Where are the files installed when you execute a mpkg file?
Solution 1:
An "mpkg" file is a meta-package file, a file that can contain files and packages to be installed.
They also contain a "bill of materials" that lists the files installed (but not the files installed by the packages it might contain - they have their own bill of materials).
Therefore you need to find the package ID of the mpkg file and any packages it might contain.
The easiest way to do this is to have a look in the receipts folder. This occasionally moves but in 10.9 it is in /private/var/db/receipts
.
If we installed our mpkg file recently then it is best to use find
like so:
find /private/var/db/receipts -ctime 2
which will list all the receipt files changed in the last two days. The files found will have names that look like "com.company.application.bom" or they also end in ".plist". The file name without the .bom or .plist is a package ID.
Now we know a package ID we can ask pkgutil
to list all the files installed and their location.
pkgutil --files com.company.application
This will produce a long list of all the files installed and where they are located.
You may see some who recommend methods using the folder /Library/Receipts
but not all receipts are actually stored in there for some reason.
Solution 2:
You can press command-I in an installer window to list the files that would be copied by the installer:
If the mpkg file is a bundle that contains pkg files, you can use lsbom:
$ lsbom /Volumes/TrueCrypt\ 7.1a/TrueCrypt\ 7.1a.mpkg/Contents/Packages/TrueCrypt.pkg/Contents/Archive.bom
. 40755 0/0
./TrueCrypt.app 40775 0/80
./TrueCrypt.app/Contents 40775 0/80
./TrueCrypt.app/Contents/Info.plist 100664 0/80 934 2986627536
./TrueCrypt.app/Contents/MacOS 40775 0/80
./TrueCrypt.app/Contents/MacOS/TrueCrypt 100775 0/80 10941620 3857709971
./TrueCrypt.app/Contents/PkgInfo 100664 0/80 12 2672927831
./TrueCrypt.app/Contents/Resources 40775 0/80
./TrueCrypt.app/Contents/Resources/License MacFUSE.rtf 100664 0/80 13023 2006089031
./TrueCrypt.app/Contents/Resources/License OSXFUSE.rtf 100664 0/80 19096 2055725362
./TrueCrypt.app/Contents/Resources/License.txt 100664 0/80 24018 2573692796
./TrueCrypt.app/Contents/Resources/TrueCrypt User Guide.pdf 100664 0/80 923969 902212473
./TrueCrypt.app/Contents/Resources/TrueCrypt.icns 100664 0/80 60982 1040643878
pkgutil --bom
works with some non-bundle pkg files:
lsbom $(pkgutil --bom file.pkg)
Or use lsbom after you have installed the package:
lsbom /var/db/receipts/com.tapbots.TweetbotMac.bom
Solution 3:
Use opensnoop
Next time before running the .mpkg file you could run opensnoop
from the command line and that will tell you exactly what files are being modified, opened and created.