I have installed the `.pkg` from <osquery.io> on m...
# macoss
sundsta
03/03/2020, 5:28 PMI have installed the
.pkgosqueryctlz
zwass
03/03/2020, 5:30 PM
@seph @groob? I'm still on 10.14
g
groob
03/03/2020, 5:31 PM
I can take a look
groob
03/03/2020, 5:32 PM
@sundsta the 4.1.1.pkg?
groob
03/03/2020, 5:32 PM
Or 4.2.0?
groob
03/03/2020, 5:33 PM
This pkg is weird
s
sundsta
03/03/2020, 5:33 PM4.2.0
g
groob
03/03/2020, 5:35 PM
The package has no install scripts
groob
03/03/2020, 5:35 PM
Idk if that's intentional, but office hours is soon
s
sundsta
03/03/2020, 5:47 PMCan you link me to docs on inspecting a pkg? I’d like to be able to investigate this myself in the future
g
groob
03/03/2020, 5:59 PM
pkgutil --expand is one
👍 1
groob
03/03/2020, 5:59 PM
Another is a tool called Suspicious Package, which works nicely and has a GUI
👍 1
s
seph
03/03/2020, 6:02 PM
I use
targ
groob
03/03/2020, 6:03 PM
Which is coincidentally bugged on 10.15 (idk the details)
s
seph
03/03/2020, 6:03 PM
I did notice some issues there. But I haven’t dig into it. ¯\_(ツ)_/¯
g
groob
03/03/2020, 6:08 PM
In any case, this looks like a bug / unintentional
groob
03/03/2020, 6:08 PM
@sundsta can you file an issue with the repo?
s
sundsta
03/03/2020, 6:09 PMSure
sundsta
03/03/2020, 6:20 PMs
samuel
03/05/2020, 12:27 AMthat's expected behavior, the package has never installed a service for as long as i can remember
👍 1
samuel
03/05/2020, 12:31 AMcommented on the issue
👍 1
4 Views