Auditing Installers?

uurazzle
Contributor II

How are people auditing there installers? How do people track down this file system object was installed by this or these installers? We are using radmind, to manage the OS and software distribution and we can quickly and easily track down what installed a file system object. Seems like this is a big challenge with package distribution systems, unless you use a tool like tool like "the luggage"?

https://github.com/unixorn/luggage

But, it would be a separate systems with little integration with the Casper Suite.

6 REPLIES 6

cvgs
Contributor II

Well, to audit your own installers you are best off by using luggage or autopkg; Composer doesn't help you there in any way. For other people's installers, you use Pacifist and the "Suspicious Package" QuickLook-Plugin.

And by using pkgutil --file-info /my/path you can determine (with varying accuracy, and without taking pre/postflight scripts into account) which package is responsible for which file.

All of that is happening besides the Casper Suite, which is just responsible for deploying the package.

Swift
New Contributor II

Interesting that you should mention Radmind in conjunction with package distribution.

I have a set of scripts (RADrepkg) that allow you to create an OSX installation package of file system changes since a defined snapshot. The scripts make use of the Radmind Tools, however you don't need to have a radmind server or any kind of Radmind setup to run the scripts.

RADrepkg can be downloaded here:
http://sourceforge.net/projects/radrepkg/

I also currently use Radmind as a deployment method. I wrote the scripts so I could convert all my existing Radmind deployment transcripts into deployable packages - to give me the option of moving to a package-based deployment tool if I should ever need to.

The RADrepkg scripts work just as well for packaging up changes to the filesystem - so I guess they could be used as free alternatives to the other software mentioned here.

uurazzle
Contributor II

Hello @Swift:

Thanks for sharing we are in the process of migrating from radmind to JAMF and in the process need to migrate radmind transcript to install packages. So, this will be very useful.

uurazzle
Contributor II

Hello @Swift:

@Swift That repository scares me. (1) it’s hosted on SourceForge (bad news bears), (2) none of the code is immediately visible under the “code” tab, and (3) the only way to get the code is to download a zip file (!!!) and extract it.

Is there anyway to see the code for review? Or get a non-zip file download?

bpavlov
Honored Contributor

@uurazzle Just a tip, but if you want to notify someone, tag them with an @ sign followed by their username. Like this @Swift

uurazzle
Contributor II

@bpavlov thanks for the tip.