macOS Command - pkgutil
一、关于 pkgutil
pkgutil: Query and manipulate Mac OS X Installer packages and receipts.
reciept & bom
reciept 和 bom 文件存放在 /private/var/db/receipts 文件夹。
可以使用lsbom 命令来查看 bom 文件
lsbom : list contents of a bom file
$ plutil -p /private/var/db/receipts/com.tencent.qq.plist # 安装包基础信息
{
"InstallDate" => 2021-02-15 03:06:32 +0000
"InstallPrefixPath" => "Applications/"
"InstallProcessName" => "appstoreagent"
"PackageFileName" => "com.tencent.qq.pkg"
"PackageIdentifier" => "com.tencent.qq"
"PackageVersion" => "6.7.3"
}
$ lsbom -s /private/var/db/receipts/com.tencent.qq.bom # 安装包的内容
.
./QQ.app
./QQ.app/Contents
./QQ.app/Contents/Frameworks
./QQ.app/Contents/Frameworks/FTMiniNN.framework
./QQ.app/Contents/Frameworks/FTMiniNN.framework/FTMiniNN
./QQ.app/Contents/Frameworks/FTMiniNN.framework/PlugIns
...
二、使用示例
$ pkgutil -h # pkgutil --help
Usage: pkgutil [OPTIONS] [COMMANDS] ...
Options:
--help Show this usage guide
--verbose, -v Show contextual information and format for easy reading
--force, -f Perform all operations without asking for confirmation
--volume PATH Perform all operations on the specified volume
--edit-pkg PKGID Adjust properties of package PKGID using --learn PATH
--only-files List only files (not directories) in --files listing
--only-dirs List only directories (not files) in --files listing
--regexp Try all PKGID arguments as regular expressions
Receipt Database Commands:
--pkgs, --packages List all currently installed package IDs on --volume
--pkgs-plist List all package IDs on --volume in plist format
--pkgs=REGEXP List package IDs on --volume that match REGEXP
--groups List all GROUPIDs on --volume
--groups-plist List all GROUPIDs on --volume in plist format
--group-pkgs GROUPID List all PKGIDs in GROUPID
--files PKGID List files installed by the specified package
--lsbom PKGID List files in the same format as 'lsbom -s'
--pkg-groups PKGID List all GROUPIDs that PKGID is a member of
--export-plist PKGID Print all info about PKGID in plist format
--pkg-info PKGID Show metadata about PKGID
--pkg-info-plist PKGID Show metadata about PKGID in plist format
--file-info PATH Show metadata known about PATH
--file-info-plist PATH Show metadata known about PATH in plist format
--forget PKGID Discard receipt data for the specified package
--learn PATH Update --edit-pkg PKGID with actual metadata from PATH
File Commands:
--expand PKG DIR Expand the flat package PKG to DIR
--flatten DIR PKG Flatten the files at DIR as PKG
--bom PATH Extract any Bom files from the pkg at PATH into /tmp
--payload-files PATH List the paths archived within the (m)pkg at PATH
--check-signature PATH Validate the signature of the pkg at PATH and print certificate information
Receipt Database Commands
查看所有 pkgs
$ pkgutil --pkgs
com.apple.pkg.CoreTypes.1300A38
com.apple.pkg.MAContent10_AssetPack_0637_AppleLoopsDrummerKyle
com.apple.pkg.MAContent10_AssetPack_0593_DrummerSoCalGBLogic
com.apple.pkg.MAContent10_AssetPack_0317_AppleLoopsModernRnB1
com.apple.pkg.MAContent10_AssetPack_0537_DrummerShaker
com.apple.pkg.MAContent10_AssetPack_0482_EXS_OrchWoodwindAltoSax
com.apple.pkg.EmbeddedOSFirmware
com.apple.pkg.MAContent10_AssetPack_0048_AlchemyPadsDigitalHolyGhost
com.apple.pkg.MAContent10_AssetPack_0539_DrummerTambourine
...
com.tencent.qq
com.youdao.YoudaoDict
com.tencent.xinWeChat
com.netease.macmail
...
