Skip to main content
Question

Auditing Installers?

  • February 11, 2015
  • 6 replies
  • 23 views
U
Forum|alt.badge.img+5

How are people auditing there installers? How do people track down this file system object was installed by this or these installers? We are using radmind, to manage the OS and software distribution and we can quickly and easily track down what installed a file system object. Seems like this is a big challenge with package distribution systems, unless you use a tool like tool like "the luggage"?

https://github.com/unixorn/luggage

But, it would be a separate systems with little integration with the Casper Suite.

    6 replies

    C
    Forum|alt.badge.img+9
    • cvgs
    • Contributor
    • February 12, 2015

    Well, to audit your own installers you are best off by using luggage or autopkg; Composer doesn't help you there in any way. For other people's installers, you use Pacifist and the "Suspicious Package" QuickLook-Plugin.

    And by using pkgutil --file-info /my/path you can determine (with varying accuracy, and without taking pre/postflight scripts into account) which package is responsible for which file.

    All of that is happening besides the Casper Suite, which is just responsible for deploying the package.

    S
    Forum|alt.badge.img+4
    • Swift
    • Contributor
    • February 13, 2015

    Interesting that you should mention Radmind in conjunction with package distribution.

    I have a set of scripts (RADrepkg) that allow you to create an OSX installation package of file system changes since a defined snapshot. The scripts make use of the Radmind Tools, however you don't need to have a radmind server or any kind of Radmind setup to run the scripts.

    RADrepkg can be downloaded here:
    http://sourceforge.net/projects/radrepkg/

    I also currently use Radmind as a deployment method. I wrote the scripts so I could convert all my existing Radmind deployment transcripts into deployable packages - to give me the option of moving to a package-based deployment tool if I should ever need to.

    The RADrepkg scripts work just as well for packaging up changes to the filesystem - so I guess they could be used as free alternatives to the other software mentioned here.

    U
    Forum|alt.badge.img+5
    • uurazzle
    • Author
    • Contributor
    • January 7, 2016

    Hello @Swift:

    Thanks for sharing we are in the process of migrating from radmind to JAMF and in the process need to migrate radmind transcript to install packages. So, this will be very useful.

    U
    Forum|alt.badge.img+5
    • uurazzle
    • Author
    • Contributor
    • January 7, 2016

    Hello @Swift:

    @Swift That repository scares me. (1) it’s hosted on SourceForge (bad news bears), (2) none of the code is immediately visible under the “code” tab, and (3) the only way to get the code is to download a zip file (!!!) and extract it.

    Is there anyway to see the code for review? Or get a non-zip file download?

    bpavlov
    Forum|alt.badge.img+18
    • bpavlov
    • Esteemed Contributor
    • January 7, 2016

    @uurazzle Just a tip, but if you want to notify someone, tag them with an @ sign followed by their username. Like this @Swift

    U
    Forum|alt.badge.img+5
    • uurazzle
    • Author
    • Contributor
    • January 7, 2016

    @bpavlov thanks for the tip.

    Terms & ConditionsCookie settingsAccessibility statement