TweetFollow Us on Twitter

MacEnterprise: Packages, Receipts, and Snow...

Volume Number: 25
Issue Number: 12
Column Tag: System Administration

MacEnterprise: Packages, Receipts, and Snow...

Snow Leopard's changes to package receipts and updates

by Greg Neagle,


It's that time of year, when there's snow (at least in parts of the Northern Hemisphere), and people are thinking of packages - packages to ship to friends and family; maybe even packages under a tree. So what better time to talk about Snow Leopard and packages?

As always, with each major OS release from Apple, there are changes that might affect systems administrators. Last time, we went on a scavenger hunt through the OS, looking for some of these changes. This month, we'll focus on changes relating to installer packages, receipts, and Software Update.

Keep Those Receipts!

Experienced OS X systems administrators should be familiar with package receipts. These are written to disk when software packaged in Apple package format is installed. Receipts serve as evidence that a certain version of a certain software package has been installed, and also are essential for the installer when it is upgrading a software package from an older version to a newer version. Some software installation problems can be resolved by removing the relevant receipt(s). If the receipt is missing, the installer treats the installation as a new install instead of an upgrade install. (This may create its own issues; it is not something you should do as a matter of habit.)

Prior to the release of OS X 10.5 Leopard, when Apple packages were installed, receipts were left in /Library/Receipts. These receipts were copies of the original installation package minus the archive containing the actual files that were installed.

Leopard added a new type of package - the "flat" package - where instead of a bundle-style directory, the package is a single file. This file is actually a XAR archive; similar in concept to a "tarball" or zip archive. When this type of package is installed under Leopard, it does not leave a receipt in /Library/Receipts. Instead, a copy of the "bom" (bill-of-materials) file is placed in /Library/Receipts/boms, and an entry for the package is made in the package database. You can get information from the package database using the /usr/sbin/pkgutil tool.

Even though OS X 10.5 introduced a new package format, there's still plenty of software that uses the older format. Any software that can be installed on OS X 10.4 or earlier must use the older bundle-style package format. Many vendors continue to use the bundle-style package format even for software that runs only on 10.5 and later, because this format is well understood and there are several third-party tools to create this format. Under Mac OS X Leopard, packages in this format leave their receipts in /Library/Receipts - just as they did in previous releases of Mac OS X - so you might have to look in two places and use a variety of tools to find the receipt information you are interested in.

In Snow Leopard, virtually all package receipts now go in the package database, and only extremely old package formats or those missing the CFBundleIdentifier attribute from their Info.plist are not added to the package database. If you haven't had to work with the package database before, under Snow Leopard, you almost certainly will.


If you had previously dug around in package receipts to figure out exactly what was installed, and examined pre- and post-install scripts to puzzle out what additional changes were made when software was installed, you may wonder how to get that information under Snow Leopard. Some of the info is now available via /usr/sbin/pkgutil, but for pre- and post-install scripts, you'll need to find the original installer package - this information is no longer retained.

If you used pkgutil in Leopard, it is mostly unchanged in Snow Leopard. Here are some common uses of pkgutil:

pkgutil —pkgs will list all installed package IDs. By using the —volume option, you can query the package database on a volume other than the boot volume.

pkgutil —pkgs

pkgutil —files packageid shows all the files installed by packageid.

pkgutil —files com.adobe.pkg.FlashPlayer
Flash Player.plugin
Flash Player.plugin/Contents
Flash Player.plugin/Contents/Info.plist
Flash Player.plugin/Contents/MacOS
Flash Player.plugin/Contents/MacOS/Flash Player
Flash Player.plugin/Contents/Resources
Flash Player.plugin/Contents/Resources/English.lproj

pkgutil —pkg-info packageid prints extended information about packageid.

