TweetFollow Us on Twitter

MacEnterprise: Packaging for System Administrators

Volume Number: 25
Issue Number: 03
Column Tag: MacEnterprise

MacEnterprise: Packaging for System Administrators

Building Installer packages for software distribution

by Greg Neagle, MacEnterprise.org

Introduction

In an earlier MacTech article, we discussed reasons Mac OS X systems administrators might need to package or repackage software for deployment in their organization. Some common reasons are:

Repackaging into a format compatible with your distribution mechanism

Repackaging software that won't install "silently" (i.e., prompts the user for info, or launches GUI applications)

Capturing organization-specific changes (licensing, configuration) into a package

Packaging third-party software that is distributed without an Installer package

Packaging internally-developed software or tools

We mentioned several packaging tools, and detailed two repackaging examples using LANrev's InstallEase. The first example was using drag-and-drop to build a installer package for Firefox. The second example used filesystem snapshots to build a package for TextWrangler and its command-line tools.

More Packaging Tools

LANrev's InstallEase is a very easy to use packaging utility, as you might have seen from the earlier article. But it actually relies on other packaging tools to do the "heavy lifting." In order to actually create the final package, you must have either Apple's PackageMaker, or Stéphan Sudre's Iceberg installed. In the case of PackageMaker, InstallEase uses it behind the scenes, and so you never have to directly use PackageMaker if you do not want to. With Iceberg, you save an Iceberg project from InstallEase, and then open that project file with Iceberg to finish building the package.

Why move beyond InstallEase? With InstallEase, you have very little control over things like the package bundle ID (which you might want to use to identify your company), or settings like requiring a restart after install. There's no way to specify a custom read me, license agreement or other user interface settings. For automated installs, none of these features may matter, but for a package you intend to have end-users manually install, you may want more control.

PackageMaker

To gain that additional control, we'll look at PacakgeMaker, Apple's packaging utility. PackageMaker is available with Apple's Xcode developer tools, and also as part of the Server Administration Software. New in version 3 is the ability to find files to add to a package via "snapshot", or watching for file system changes. Let's quickly revisit our example of building a package for TextWrangler, this time using PackageMaker, and then look at some of PackageMaker's additional options.

If you haven't already, install PackageMaker by installing either Xcode 3 or the latest release of the Server Administration Tools from Apple. At the time of this writing, the URL for the Server Tools was:

http://www.apple.com/support/downloads/serveradmintools1055.html

Don't run the installer - PackageMaker is available in the Utilities folder on the disk image, ready to be dragged to your hard drive.

In order to play along at home with the example, also download the disk image for TextWrangler from:

http://www.barebones.com/products/textwrangler/download.html

and mount the image.

Getting Started

Open PackageMaker. You'll see an untitled project window, and a sheet asking for some basic info. Enter your organization identifier and choose a minimum OS target, as in Figure 1.


Figure 1. Specifying install properties

Creating a snapshot

We're going to use filesystem snapshots to build this package, so choose Add Snapshot Package... from the Project menu.


Figure 2. Adding a Snapshot Package

You'll have one last chance to get ready - if you haven't downloaded TextWrangler, do it now.


Figure 3. Starting the snapshot

Click Start to begin. Install TextWrangler from the disk image by dragging it to the Applications folder. To install the command-line tools, launch TextWrangler and agree when it asks if you want the current versions of edit and twdiff, authenticating as an administrator when asked. This, of course, is the reason we're building this package: we can then use our software distribution tool to install the TextWrangler application and its command-line tools without having to bother the user with the requests to install the command-line tools.

Once you are done with the install tasks, return to PackageMaker and click Stop.



Figures 4-5. Stopping the snapshot

Click Next to proceed.