以上内容的 plist 形式输出
$ pkgutil --pkgs-plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<string>com.apple.pkg.InstallAssistant.macOSBigSur</string>
<string>com.apple.pkg.DevSDK_macOS1013_Public</string>
<string>com.apple.pkg.CLTools_Executables</string>
<string>com.apple.files.data-template</string>
<string>com.apple.pkg.CoreTypes.1350A26</string>
<string>com.apple.pkg.DevSDK</string>
...
</array>
</plist>
以下命令中带有 plist 一般都是命令的 plist 格式输出
List all GROUPIDs on --volume
$ pkgutil --groups
com.apple.findsystemfiles
com.apple.OSTemplate.pkg-group
com.apple.FindSystemFiles.pkg-group
com.apple.FindSystemFiles
显示某软件包安装的文件列表
$ pkgutil --files com.tencent.qq
QQ.app
QQ.app/Contents
QQ.app/Contents/Frameworks
QQ.app/Contents/Frameworks/FTMiniNN.framework/Versions
...
QQ.app/Contents/Frameworks/libswiftXPC.dylib
QQ.app/Contents/Frameworks/libswiftos.dylib
QQ.app/Contents/Info.plist
QQ.app/Contents/Library
QQ.app/Contents/Library/LoginItems
QQ.app/Contents/Library/LoginItems/QQ jietu plugin.app
QQ.app/Contents/Library/LoginItems/QQ jietu plugin.app/Contents
...
$ pkgutil --lsbom com.tencent.qq
.
./QQ.app
./QQ.app/Contents
./QQ.app/Contents/Frameworks
./QQ.app/Contents/Frameworks/FTMiniNN.framework
./QQ.app/Contents/Frameworks/FTMiniNN.framework/FTMiniNN
./QQ.app/Contents/Frameworks/FTMiniNN.framework/PlugIns
以上等效于
$ lsbom -s /private/var/db/receipts/com.tencent.qq.bom
.
./QQ.app
./QQ.app/Contents
./QQ.app/Contents/Frameworks
./QQ.app/Contents/Frameworks/FTMiniNN.framework
./QQ.app/Contents/Frameworks/FTMiniNN.framework/FTMiniNN
./QQ.app/Contents/Frameworks/FTMiniNN.framework/PlugIns
...
一些 pkg 卸载工具,会根据 bom 的内容地址,来删除文件。
$ pkgutil --export-plist com.tencent.qq
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>install-location</key>
<string>Applications/</string>
<key>install-time</key>
<integer>1613358392</integer>
<key>paths</key>
<dict>
<key>QQ.app</key>
<dict>
<key>gid</key>
<integer>0</integer>
<key>install-time</key>
<integer>1613358392</integer>
<key>mode</key>
<integer>16877</integer>
<key>pkg-version</key>
<string>6.7.3</string>
<key>pkgid</key>
<string>com.tencent.qq</string>
<key>uid</key>
<integer>0</integer>
</dict>
<key>QQ.app/Contents</key>
<dict>
<key>gid</key>
<integer>0</integer>
<key>install-time</key>
<integer>1613358392</integer>
<key>mode</key>
<integer>16877</integer>
<key>pkg-version</key>
<string>6.7.3</string>
<key>pkgid</key>
<string>com.tencent.qq</string>
<key>uid</key>
<integer>0</integer>
</dict>
<key>QQ.app/Contents/Frameworks</key>
<dict>
<key>gid</key>
<integer>0</integer>
<key>install-time</key>
<integer>1613358392</integer>
<key>mode</key>
<integer>16877</integer>
<key>pkg-version</key>
<string>6.7.3</string>
<key>pkgid</key>
<string>com.tencent.qq</string>
<key>uid</key>
<integer>0</integer>
</dict>
<key>QQ.app/Contents/Frameworks/FTMiniNN.framework</key>
<dict>
<key>gid</key>
<integer>0</integer>
<key>install-time</key>
<integer>1613358392</integer>
<key>mode</key>
<integer>16877</integer>
<key>pkg-version</key>
<string>6.7.3</string>
<key>pkgid</key>
<string>com.tencent.qq</string>
<key>uid</key>
<integer>0</integer>
</dict>
<key>QQ.app/Contents/_CodeSignature/CodeResources</key>
<dict>
<key>gid</key>
<integer>0</integer>
<key>install-time</key>
<integer>1613358392</integer>
<key>mode</key>
<integer>33188</integer>
<key>pkg-version</key>
<string>6.7.3</string>
<key>pkgid</key>
<string>com.tencent.qq</string>
<key>uid</key>
<integer>0</integer>
</dict>
...
