Portfile magic / xinstall usage / defect?

Frank Stock fstock at bytelightning.com
Sun Dec 10 05:33:57 UTC 2023 

>a config option for pkgbuild or something

Perhaps I’m overcomplicating or missing a simple answer, but…

My understanding is that file (and directory) *mode* is fine, but ownership has a nasty gotcha.

pkgbuild (and tar for that matter) have options for preserving ownership by id. 
tar can optionally preserve by name, but *if* pkgbuild supports name it is not documented. 

Importantly…
uid/gid is not stable across machines.  MacPorts for instance just uses the next available id when it creates a new user or group (via add_users).

So…
If you untar on a target that does not have matching names, tar falls back to the ids *regardless* of whether there is an actual user/group for that id on the machine (now the file is owned by an account that does not exist).  
It is unclear what pkgbuild does.  
My own experience is that it does not store names, defaults to root:wheel, and even if you specified ids it still falls back to root:wheel when it can’t find the id.

Worse the ids may exist but be mapped to *privileged* accounts!  Resulting in “restricted” software you thought you were installing, possibly having elevated privileges.

Its nasty, but not surprising as propagating real-name, home directory, and say group members is not feasible.

So every macOS installer that expect certain ownership, needs a pre/post install script that ensures the expected users exist (or create them).  It should then explicitly set ownership of files with non-default ownership.

There is a thread somewhere in the MacPorts mailing list archives that touches on this topic and its what initially led me to dig deeper.

* Before I clutter up the mailing list anymore, I’ll pause and take a breath :-) to see if anyone has a simple solution.
If not I’ll go ahead and propose an outline/plan for a PR.

-Frank


> On Dec 9, 2023, at 8:51 PM, Joshua Root <jmr at macports.org> wrote:
> 
> (Moving to macports-dev)
> 
> Frank Stock wrote:
> 
>> My main focus is .pkg component installers targeting systems where a development toolchain is not realistic.
>> 
>> * Do you think it would be possible to use mtree and add_users data to generate code for a postinstall script handling user/group creation and file ownership?
>> 
>> * If so, would there be any interest from the MacPorts team in a pull request for that?
> 
> So it sounds like you're saying that file ownership is not currently preserved by 'port pkg'? :)
> 
> Yes, a reasonable PR to fix that would most likely be accepted. However I don't think a postinstall script would be required, I'm pretty sure it would just be a config option for pkgbuild or something.
> 
> - Josh
>

More information about the macports-dev mailing list