Figure 6. Filtering snapshot items

You'll see a tree view of files and directories that were modified between the time you clicked Start and the time you clicked Stop. InstallEase has a configurable filter to ignore certain directories and files; PackageMaker does not, so you'll have a larger number of unwanted files and directories to wade through and uncheck. In the example shown in Figure 6, you'd want to uncheck /Applications/.DS_Store, and the entire tree under /Library, as these are not part of the actual install. The snapshot also captured several log files in /private/var/log, other items in my home directory, and more. You'll need to examine the list of captured items carefully and remove those that are not relevant to the installation. Give the snapshot a title and click Save.

Configuring the package


Figure 7. Package configuration

We can now start to customize the package. In the example shown in Figure 7, I've given it a title, and added a description.

Under Install Destination, you'll see three choices. In most cases, Volume selected by user is the best choice, especially if you will be using this package to install software on a non-booted volume, like when using the InstaDMG method of creating installation images. If you want non-admin users to be able to install the software, and it does not require anything to be installed in the System domain, you can check User home directory. This would be an unusual choice in most managed enterprise environments, though.

You can see the contents we captured with the snapshot in the left column under Contents. Turn the disclosure triangle down to see detail on the contents. See Figure 8 for an example.


Figure 8. Configuring the snapshot package

We can further customize the install under the Configuration tab for the snapshot contents. We can give the package an identifier and version, specify a restart action, and indicate if admin authentication is needed. This particular install does not need a restart, but you could choose to require a logout, recommend a restart, require a restart, or require a shutdown. (The only type of installation I can think of that would require a shutdown would be a firmware update that requires the user to hold down the power button on the subsequent startup.) Since this package installs items in /Applications, /usr/bin, and /usr/share/man, it will need admin authentication. Very few installation packages will not need admin authentication unless they install items in the user's home folder or in /Users/Shared, as these areas are modifiable by standard users.

Let's proceed to the Contents tab.


Figure 9. Editing the contents

In Figure 9, we can see all the items that will be installed. I've turned down several of the disclosure triangles so we can see more of the items. There are some changes that should be made. You'll see that the TextWrangler application is owned by gneagle. If we're going to install this on multiple machines, we'll want to change the ownership to root. We had to do the same thing when packaging with InstallEase, going through each file one-by-one and changing the ownership and permissions. PackageMaker has what might look like a handy shortcut: the Apply Recommendations button. If you were to click it, PackageMaker will go through all the items in your project, applying its recommended permissions and ownership. In my experience, the ownership and permissions it applies end up causing warnings later in the build process. It seems to just blindly set owner to root, group to admin, and permissions to 775 or 664. These are generally fine for things in /Applications, but cause warnings elsewhere in the filesystem - like in /usr/bin. So, sadly, you are probably better off fixing ownership and permissions manually.

If you discover you've accidentally included a file or directory you don't want installed, you can remove it from the contents by unchecking it in the contents list.

Next, we move to the Components tab.


Figure 10. Editing Component options

As shown in Figure 10, PackageMaker has identified the TextWrangler.app application bundle as a "component", and marked it as relocatable. This means that if after installation, a user with admin privileges moves the component somewhere else, that for future reinstalls or upgrades, Installer will search the disk for the component.

In most cases, for managed installs in an enterprise environment, I'd recommend that you disable this option. You as the OS X administrator know where you are going to install it and probably don't intend to move it around. Additionally, it slows down the install process as it scans the drive for the application, and there are some definite non-intuitive behaviors with this option in some configurations. It seems safest to turn this off unless you understand the implications and need the behavior.

The second checkbox, labeled Allow Downgrade, controls whether or not the Installer allows the user to install an older version of this component over a newer version. Most of the time, you would not want this, but if you are creating a package to downgrade an application because the newer version has problems in your environment, this might be a useful option.

We could also specify pre-installation and post-installation scripts to run at this point, but we don't need them for this project, so we'll leave the Scripts tab alone.

Editing the user interface

Let's look at an (optional) final task before building our package.

