OLD | NEW |
(Empty) | |
| 1 #!/bin/bash -p |
| 2 |
| 3 # Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 4 # Use of this source code is governed by a BSD-style license that can be |
| 5 # found in the LICENSE file. |
| 6 |
| 7 # Called by the application to install in a new location. Generally, this |
| 8 # means that the application is running from a disk image and wants to be |
| 9 # copied to /Applications. The application, when running from the disk image, |
| 10 # will call this script to perform the copy. |
| 11 # |
| 12 # This script will be run as root if the application determines that it would |
| 13 # not otherwise have permission to perform the copy. |
| 14 # |
| 15 # When running as root, this script will be invoked with the real user ID set |
| 16 # to the user's ID, but the effective user ID set to 0 (root). bash -p is |
| 17 # used on the first line to prevent bash from setting the effective user ID to |
| 18 # the real user ID (dropping root privileges). |
| 19 |
| 20 set -e |
| 21 |
| 22 # This script may run as root, so be paranoid about things like ${PATH}. |
| 23 export PATH="/usr/bin:/usr/sbin:/bin:/sbin" |
| 24 |
| 25 # If running as root, output the pid to stdout before doing anything else. |
| 26 # See chrome/browser/cocoa/authorization_util.h. |
| 27 if [ ${EUID} -eq 0 ] ; then |
| 28 echo "${$}" |
| 29 fi |
| 30 |
| 31 if [ ${#} -ne 2 ] ; then |
| 32 echo "usage: ${0} SRC DEST" >& 2 |
| 33 exit 2 |
| 34 fi |
| 35 |
| 36 SRC=${1} |
| 37 DEST=${2} |
| 38 |
| 39 # Make sure that SRC is an absolute path and that it exists. |
| 40 if [ -z "${SRC}" ] || [ "${SRC:0:1}" != "/" ] || [ ! -d "${SRC}" ] ; then |
| 41 echo "${0}: source ${SRC} sanity check failed" >& 2 |
| 42 exit 3 |
| 43 fi |
| 44 |
| 45 # Make sure that DEST is an absolute path and that it doesn't yet exist. |
| 46 if [ -z "${DEST}" ] || [ "${DEST:0:1}" != "/" ] || [ -e "${DEST}" ] ; then |
| 47 echo "${0}: destination ${DEST} sanity check failed" >& 2 |
| 48 exit 4 |
| 49 fi |
| 50 |
| 51 # Do the copy. |
| 52 rsync -lrpt "${SRC}/" "${DEST}" |
| 53 |
| 54 # The remaining steps are not considered critical. |
| 55 set +e |
| 56 |
| 57 # Notify LaunchServices. |
| 58 /System/Library/Frameworks/CoreServices.framework/Frameworks/LaunchServices.fram
ework/Support/lsregister "${DEST}" |
| 59 |
| 60 # If this script is not running as root and the application is installed |
| 61 # somewhere under /Applications, try to make it writable by all admin users. |
| 62 # This will allow other admin users to update the application from their own |
| 63 # user Keystone instances even if the Keystone ticket is not promoted to |
| 64 # system level. |
| 65 # |
| 66 # If the script is not running as root and the application is not installed |
| 67 # under /Applications, it might not be in a system-wide location, and it |
| 68 # probably won't be something that other users on the system are running, so |
| 69 # err on the side of safety and don't make it group-writable. |
| 70 # |
| 71 # If this script is running as root, a Keystone ticket promotion is expected, |
| 72 # and future updates can be expected to be applied as root, so |
| 73 # admin-writeability is not a concern. Set the entire thing to be owned by |
| 74 # root in that case, regardless of where it's installed, and drop any group |
| 75 # and other write permission. |
| 76 # |
| 77 # If this script is running as a user that is not a member of the admin group, |
| 78 # the chgrp operation will not succeed. Tolerate that case, because it's |
| 79 # better than the alternative, which is to make the application |
| 80 # world-writable. |
| 81 CHMOD_MODE="a+rX,u+w,go-w" |
| 82 if [ ${EUID} -ne 0 ] ; then |
| 83 if [ "${DEST:0:14}" = "/Applications/" ] && |
| 84 chgrp -Rh admin "${DEST}" >& /dev/null ; then |
| 85 CHMOD_MODE="a+rX,ug+w,o-w" |
| 86 fi |
| 87 else |
| 88 chown -Rh root:wheel "${DEST}" >& /dev/null |
| 89 fi |
| 90 |
| 91 chmod -R "${CHMOD_MODE}" "${DEST}" >& /dev/null |
| 92 |
| 93 # On the Mac, or at least on HFS+, symbolic link permissions are significant, |
| 94 # but chmod -R and -h can't be used together. Do another pass to fix the |
| 95 # permissions on any symbolic links. |
| 96 find "${DEST}" -type l -exec chmod -h "${CHMOD_MODE}" {} + >& /dev/null |
| 97 |
| 98 # Host OS version check, to be able to take advantage of features on newer |
| 99 # systems and fall back to slow ways of doing things on older systems. |
| 100 OS_VERSION=$(sw_vers -productVersion) |
| 101 OS_MAJOR=$(sed -Ene 's/^([0-9]+).*/\1/p' <<< ${OS_VERSION}) |
| 102 OS_MINOR=$(sed -Ene 's/^([0-9]+)\.([0-9]+).*/\2/p' <<< ${OS_VERSION}) |
| 103 |
| 104 # Because this script is launched by the application itself, the installation |
| 105 # process inherits the quarantine bit (LSFileQuarantineEnabled). Any files or |
| 106 # directories created during the update will be quarantined in that case, |
| 107 # which may cause Launch Services to display quarantine UI. That's bad, |
| 108 # especially if it happens when the outer .app launches a quarantined inner |
| 109 # helper. Since the user approved the application launch if quarantined, it |
| 110 # it can be assumed that the installed copy should not be quarantined. Use |
| 111 # xattr to drop the quarantine attribute. |
| 112 QUARANTINE_ATTR=com.apple.quarantine |
| 113 if [ ${OS_MAJOR} -gt 10 ] || |
| 114 ([ ${OS_MAJOR} -eq 10 ] && [ ${OS_MINOR} -ge 6 ]) ; then |
| 115 # On 10.6, xattr supports -r for recursive operation. |
| 116 xattr -d -r "${QUARANTINE_ATTR}" "${DEST}" >& /dev/null |
| 117 else |
| 118 # On earlier systems, xattr doesn't support -r, so run xattr via find. |
| 119 find "${DEST}" -exec xattr -d "${QUARANTINE_ATTR}" {} + >& /dev/null |
| 120 fi |
| 121 |
| 122 # Great success! |
| 123 exit 0 |
OLD | NEW |