[MacPorts] #66878: Crowdstrike (security scanner) freaks out when the package installer runs

MacPorts noreply at macports.org
Thu Feb 9 17:15:27 UTC 2023


#66878: Crowdstrike (security scanner) freaks out when the package installer runs
-----------------------+--------------------
 Reporter:  chrisridd  |      Owner:  (none)
     Type:  defect     |     Status:  new
 Priority:  Normal     |  Milestone:
Component:  base       |    Version:  2.8.1
 Keywords:             |       Port:
-----------------------+--------------------
 Our IT folks use some software called Crowdstrike to protect our Macs.

 I don't know if the package installer script has changed recently, or if
 Crowdstrike's become more sensitive, but installing the
 MacPorts-2.8.1-13-Ventura.pkg just now caused Crowdstrike to freak out and
 kill the script.

 Maybe there's another way to do what the installer's doing without
 upsetting Crowdstrike? Or maybe MacPorts can ask Crowdstrike to whitelist
 this particular script?

 I am attaching a screenshot of the Crowdstrike error.

 The script it is complaining about is this:

 {{{
 /bin/sh -c if test -n "/usr/bin/dscl" -a -n "/usr/sbin/dseditgroup" ; then
 if ! /usr/bin/dscl -q . -read "/Groups/macports" > /dev/null 2>&1 ; then
 if test `id -u` -eq 0; then echo "Creating group \"macports\"" ;
 /usr/sbin/dseditgroup -q -o create "macports" ; else echo "Not creating
 group \"macports\" (not root)" ; fi ; fi ; if ! /usr/bin/dscl -q . -list
 "/Users/macports" > /dev/null 2>&1 ; then if test `id -u` -eq 0; then echo
 "Creating user \"macports\"" ; NEXTUID=501; while test -n "`/usr/bin/dscl
 -q /Search -search /Users UniqueID $NEXTUID`"; do let "NEXTUID=NEXTUID+1";
 done; /usr/bin/dscl -q . -create "/Users/macports" UniqueID $NEXTUID ;
 /usr/bin/dscl -q . -delete "/Users/macports" AuthenticationAuthority ;
 /usr/bin/dscl -q . -delete "/Users/macports" PasswordPolicyOptions ;
 /usr/bin/dscl -q . -delete "/Users/macports" dsAttrTypeNative:KerberosKeys
 ; /usr/bin/dscl -q . -delete "/Users/macports"
 dsAttrTypeNative:ShadowHashData ; /usr/bin/dscl -q . -create
 "/Users/macports" RealName MacPorts ; /usr/bin/dscl -q . -create
 "/Users/macports" Password \* ; /usr/bin/dscl -q . -create
 "/Users/macports" PrimaryGroupID $(/usr/bin/dscl -q . -read
 "/Groups/macports" PrimaryGroupID | /usr/bin/awk '{print $2}') ;
 /usr/bin/dscl -q . -create "/Users/macports" NFSHomeDirectory
 "/opt/local/var/macports/home" ; /usr/bin/dscl -q . -create
 "/Users/macports" UserShell /usr/bin/false ; else echo "Not creating user
 \"macports\" (not root)" ; fi ; fi ; if test "$(/usr/bin/dscl -q . -read
 "/Users/macports" NFSHomeDirectory)" = "NFSHomeDirectory: /var/empty" ;
 then if test `id -u` -eq 0; then echo "Updating home directory location
 for user \"macports\"" ; /usr/bin/dscl -q . -create "/Users/macports"
 NFSHomeDirectory "/opt/local/var/macports/home" ; else echo "Not updating
 home directory location for user \"macports\" (not root)" ; fi ; fi ; if
 test "22" -eq 8 -a `id -u` -eq 0; then GID=`/usr/bin/dscl -q . -read
 "/Groups/macports" PrimaryGroupID | /usr/bin/awk '{print $2}'` ; if test
 "`/usr/bin/dscl -q . -read "/Users/macports" PrimaryGroupID 2>/dev/null |
 /usr/bin/awk '{print $2}'`" != "$GID"; then echo "Fixing PrimaryGroupID
 for user \"macports\"" ; /usr/bin/dscl -q . -create "/Users/macports"
 PrimaryGroupID $GID ; /usr/bin/dscl -q . -create "/Users/macports"
 RealName MacPorts ; fi ; fi ; else echo "Can't find /usr/bin/dscl /
 /usr/sbin/dseditgroup, not creating user \"macports\"" ; fi
 }}}

-- 
Ticket URL: <https://trac.macports.org/ticket/66878>
MacPorts <https://www.macports.org/>
Ports system for macOS


More information about the macports-tickets mailing list