PackageMaker contains an interface editor to customize what the user sees when installing your package. If you are building packages that are to be installed silently in the background, you can safely ignore the user interface altogether. But if you are building packages you intend to be installed manually, you might want to customize the user interface.

Start by clicking the Edit Interface icon on the right side of the PackageMaker project window toolbar.


Figure 11. PackageMaker's Interface Editor

The Interface Editor will open, and will look like Figure 11. Here you can customize the background image and the Introduction, Read Me, License, and Finish Up messages, including adding localizations for languages other than English. Feel free to play with the various options. Once you are happy with your edits, close the editor and save the project.

Building the package

Now for the moment you've all been waiting for: building the actual package. If you haven't done so already, save the project. Click the Build icon in the project window toolbar. Give the package a name, choose a location, and click Save. You should see a progress indicator for a minute or less, and then something like Figure 12.


Figure 12. Build results

Though my build succeeded, there's one warning. I've turned down the disclosure triangle to read the warning, and I can click on the magnifying glass to be taken to where I can fix it.


Figure 13. "Spotlight"-style focus on the problem

In Figure 13, you can see that PackageMaker highlights the relevant control ala Spotlight in System Preferences. In this case, I needed to enter the destination - "/". Build again, and the warning should be gone.

If you wish, you can now open the built package in Installer and test it.

Wrap-up

This was a fairly typical example of building a simple Installer package. We took some third-party software that is distributed in a non-Apple Installer package format and did some post-install configuration tasks. We then used Apple's PackageMaker to capture the installed and modified files and build an Installer package. This example only scratches the surface of the many capabilities of PackageMaker. PackageMaker can build metapackages, new Leopard-style flat packages, and more. You can specify install requirements (like minimum available disk space, CPU type and speed), and optional installs, like user guides.

Though PackageMaker is a full-featured, powerful packaging tool, it also has some non-trivial issues. A key issue, in my experience and in the experience of other OS X systems administrators, is that PackageMaker has a hard time creating packages that have a large number of items. Many admins have seen PackageMaker crash or become unresponsive when trying to repackage Microsoft Office or the Adobe Creative Suite applications. This problem also occurs with the command-line version of PackageMaker, so other tools that build on or rely on PackageMaker will almost certainly have the same issue.

Workarounds for this issue include breaking the install into smaller packages that are then part of a metapackage, or using another tool like Iceberg. An attempted repackaging of Microsoft Office 2008 that failed for me using PackageMaker, both via the GUI and the command line, was successful using Iceberg.

A OS X administrator may need a variety of packaging tools at his or her disposal, since they all have their strengths and weaknesses. The good news is that you can get your feet wet with simpler tools, and as you need more capabilities, use heavier-duty (and more complicated) tools.