pkgutil —pkg-info com.adobe.pkg.FlashPlayer
package-id: com.adobe.pkg.FlashPlayer
version: 10.0
volume: /
location: Library/Internet Plug-Ins
install-time: 1255647844

pkgutil —forget packageid removes info about packageid from the package database. This is equivalent to deleting receipts in /Library/Receipts under older versions of Mac OS X, and is a way to get the installer to treat a reinstall like a new install instead of an upgrade install. Note that this does not remove any files installed by the package.

pkgutil —forget com.adobe.pkg.FlashPlayer
Forgot package 'com.adobe.pkg.FlashPlayer' on '/'.

pkgutil —file-info path will print information about the filesystem item at path. This can be useful for determining which package is responsible for installing a specific file or directory.

pkgutil —file-info /Applications/ 
volume: /
path: /Applications/
install-time: 1251997001
uid: 0
gid: 0
mode: 755
install-time: 1255646935
uid: 0
gid: 0
mode: 755

We can see that the /Applications/ directory was installed as part of the package as part of the original OS install, then later modified by the 10.6.1 update.

In Leopard, the actual package database was a Sqlite3 database, stored on-disk at /Library/Receipts/db/a.receiptdb. You could use standard sqlite3 libraries to query and even modify this database. In Snow Leopard, it appears the database is created from the contents of /var/db/receipts. In this directory you will find two files for each installed package - a file, and a packageid.plist file. The bom file is a standard bill-of-materials file, containing a listing of all the filesystem items installed by the package. You can use lsbom to list the contents of the bom file. The plist file is, of course, a standard OS X property list file, containing metadata about the package. The plist file is in binary format, so to read it you'll either need to use the defaults command, or use plutil to convert it to XML. Here we'll use the defaults command:

defaults read /var/db/receipts/
    InstallDate = "2009-10-14 15:43:47 -0700";
    InstallPrefixPath = "";
    InstallProcessName = installer;
    PackageFileName = "RDC2.0.0.pkg";
    PackageIdentifier = "";
    PackageVersion = "2.0.0";
    PathACLs =     {
        Applications = "!#acl 1\\ngroup:ABCDEFAB-CDEF-ABCD-EFAB-CDEF0000000C:everyone:12:deny:delete\\n";

This appears to be a superset of the info you can get from pkgutil:

pkgutil —pkg-info
version: 2.0.0
volume: /
install-time: 1255560227

Note that the plist file for contains a little more information - the filename of the installer package; which process installed this, and ACLs for any paths in the installed payload. Also, the install date/time is in a more human-readable format in the plist file.

As always, you can type man pkgutil at a command-line prompt to get more information on the syntax and options for /usr/sbin/pkgutil.

Software Update

Software Update has not changed much from Leopard. One annoyance from Leopard has been fixed, though.

In Leopard, Software Update could be configured to automatically download available updates in the background, and then notify you when they were ready to install. These updates were stored in /Library/Updates. But if you used the command-line version of softwareupdate to download available updates, the updates were downloaded to the Downloads folder of the current user, even when that user was root. This was a minor thing, sure, but was annoying in its inconsistency.

Snow Leopard changes this behavior. /usr/sbin/softwareupdate now downloads updates to /Library/Updates. This makes it easier to script custom behavior for downloading updates, as updates downloaded by a script using /usr/sbin/softwareupdate appear in, and can be installed with the GUI Software Update application.

Software Update Server

If you manage an Apple Software Update Server for your organization, in order to serve updates to Snow Leopard clients, Apple's official stance is that you'll need to upgrade to Snow Leopard Server on your Software Update Server machines. This is not a new requirement; the Leopard update required a matching update on the server end, as did Tiger.

What's frustrating about this is there is no real technical reason for it, as Apple's Software Update service is just a specially configured web server and some code that replicates updates from Apple's servers to yours. You may not be ready to upgrade your server infrastructure at the same time you need to roll out client machines running Snow Leopard.

