-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathpkg-expand
executable file
·131 lines (95 loc) · 2.94 KB
/
pkg-expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#!/usr/bin/env zsh
# macos-scripts/pkg-expand
# pkg-expand
# Expands a package serches for embeded packes and expands them
# Searches for Bill of Material (Bom) files and reads them
set -uo pipefail
# -u prevent using undefined variables
# -o pipefail force pipelines to fail on first non-zero status code
IFS=$'\n\t'
# Set Internal Field Separator to newlines and tabs
# This makes bash consider newlines and tabs as separating words
# See: http://redsymbol.net/articles/unofficial-bash-strict-mode/
function usage {
echo -e "\\n Expands a package and any packages inside it"
echo " ./pkg-expand {.pkg}"
exit 0
}
function pkg_search {
while IFS=$'\n' read -r package; do
packages+=("${package}");
done < <(find "${expand_dir}" -name "*.pkg" -type f)
}
function unpack {
local embedded_pkg_name
declare -i counter=0
for package in "${packages[@]}"; do
embedded_pkg_name="$(basename "${package}" | awk -F '.pkg' '{print $1}')"
if [[ "${embedded_pkg_name}" == "${pkg_name}" ]]; then
embedded_pkg_name="${embedded_pkg_name}-${counter}"
counter=+1
fi
pkgutil --expand-full "${package}" "${expand_dir}/${embedded_pkg_name}"
done
}
function bom_search {
while IFS=$'\n' read -r bom; do
boms+=("${bom}");
done < <(find "${expand_dir}" -name "Bom" -type f)
}
function bom_read {
local pkg_name
for bom in "${boms[@]}"; do
pkg_name=$(echo "${bom}" | awk -F '/' '{print $(NF-1)}' | tr -d '.pkg')
lsbom "${bom}" > "${expand_dir}/${pkg_name}-Bom"
done
}
function find_preinstall {
while IFS=$'\n' read -r preinstall; do
preinstall_scripts+=("${preinstall}");
done < <(find "${expand_dir}" -name 'preinstall' -type f)
}
function check_preinstall {
for script in "${preinstall_scripts[@]}"; do
echo "Checking ${script}"
grep -ni "cp /tmp" "${script}"
grep -ni "chmod 777 /Applications" "${script}"
grep -ni "chown root:admin /Applications/" "${script}"
done
}
function find_postinstall {
while IFS=$'\n' read -r postinstall; do
postinstall_scripts+=("${postinstall}");
done < <(find "${expand_dir}" -name 'postinstall' -type f)
}
function check_postinstall {
for script in "${postinstall_scripts[@]}"; do
echo "Checking ${script}"
grep -ni "cp /tmp" "${script}"
grep -ni "chmod 777 /Applications" "${script}"
grep -ni "chown root:admin /Applications/" "${script}"
done
}
function main {
declare -a packages
declare -a boms
declare -a preinstall_scripts
declare -a postinstall_scripts
arg=${1:-"usage"}
if [[ "${arg}" =~ ^(usage|help|-h|--help|🤷♂️|🤷♀️|"¯\_(ツ)_/¯")$ ]]; then
usage
fi
pkg_name=$(basename "${arg}" | awk -F '.pkg' '{print $1}')
readonly expand_dir="/tmp/${pkg_name}"
mkdir "${expand_dir}"
pkgutil --expand-full "${arg}" "${expand_dir}/${pkg_name}"
pkg_search
unpack
bom_search
bom_read
find_preinstall
find_postinstall
check_preinstall
check_postinstall
}
main "$@"