Greg Neagle is a member of the steering committee of the Mac OS X Enterprise Project (macenterprise.org) and is a senior systems engineer at a large animation studio. Greg has been working with the Mac since 1984, and with OS X since its release. He can be reached at gregneagle@mac.com.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Sibelius 2020.6 - Music notation solutio...
Sibelius is the world's best-selling music notation software for Mac. It is as intuitive to use as a pen, yet so powerful that it does most things in less than the blink of an eye. The demo includes... Read more
Bookends 13.4.2 - Reference management a...
Bookends is a full-featured bibliography/reference and information-management system for students and professionals. Bookends uses the cloud to sync reference libraries on all the Macs you use.... Read more
OmniGraffle Pro 7.16 - Create diagrams,...
OmniGraffle Pro helps you draw beautiful diagrams, family trees, flow charts, org charts, layouts, and (mathematically speaking) any other directed or non-directed graphs. We've had people use... Read more
Drive Genius 6.1.0 - $79.00
Drive Genius features a comprehensive Malware Scan. Automate your malware protection. Protect your investment from any threat. The Malware Scan is part of the automated DrivePulse utility. DrivePulse... Read more
Tor Browser 9.5 - Anonymize Web browsing...
The Tor Browser Bundle is an easy-to-use portable package of Tor, Vidalia, Torbutton, and a Firefox fork preconfigured to work together out of the box. It contains a modified copy of Firefox that... Read more
VueScan 9.7.28 - Scanner software with a...
VueScan is a scanning program that works with most high-quality flatbed and film scanners to produce scans that have excellent color fidelity and color balance. VueScan is easy to use, and has... Read more
OmniGraffle 7.16 - Create diagrams, flow...
OmniGraffle helps you draw beautiful diagrams, family trees, flow charts, org charts, layouts, and (mathematically speaking) any other directed or non-directed graphs. We've had people use Graffle to... Read more
WALTR 2 2.6.26 - $39.95
WALTR 2 helps you wirelessly drag-and-drop any music, ringtones, videos, PDF, and ePub files onto your iPhone, iPad, or iPod without iTunes. It is the second major version of Softorino's critically-... Read more
Airmail 4.1 - Powerful, minimal email cl...
Airmail is an mail client with fast performance and intuitive interaction. Support for iCloud, MS Exchange, Gmail, Google Apps, IMAP, POP3, Yahoo!, AOL, Outlook.com, Live.com. Airmail was designed... Read more
Iridient Developer 3.3.12 - Powerful ima...
Iridient Developer (was RAW Developer) is a powerful image-conversion application designed specifically for OS X. Iridient Developer gives advanced photographers total control over every aspect of... Read more

Latest Forum Discussions

See All

Willy Jetman: Astromonkey's Revenge...
Barcelona-based developer Last Chicken Games are set to bring their game Willy Jetman: Astromonkey's Revenge to both iOS and Android on 9th July. The Metroidvania is already available on the likes of PS4, Switch and PC but now mobile folk will be... | Read more »
The 5 Best Mobile Real Time Strategy Gam...
Real-time strategy games feel like they’d be a perfect fit for mobile, but they’re trickier to pull off that you might think. The traditional mold of base-building and micro management can work on touch screens, but needs to be carefully honed so... | Read more »
Using your phone in a protest
I can't write about games today. There is a struggle happening in the streets right now and it needs everyone's attention. Here's some good info on how you can use your iOS device safely amidst a protest. | Read more »
Dungonian is a card-based dungeon crawle...
Dungonian is a card-based dungeon crawler from developer SandFish Games that only recently launched as a free-to-play title. It offers an extensive roster of playable heroes to collect and enemies to take down, and it's available right now for iOS... | Read more »
Steam Link Spotlight - Signs of the Sojo...
Steam Link Spotlight is a feature where we look at PC games that play exceptionally well using the Steam Link app. Our last entry was XCOM: Chimera Squad. Read about how it plays using Steam Link's new mouse and keyboard support over here. | Read more »
Steampunk Tower 2, DreamGate's sequ...
Steampunk Tower 2 is a DreamGate's follow up to their previous tower defence game. It's available now for both iOS and Android as a free-to-play title and will see players defending their lone base by kitting it out with a variety of turrets. [... | Read more »
Clash Royale: The Road to Legendary Aren...
Supercell recently celebrated its 10th anniversary and their best title, Clash Royale, is as good as it's ever been. Even for lapsed players, returning to the game is as easy as can be. If you want to join us in picking the game back up, we've put... | Read more »
Pokemon Go Fest 2020 will be a virtual e...
Niantic has announced that Pokemon Go Fest will still take place this year although understandably it won't be a physical event. Instead, it will become a virtual celebration and is set to be held on 25th and 26th July. [Read more] | Read more »
Marvel Future Fight's major May upd...
Marvel Future Fight's latest update has now landed, and it sounds like a big one. The focus this time around is on Marvel's Guardians of the Galaxy, and it introduces all-new characters, quests, and uniforms for players to collect. [Read more] | Read more »
SINoALICE, Yoko Taro and Pokelabo's...
Yoko Taro and developer Pokelabo's SINoALICE has now opened for pre-registration over on the App Store. It's already amassed 1.5 million Android pre-registrations, and it's currently slated to launch on July 1st. [Read more] | Read more »