What to do? You could configure your Snow Leopard clients to get their updates directly from Apple. You could set up a new Snow Leopard-only software update server on some spare box you have - Apple's new pricing on Snow Leopard server makes that more appealing than in the past. Or you could go the super-cheap route and hack your Leopard Software Update server.

Software Update Server Hack

The original hack was described by Jan Uschok on an Apple discussion list here:

All credit for this hack should go to Jan, and I recommend you read the original hack and discussion if you want to try this. In case the discussion disappears, the basic steps follow:

Stop your Software Update Server process.

On your Software Update Server, create a file at /usr/share/swupd/html/content/meta/mirror-config-1.plist with the following contents (you may need to create the "meta" directory if it is missing):

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "">
<plist version="1.0">

If you retype this from this magazine, note that there should be no line breaks inside any of the <string> elements - they are all a single line.

Edit /etc/swupd/swupd.plist and change the metaIndexURL entry to look like this:



Again, mind the line breaks; the <string> element is a single line.

Start the Software Update Server process and wait for it to download the catalogs. They'll appear under /usr/share/swupd/html/content/catalogs/ and /usr/share/swupd/html/content/catalogs/other/

Once the new catalogs are in place, stop the Software Update Server process again.

Create some symlinks:

cd /usr/share/swupd/html
ln -s /usr/share/swupd/html/content/catalogs/index.sucatalog .
ln -s /usr/share/swupd/html/content/catalogs/others/index-leopard.merged-1.sucatalog .
ln -s /usr/share/swupd/html/content/catalogs/others/index-leopard-snowleopard.merged-1.sucatalog .

(Again, watch the line breaks; all ln -s commands are a single line)

Start the Software Update Server process (again!) and wait for updates to download.

At this point, your hacked Software Update Server should be acting like a Software Update Server running on Snow Leopard server. You can then configure your clients as described on pages 88-89 of the Server System Imaging and Software Update Administration Guide for Snow Leopard. This guide is available from Apple here:

Specifically, you need to point Tiger clients to one Software Update URL; Leopard clients to another URL, and Snow Leopard clients to yet another.

Use this hack at your own risk; Apple could make changes that would cause this to stop working, and there's no guarantee that the Leopard Server Admin GUI tools will do the right thing with your hacked Software Update Server.

Figure 1 - Leopard Server hosting Snow Leopard updates.

Figure 1 is a screen shot showing a hacked Leopard server hosting Snow Leopard updates. You can see there vvvare updates available for Tiger, Leopard, and Snow Leopard. For comparison, see Figure 2, which is a Snow Leopard server hosting the same updates.

Figure 2 - Snow Leopard server running Software Update Server.

In my brief testing, this hack seemed to work as desired, but I'm not certain I'd want to rely on it indefinitely. Your mileage may vary; results shown may not be typical; talk to your doctor to see if Software Update Server hacking is right for you.

Wrapping up

That completes our look at Snow Leopard, receipts, packages, and Software Update. As with most of the changes between Leopard and Snow Leopard, the changes in handling packages and receipts aren't dramatic; they are more evolutionary than revolutionary. We'll all have to wait for Mac OS X 10.7 to see if revolutionary changes are in store - like for example:

pkgutil -uninstall packageid

A systems administrator can dream!

Greg Neagle is a member of the steering committee of the Mac OS X Enterprise Project ( and is a senior systems engineer at a large animation studio. Greg has been working with the Mac since 1984, and with OS X since its release. He can be reached at


Community Search:
MacTech Search:

