Manually unpacking pkg files on macOS
by admin on Nov.21, 2023, under News
The macOS PKG file format is a package format used by macOS to distribute software. It’s essentially a container for software installation data and is often used for installing applications on macOS systems. Here’s a breakdown of its key aspects:
The macOS PKG file format is a package format used by macOS to distribute software. It’s essentially a container for software installation data and is often used for installing applications on macOS systems. Here’s a breakdown of its key aspects:
Nature of PKG Files: PKG files are essentially archives that can contain various types of data required for installing software. This can include the application files themselves, metadata about the installation, scripts for handling installation and removal, and more.
Structure: PKG files are typically XAR (eXtensible ARchive) archives. This format allows for efficient compression and digital signing. Within a PKG file, you might find components like:
Payload: Contains the actual files to be installed. This is often a compressed archive (like a tarball).
Scripts: Installation and post-installation scripts that help in setting up the software. These scripts can perform tasks like configuring the software, setting up necessary system changes, etc.
Bill of Materials (BOM): A file listing the contents of the package, often used to check what files need to be installed or removed.
Plist Files: Property list files containing metadata about the package, such as the software version, identifier, installation requirements, etc.
Installation Process: When a PKG file is opened on a Mac, it typically launches the Installer application, which guides the user through the installation process. This process involves unpacking the contents of the PKG file, executing any necessary scripts, and placing files in the appropriate locations on the filesystem.
Uses: PKG files are widely used for distributing both commercial software and open-source applications. They are favored for their ability to bundle complex installations into a single file and for their support of advanced features like pre-installation scripts, digital signatures for security, and custom installation options.
Security: macOS treats PKG files with a degree of caution, especially those downloaded from the internet. These files are subject to Gatekeeper checks, and if they are not properly signed with a recognized developer certificate, macOS may warn the user or prevent installation by default.
Creation and Extraction: Developers can create PKG files using tools like pkgbuild
and productbuild
on macOS. For extracting or inspecting PKG files, tools like xar
and others are available.
PKG files are a critical part of the macOS ecosystem, providing a standardized and flexible way for software distribution and installation. Their structured format supports a range of installation complexities, from simple drag-and-drop applications to those requiring extensive system configuration.
Normally this is the process to perform the installation. As we have already described the structure, we will now write a script to extract the payload manually:
#!/bin/bash # Check if an argument is provided if [ "$#" -ne 1 ]; then echo "Usage: $0 <file.pkg>" exit 1 fi # Extract the .pkg file xar -xf "$1" # Find the Payload file payload_file=$(find . -name Payload) # Check if the Payload file is found if [ -z "$payload_file" ]; then echo "Payload file not found" exit 1 fi # Extract the contents of the Payload file tar xvf "$payload_file"
We save this script as unpack-pkg.sh and make the script executable (chmod +x unpack-pkg.sh). We can then use it by calling it as follows: ./unpack-pkg.sh “Test Package.pkg”