</dict>
<key>pkg-version</key>
<string>6.7.3</string>
<key>pkgid</key> #
<string>com.tencent.qq</string>
<key>receipt-plist-version</key>
<real>1</real>
<key>volume</key>
<string>/</string> #
</dict>
</plist>
查看 pkg 信息
$ pkgutil --pkg-info com.tencent.qq
package-id: com.tencent.qq
version: 6.7.3
volume: /
location: Applications/
install-time: 1613358392
查看pkg 文件地址信息
$ pkgutil --file-info ~/Downloads/Safari/R-4.0.3.pkg
volume: /
path: ~/Downloads/Safari/R-4.0.3.pkg
$ pkgutil --learn ~/Downloads/Safari/R-4.0.3.pkg
Error: No package ID specified.
File Commands
pkg 文件转文件夹
$ pkgutil --expand ~/Downloads/Safari/R-4.0.3.pkg ~/Downloads/Safari/001
不要先创建 001 文件夹,它会自动生成。如果已创建,执行命令时会报 Error 17: File exists 。
001文件结构如下
$ cd ~/Downloads/Safari/001
$ tree
.
├── Distribution
├── R-app.pkg
│ ├── Bom
│ ├── PackageInfo
│ └── Payload
├── R-fw.pkg
│ ├── Bom
│ ├── PackageInfo
│ ├── Payload
│ └── Scripts
│ └── postflight
├── Resources
│ ├── background.tiff
│ ├── license.rtf
│ ├── readme.rtf
│ └── welcome.rtf
├── tcltk.pkg
│ ├── Bom
│ ├── PackageInfo
│ └── Payload
└── texinfo.pkg
├── Bom
├── PackageInfo
└── Payload
文件夹转 pkg
$ pkgutil --flatten ~/Downloads/Safari/001 ~/Downloads/Safari/MyR.pkg
查看 pkg 中的 bom 文件
$ pkgutil --bom ~/Downloads/Safari/R-4.0.3.pkg
/tmp/R-4.0.3.pkg.boms.XnbGRm/R-fw.pkg/Bom
/tmp/R-4.0.3.pkg.boms.XnbGRm/R-app.pkg/Bom
/tmp/R-4.0.3.pkg.boms.XnbGRm/tcltk.pkg/Bom
/tmp/R-4.0.3.pkg.boms.XnbGRm/texinfo.pkg/Bom
$ pkgutil --payload-files ~/Downloads/Safari/R-4.0.3.pkg
.
./R.framework
./R.framework/PrivateHeaders
./R.framework/Resources
./R.framework/Versions
./R.framework/Versions/Current
./R.framework/Versions/4.0
./R.framework/Versions/4.0/PrivateHeaders
./R.framework/Versions/4.0/PrivateHeaders/stamp-h.in
...
.
./usr
./usr/local
./usr/local/man
./usr/local/man/man3
./usr/local/man/man3/Tk_SetWindowBackground.3
...