Software Updates via MacUpdate

DEVONthink Pro 2.9.6 - Knowledge base, i...
DEVONthink Pro is your essential assistant for today's world, where almost everything is digital. From shopping receipts to important research papers, your life often fills your hard drive in the... Read more
Safari Technology Preview 10.1 - The new...
Safari Technology Preview contains the most recent additions and improvements to WebKit and the latest advances in Safari web technologies. And once installed, you will receive notifications of... Read more
VueScan 9.5.60 - Scanner software with a...
VueScan is a scanning program that works with most high-quality flatbed and film scanners to produce scans that have excellent color fidelity and color balance. VueScan is easy to use, and has... Read more
Civilization VI 1.0.0 - Next iteration o...
Sid Meier’s Civilization VI is the next entry in the popular Civilization franchise. Originally created by legendary game designer Sid Meier, Civilization is a strategy game in which you attempt to... Read more
Adobe Flash Player - Plug-in...
Adobe Flash Player is a cross-platform, browser-based application runtime that provides uncompromised viewing of expressive applications, content, and videos across browsers and operating systems.... Read more
RestoreMeNot 2.0.4 - Disable window rest...
RestoreMeNot provides a simple way to disable the window restoration for individual applications so that you can fine-tune this behavior to suit your needs. Please note that RestoreMeNot is designed... Read more
Persecond 1.0.7 - Timelapse video made e...
Persecond is the easy, fun way to create a beautiful timelapse video. Import an image sequence from any camera, trim the length of your video, adjust the speed and playback direction, and you’re done... Read more
iShowU Instant 1.1.0 - Full-featured scr...
iShowU Instant gives you real-time screen recording like you've never seen before! It is the fastest, most feature-filled real-time screen capture tool from shinywhitebox yet. All of the features you... Read more
Spotify - Stream music, creat...
Spotify is a streaming music service that gives you on-demand access to millions of songs. Whether you like driving rock, silky R&B, or grandiose classical music, Spotify's massive catalogue puts... Read more
HoudahSpot 4.2.6 - Advanced file-search...
HoudahSpot is a powerful file search tool. Use HoudahSpot to locate hard-to-find files and keep frequently used files within reach. HoudahSpot will immediately feel familiar. It works just the way... Read more

Latest Forum Discussions

See All

5 Halloween mobile games for wimps
If you're anything like me, horror games are a great way to have nightly nightmares for the next decade or three. They're off limits, but perhaps you want to get in on the Halloween celebrations in some way. Fortunately not all Halloween themed... | Read more »
The 5 scariest mobile games
It's the most wonderful time of the year for people who enjoy scaring themselves silly with haunted houses, movies, video games, and what have you. Mobile might not be the first platform you'd turn to for quality scares, but rest assured there are... | Read more »
Lifeline: Flatline (Games)
Lifeline: Flatline 1.0.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0.0 (iTunes) Description: The Lifeline series takes a terrifying turn in this interactive horror experience. Every decision you make could help... | Read more »
Game of Dice is now available on Faceboo...
After celebrating its anniversary in style with a brand new update, there’s even more excitement in store for Game of Dice has after just being launched on Facebook Gameroom. A relatively new platform, Facebook Gameroom has been designed for PC... | Read more »
4 addictive clicker games like Best Fien...
Clickers are passive games that take advantage of basic human psychology to suck you in, and they're totally unashamed of that. As long as you're aware that this game has been created to take hold of your brain and leave you perfectly content to... | Read more »
Smile Inc. Guide: How not to die on the...
As if Mondays weren't bad enough, at Smile Inc. you have to deal with giant killer donuts, massive hungry staplers, and blasting zones. It's not exactly a happy, thriving work environment. In fact, you'll be lucky to survive the nine to five.... | Read more »
Oh...Sir! The Insult Simulator (Games)
Oh...Sir! The Insult Simulator 1.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0 (iTunes) Description: | Read more »
WitchSpring2 (Games)
WitchSpring2 1.27 Device: iOS Universal Category: Games Price: $3.99, Version: 1.27 (iTunes) Description: This is the story of Luna, the Moonlight Witch as she sets out into the world. This is a sequel to Witch Spring. Witch Spring 2... | Read more »
4 popular apps getting a Halloween makeo...
'Tis the season for all things spooky. So much, so, in fact, that even apps are getting into the spirt of things, dressing up in costume and spreading jack o' lanterns all about the place. These updates bring frightening new character skins, scary... | Read more »
Pokémon GO celebrates Halloween with can...
The folks behind Pokémon GO have some exciting things planned for their Halloween celebration, the first in-game event since it launched back in July. Starting October 26 and ending on November 1, trainers will be running into large numbers of... | Read more »

