Where are the files installed when you execute a mpkg file?

install

Solution 1:

An "mpkg" file is a meta-package file, a file that can contain files and packages to be installed.

They also contain a "bill of materials" that lists the files installed (but not the files installed by the packages it might contain - they have their own bill of materials).

Therefore you need to find the package ID of the mpkg file and any packages it might contain.

The easiest way to do this is to have a look in the receipts folder. This occasionally moves but in 10.9 it is in /private/var/db/receipts.

If we installed our mpkg file recently then it is best to use find like so:

find /private/var/db/receipts -ctime 2

which will list all the receipt files changed in the last two days. The files found will have names that look like "com.company.application.bom" or they also end in ".plist". The file name without the .bom or .plist is a package ID.

Now we know a package ID we can ask pkgutil to list all the files installed and their location.

pkgutil --files com.company.application

This will produce a long list of all the files installed and where they are located.

You may see some who recommend methods using the folder /Library/Receipts but not all receipts are actually stored in there for some reason.

Solution 2:

You can press command-I in an installer window to list the files that would be copied by the installer:

If the mpkg file is a bundle that contains pkg files, you can use lsbom:

$ lsbom /Volumes/TrueCrypt\ 7.1a/TrueCrypt\ 7.1a.mpkg/Contents/Packages/TrueCrypt.pkg/Contents/Archive.bom
.   40755   0/0
./TrueCrypt.app 40775   0/80
./TrueCrypt.app/Contents    40775   0/80
./TrueCrypt.app/Contents/Info.plist 100664  0/80    934 2986627536
./TrueCrypt.app/Contents/MacOS  40775   0/80
./TrueCrypt.app/Contents/MacOS/TrueCrypt    100775  0/80    10941620    3857709971
./TrueCrypt.app/Contents/PkgInfo    100664  0/80    12  2672927831
./TrueCrypt.app/Contents/Resources  40775   0/80
./TrueCrypt.app/Contents/Resources/License MacFUSE.rtf  100664  0/80    13023   2006089031
./TrueCrypt.app/Contents/Resources/License OSXFUSE.rtf  100664  0/80    19096   2055725362
./TrueCrypt.app/Contents/Resources/License.txt  100664  0/80    24018   2573692796
./TrueCrypt.app/Contents/Resources/TrueCrypt User Guide.pdf 100664  0/80    923969  902212473
./TrueCrypt.app/Contents/Resources/TrueCrypt.icns   100664  0/80    60982   1040643878

pkgutil --bom works with some non-bundle pkg files:

lsbom $(pkgutil --bom file.pkg)

Or use lsbom after you have installed the package:

lsbom /var/db/receipts/com.tapbots.TweetbotMac.bom

Solution 3:

Use opensnoop

Next time before running the .mpkg file you could run opensnoop from the command line and that will tell you exactly what files are being modified, opened and created.

Related

How can I turn my top menu bar and all the window bars dark?
If I take the hard drive out of my macBook Pro and put it in a non-apple laptop, will it boot?
Where are the /dev folder and the /dev/null device located on Mac OS X Mountain Lion?
Hide month in menu bar in OS X
OS X Terminal not recognizing any commands [duplicate]
Make F8 work as F8 on MacBook Pro
Bash or sh cannot execute any binary files
What is an alternative to a BAT file on Mac?
Why are my top-row keyboard buttons not working on Mac Lion?
“Sign in to download from the App Store” dialog does not allow paste
Getting my old Terminal back after uninstalling fish
Calling an app from the terminal via script