in the XCode scheme but can't seem to get the debugger to stop on my break points so I can investigate the stack, variables etc within the plug-in. If I could see this information a) might be obvious to me and if I do b) I will for certain need to be able to debug it. The Installer.app opens and prompts me to open a file but it won't let me open just the plug-in bundle, it want's me to open the Test .pkg I've made with Packages (with the plug-in installed), and even so no debugging. https://lists.apple.com/mailman/options/installer-dev/dev.iceberg%40gmail.co...