查看 pkg 签名
$ pkgutil --check-signature ~/Downloads/Safari/R-4.0.3.pkg
Package "R-4.0.3.pkg":
Status: signed by a developer certificate issued by Apple for distribution
Signed with a trusted timestamp on: 2020-10-11 03:32:31 +0000
Certificate Chain:
1. Developer ID Installer: Simon Urbanek (VZLD955F6P)
Expires: 2022-05-30 12:52:25 +0000
SHA256 Fingerprint:
DC 71 49 90 95 59 7F 5B 7E 61 7F 26 24 44 AE 8B A7 96 AA 11 C2 8B
0E 6D EB B9 37 2A 80 78 AF A0
------------------------------------------------------------------------
2. Developer ID Certification Authority
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1 8D 03
F2 9C 88 CF B0 B1 BA 63 58 7F
------------------------------------------------------------------------
3. Apple Root CA
Expires: 2035-02-09 21:40:36 +0000
SHA256 Fingerprint:
B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED 7E 2C
68 C5 BE 91 B5 A1 10 01 F0 24
$ pkgutil --pkgs-plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<string>com.apple.pkg.CoreTypes.1300A38</string>
<string>com.apple.pkg.MAContent10_AssetPack_0637_AppleLoopsDrummerKyle</string>
<string>com.apple.pkg.MAContent10_AssetPack_0593_DrummerSoCalGBLogic</string>
<string>com.apple.pkg.MAContent10_AssetPack_0317_AppleLoopsModernRnB1</string>
<string>com.apple.pkg.MAContent10_AssetPack_0537_DrummerShaker</string>
<string>com.apple.pkg.MAContent10_AssetPack_0482_EXS_OrchWoodwindAltoSax</string>
<string>com.apple.pkg.EmbeddedOSFirmware</string>
<string>com.netease.macmail</string>
<string>ru.keepcoder.Telegram</string>
<string>com.netease.163music</string>
<string>com.tencent.JietuMac</string>
<string>com.apple.pkg.ConfigurationUtility</string>
<string>com.apple.pkg.iMovie_AppStore</string>
<string>com.apple.pkg.GarageBand_AppStore</string>
<string>com.apple.pkg.Pages8</string>
<string>com.apple.pkg.Keynote9</string>
<string>com.apple.pkg.Numbers6</string>
</array>
</plist>
查看 pkg 内容
$ pkgutil --files com.netease.pkg.ITVideoConnectMac
Applications
Applications/易投屏.app
Applications/易投屏.app/Contents
Applications/易投屏.app/Contents/Frameworks
Applications/易投屏.app/Contents/Frameworks/HPOfficeCastWork.framework
查看签名
$ pkgutil --check-signature .../a.pkg
Package "a.pkg":
Status: signed by a developer certificate issued by Apple for distribution
Certificate Chain:
1. Developer ID Installer: NetEase (Hangzhou) Network Co., Ltd. (CF44QJESLS)
SHA256 Fingerprint:
73 30 A3 4F DB CE 22 F0 9E A4 DC 83 8D DC 4B 38 F7 A3 07 85 8F 25
B1 D7 70 64 9D 9A 75 B8 5F E5
------------------------------------------------------------------------
2. Developer ID Certification Authority
SHA256 Fingerprint:
7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1 8D 03
F2 9C 88 CF B0 B1 BA 63 58 7F
------------------------------------------------------------------------
3. Apple Root CA
SHA256 Fingerprint:
B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED 7E 2C
68 C5 BE 91 B5 A1 10 01 F0 24
三、manual
NAME
pkgutil – Query and manipulate Mac OS X Installer packages and receipts.
SYNOPSIS
pkgutil [options] [commands]
DESCRIPTION
pkgutil reads and manipulates Mac OS X Installer flat packages, and provides access to the receipt database used by the Installer.
Options are processed first, and affect the operation of all commands. Multiple commands are performed sequentially in the given order.