Price Scanner via MacPrices.net

Apple restocks 27″ iMacs, Certified Refurbish...
Apple has restocked Certified Refurbished 2019 27″ iMacs starting at $1529 and up to $350 off the cost of new models. Apple’s one-year warranty is standard, shipping is free, and each iMac features a... Read more
Apple’s new 2020 13″ 4-Core MacBook Airs on s...
B&H Photo has Apple’s new 2020 13″ 4-Core MacBook Airs on sale today for $100 off Apple’s MSRP, only $1199. Expedited shipping is free to many addresses in the US. The MacBook Airs are the same... Read more
New Verizon promo: $150 off any Apple Watch w...
Verizon is offering $150 off any Apple Watch when purchased alongside an iPhone through June 10, 2020. They’re also offering up to $100 on any Apple Watch trade-in. Here are the details: “Get $150... Read more
Last year’s 13″ 2.4GHz MacBook Pros are avail...
Apple has Certified Refurbished 2019 13″ 2.4GHz/256GB 4-Core Touch Bar MacBook Pros available for $1359, $440 off original MSRP. Apple’s one-year warranty is included, shipping is free, and each... Read more
Apple’s new 2020 13″ MacBook Pros on sale for...
Apple reseller Abt Electronics has new 2020 13″ MacBook Pros on sale today for up to $140 off MSRP, starting at $1208. Shipping is free, and most configurations are in stock today. Note that Abt’s... Read more
Apple CEO Reacts To Nationwide Protests Over...
NEWS: 06.03.20 – With the recent death of a black man in the custody of a white police officer igniting outrage among Americans from all walks of life, which resulted in protests and civil unrest... Read more
At up to $420 off MSRP, these Certified Refur...
Apple has Certified Refurbished 2019 16″ MacBook Pros available for up to $420 off the cost of new models, starting at $2039. Each model features a new outer case, shipping is free, and an Apple 1-... Read more
Apple restocks refurbished 3rd generation 12....
Apple restocked select 3rd generation 12.9″ WiFi iPad Pros starting at only $699 and up to $330 off original MSRP. Each iPad comes with a standard Apple one-year warranty, outer cases are new, and... Read more
These wireless carriers are offering Apple’s...
Looking for a deal on Apple’s new iPhone SE? Apple itself offers the unlocked 64GB iPhone SE for $399 or $16.62/month. If you’re willing to try a new carrier, two of Apple’s wireless carriers are... Read more
Save $80 on the 64GB 10.5″ iPad Air with this...
Apple has 10.5″ 64GB WiFi iPad Airs models available for $80 off MSRP, Certified Refurbished. Each iPad comes with Apple’s standard one-year warranty and includes a new outer case. Shipping is free... Read more

Jobs Board

*Apple* Architect - SAIC (United States)
**Description** We are currently seeking a motivated, career and customer oriented Apple Architect to join our team in Washington, DC to begin an exciting and Read more
*Apple* Support Engineer - SAIC (United Stat...
**Description** We are currently seeking a motivated, career and customer oriented Apple Support Engineer to join our team in Washington, DC to begin an exciting and Read more
Perioperative RN - ( *Apple* Hill Surgical C...
Perioperative RN - ( Apple Hill Surgical Center) Tracking Code 60593 Job Description Monday - Friday - Full Time Days Possible Saturdays General Summary: Under the Read more
Senior Practice Manager - *Apple* Hill Eye...
Senior Practice Manager - Apple Hill Eye Center Tracking Code 61713 Job Description Apple Hill Medical Center General Summary: Under general supervision, manages Read more
*Apple* Mac Desktop Support - Global Dimensi...
…Operate and support an Active Directory (AD) server-client environment for all Apple devices operating on the BUMED network + Leverage necessary industry enterprise Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.