[MacPorts] #66878: Crowdstrike (security scanner) freaks out when the package installer runs
MacPorts
noreply at macports.org
Thu Feb 9 17:15:27 UTC 2023
#66878: Crowdstrike (security scanner) freaks out when the package installer runs
-----------------------+--------------------
Reporter: chrisridd | Owner: (none)
Type: defect | Status: new
Priority: Normal | Milestone:
Component: base | Version: 2.8.1
Keywords: | Port:
-----------------------+--------------------
Our IT folks use some software called Crowdstrike to protect our Macs.
I don't know if the package installer script has changed recently, or if
Crowdstrike's become more sensitive, but installing the
MacPorts-2.8.1-13-Ventura.pkg just now caused Crowdstrike to freak out and
kill the script.
Maybe there's another way to do what the installer's doing without
upsetting Crowdstrike? Or maybe MacPorts can ask Crowdstrike to whitelist
this particular script?
I am attaching a screenshot of the Crowdstrike error.
The script it is complaining about is this:
{{{
/bin/sh -c if test -n "/usr/bin/dscl" -a -n "/usr/sbin/dseditgroup" ; then
if ! /usr/bin/dscl -q . -read "/Groups/macports" > /dev/null 2>&1 ; then
if test `id -u` -eq 0; then echo "Creating group \"macports\"" ;
/usr/sbin/dseditgroup -q -o create "macports" ; else echo "Not creating
group \"macports\" (not root)" ; fi ; fi ; if ! /usr/bin/dscl -q . -list
"/Users/macports" > /dev/null 2>&1 ; then if test `id -u` -eq 0; then echo
"Creating user \"macports\"" ; NEXTUID=501; while test -n "`/usr/bin/dscl
-q /Search -search /Users UniqueID $NEXTUID`"; do let "NEXTUID=NEXTUID+1";
done; /usr/bin/dscl -q . -create "/Users/macports" UniqueID $NEXTUID ;
/usr/bin/dscl -q . -delete "/Users/macports" AuthenticationAuthority ;
/usr/bin/dscl -q . -delete "/Users/macports" PasswordPolicyOptions ;
/usr/bin/dscl -q . -delete "/Users/macports" dsAttrTypeNative:KerberosKeys
; /usr/bin/dscl -q . -delete "/Users/macports"
dsAttrTypeNative:ShadowHashData ; /usr/bin/dscl -q . -create
"/Users/macports" RealName MacPorts ; /usr/bin/dscl -q . -create
"/Users/macports" Password \* ; /usr/bin/dscl -q . -create
"/Users/macports" PrimaryGroupID $(/usr/bin/dscl -q . -read
"/Groups/macports" PrimaryGroupID | /usr/bin/awk '{print $2}') ;
/usr/bin/dscl -q . -create "/Users/macports" NFSHomeDirectory
"/opt/local/var/macports/home" ; /usr/bin/dscl -q . -create
"/Users/macports" UserShell /usr/bin/false ; else echo "Not creating user
\"macports\" (not root)" ; fi ; fi ; if test "$(/usr/bin/dscl -q . -read
"/Users/macports" NFSHomeDirectory)" = "NFSHomeDirectory: /var/empty" ;
then if test `id -u` -eq 0; then echo "Updating home directory location
for user \"macports\"" ; /usr/bin/dscl -q . -create "/Users/macports"
NFSHomeDirectory "/opt/local/var/macports/home" ; else echo "Not updating
home directory location for user \"macports\" (not root)" ; fi ; fi ; if
test "22" -eq 8 -a `id -u` -eq 0; then GID=`/usr/bin/dscl -q . -read
"/Groups/macports" PrimaryGroupID | /usr/bin/awk '{print $2}'` ; if test
"`/usr/bin/dscl -q . -read "/Users/macports" PrimaryGroupID 2>/dev/null |
/usr/bin/awk '{print $2}'`" != "$GID"; then echo "Fixing PrimaryGroupID
for user \"macports\"" ; /usr/bin/dscl -q . -create "/Users/macports"
PrimaryGroupID $GID ; /usr/bin/dscl -q . -create "/Users/macports"
RealName MacPorts ; fi ; fi ; else echo "Can't find /usr/bin/dscl /
/usr/sbin/dseditgroup, not creating user \"macports\"" ; fi
}}}
--
Ticket URL: <https://trac.macports.org/ticket/66878>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list