Price Scanner via

Worldwide Smartphone Shipments Up 1.0% Year o...
According to preliminary results from the International Data Corporation (IDC) Worldwide Quarterly Mobile Phone Tracker, vendors shipped a total of 362.9 million smartphones worldwide in the third... Read more
TuneBand Arm Band For iPhone 7 and 7 Plus Rel...
Grantwood Technology has added the TuneBand for iPhone 7 and 7 Plus to its smartphone armband series. The TuneBand provides a lightweight and comfortable way to wear the iPhone while running,... Read more
1.4GHz Mac mini on sale for $449, save $50
Adorama has the 1.4GHz Mac mini on sale for $50 off MSRP including free shipping plus NY & NJ sales tax only: - 1.4GHz Mac mini (Apple sku# MGEM2LL/A): $449 $50 off MSRP To purchase a mini at... Read more
21-inch 1.6GHz iMac on sale for $999, save $1...
B&H has the 21″ 1.6GHz Apple iMac on sale for $999 including free shipping plus NY sales tax only. Their price is $100 off MSRP. Read more
Macs’ Superior Enterprise Deployment Cost Eco...
IBM’s debunking of conventional wisdom and popular mythology about the relative cost of using Apple Mac computers as opposed to PCs running Microsoft Windows at the sixth annual Jamf Nation User... Read more
12-inch WiFi Apple iPad Pros on sale for $50-...
B&H Photo has 12″ WiFi Apple iPad Pros on sale for $50-$70 off MSRP, each including free shipping. B&H charges sales tax in NY only: - 12″ Space Gray 32GB WiFi iPad Pro: $749 $50 off MSRP -... Read more
Apple refurbished 12-inch 128GB iPad Pros ava...
Apple has Certified Refurbished 12″ Apple iPad Pros available for up to $160 off the cost of new iPads. An Apple one-year warranty is included with each model, and shipping is free: - 32GB 12″ iPad... Read more
Apple refurbished iPad minis and iPad Air 2s...
Apple recently dropped prices on several Certified Refurbished iPad mini 4s and 2s as well as iPad Air 2s. An Apple one-year warranty is included with each model, and shipping is free: - 16GB iPad... Read more
MacHTTP-js Preview Full-featured Web Server f...
MacHTTP.Org has released MacHTTP-js Preview for macOS, a full-featured Web server for 21st Century desktops and servers. MacHTTP-js is a modern take on the classic stand-alone, desktop computer Web... Read more
Samsung Galaxy Tab A 10.1 with S Pen Makes US...
Samsung Electronics America, Inc. has announced the release of the Galaxy Tab A 10.1 with S Pen in a highly mobile, lightweight tablet. “With an embedded S Pen, consumers can discover more ways to... Read more

Jobs Board

*Apple* Retail - Multiple Positions - Apple,...
Job Description: Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
Software Engineering Intern: UI Applications...
Job Summary Apple is currently seeking enthusiastic interns who can work full-time for a minimum of 12-weeks between Fall 2015 and Summer 2016. Our software Read more
Security Data Analyst - *Apple* Information...
…data sources need to be collected to allow Information Security to better protect Apple employees and customers from a wide range of threats.Act as the subject Read more
*Apple* Retail - Multiple Positions - Apple,...
Job Description: Sales Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the store, Read more
*Apple* Solutions Consultant - Apple (United...
# Apple Solutions Consultant Job Number: 52812872 Houston, Texas, United States Posted: Oct. 18, 2016 Weekly Hours: 40.00 **Job Summary** As an Apple Solutions Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.