The files and directories where receipts are stored are subject to change. Always use pkgutil to query or modify them.
OPTIONS
--help, -h
A brief summary of commands and usage.
--force, -f
Don’t ask for confirmation before performing a potentially destructive or ambiguous operation.
--verbose, -v
Output in a “human-readable” format with extra headers, footers, indentation, and other contextual information.
--volume path
Perform all operations on the specified volume or home directory. The root volume ‘/’ will be used if unspecified.
--edit-pkg package-id
Specifies an existing receipt to be modified in-place by --learn.
--only-files
List only files (not directories) in --files listing.
--only-dirs
List only directories (not files) in --files listing.
--regexp
Try to match package-id arguments as a regular expression if an exact match isn’t found. See egrep(1) and re_format(7) for syntax.
RECEIPT DATABASE COMMANDS
--packages, --pkgs
List all installed package IDs on the specified --volume.
显示已经安装在系统上的软件包
--pkgs-plist
List all installed package IDs on the specified --volume in Mac OS X plist(5) format.
--pkgs=REGEXP
List all installed package IDs matching REGEXP on the specified --volume.
The equal sign (=) is required or the search string will be ignored and all package IDs will be returned.
Be mindful of escaping characters in both your shell and the regular expression. (Eg, pkgutil --pkgs=\\.D searches for package IDs matching the literal ‘.D’ after escaping the backslash from your shell and then the dot from the regex to make it literal.)
Regular expressions are more complex than simple shell globbing. A dot (.) matches any character, while * matches zero or more of the previous character. See re_format(7) for a complete description of the syntax.
--files package-id
List all of the files installed under the package-id.
--export-plist package-id
Print all receipt information about the specified package-id in the standard Mac OS X plist(5) format.
--pkg-info package-id
Print extended information about the specified package-id.
--pkg-info-plist package-id
Print extended information about the specified package-id in Mac OS X plist(5) format.
--forget package-id
Discard all receipt data about package-id, but do not touch the installed files. DO NOT use this command from an installer package script to fix broken package design.
从包管理数据库中移除软件包信息(但不会删除该软件包创建的文件)
--learn path
Update the ACLs of the given path in the receipt identified by --edit-pkg. This affects subsequent repair operations on the package. This command cannot be used from package postinstall scripts, but if a postinstall script changes the ACLs on the installed files, the receipt is automatically be updated to reflect those changes. This command will not update the filesystem permissions in the receipt.
--pkg-groups package-id
List all of the package groups this package-id is a member of.
--groups
List all of the package groups on the specified --volume.
--groups-plist
List all of the package groups on the specified --volume in Mac OS X plist(5) format.
--group-pkgs group-id
List all of the packages that are members of this group-id.
--file-info path
Show the metadata known about path.
--file-info-plist path
Show the metadata known about path in Mac OS X plist(5) format.
FILE COMMANDS
--expand pkg-path dir-path
Expand the flat package at pkg-path into a new directory specified by dir-path.
--flatten dir-path pkg-path
Flatten the dir-path into a new flat package created at pkg-path. The directory to be flattened must have the proper contents and layout for a flat package. This is not intended as a substitute for pkgbuild(1).
--bom path
Extract any BOM files from the flat pkg at path into /tmp and return the filename(s). Suggested use is as an argument to lsbom(8). Eg, "lsbom pkgutil --bom path". Note that some flat package archives may contain no BOM, one BOM, or several BOMs.
--payload-files path
List the files archived within the payload of the uninstalled flat package(s) contained at path. This should be equivalent to "lsbom -s pkgutil --bom path". Note that flat package archives may contain more than one package, and the destination location for the uninstalled package(s) is unknown to this command.
--check-signature pkg-path
Check the validity and trust of the signature on the package at pkg-path. In addition to the status of the signature, the associated certificate chain will be shown.
SEE ALSO
- installer(8)
- pkgbuild(1)
- productbuild(1)