Peek inside installers

Have you ever downloaded a file that uses an installer, and wondered just what that installer might install? I download a lot of software to test, and I’m quite cautious when I come across that rare download that wants to run an installer—exactly what is it going to put on my machine, and where is it going to be saved? Sometimes it’s nice to know these things before you install, in case what you see is scary enough to get you to change your mind.

As an example, consider Snapz Pro X, my all-time-favorite image and movie capture utility. To do its magic, Snapz Pro relies on an audio system extension that lets it capture Mac audio with a movie capture. To see exactly what extensions it will install, you can use a bit of Terminal trickery (it is Geeky Friday, after all) to peek inside the installer—before you run it. Note that the following steps should work for any program that uses an installer; Snapz Pro was chosen as an example simply because I had the installer package on my hard drive already.

Once you’ve downloaded the program that uses an installer, expand the archive and mount the disk image. You should then see some sort of .pkg file on the disk image—in the case of Snapz Pro, the file is named Snapz Pro X 2.0.3 Installer.pkg . Control-click on this file and choose Show Package Contents from the pop-up menu. The Finder will open a new window showing, amongst other things perhaps, a Contents folder; just leave it as is for a second.

You now want to open the Contents folder in Terminal. Terminal pros, I’ll let you do your own typing. For everyone else, open Terminal (in /Applications -> Utilities) and type cd, then press the Space Bar. Now drag and drop the Contents folder from the Finder onto the Terminal window. You should see something like this when you release the mouse button:

cd /Volumes/Snapz Pro X 2.0.3/Snapz Pro X 2.0.3 Installer.pkg/Contents/

Now just press Return, and you’ll cd into the Contents folder. Once there, you can see the files by typing ls and pressing Return:

	$ ls

Archive.bom Archive.pax.gz Info.plist PkgInfo Resources

There are two ways to peek inside the installer’s files. The first is quite simple; just type this command:

lsbom Archive.bom | more

This will show every file that will be installed, along with some trailing numerical data. I find, though, that the trailing numbers make this output much harder to read. As such, I prefer this alternative method, which looks inside the actual archive that holds the files to be installed. Those files are held in the Archive.pax.gz file. To take a peek inside, use this command:

gzip -cd archive.pax.gz | pax | more

When I run this command on Snaz Pro’s archive, here’s what I see:


This list continues for screen after screen, one line for each file or folder that will be created by the installer. The first section is all related to the application bundle, but down near the bottom, you can see where the Snapz Pro extension will be installed:


If you’d rather dump the installer’s files into a text file, so you can use a text editor to view the output, use this command:

gzip -cd archive.pax.gz | pax > ~/Desktop/installfiles.txt

That will create a file named installfiles.txt on your desktop, which you can then open in TextEdit, BBEdit, etc.

How it works

So now you know how to use the command; here’s how it works, in case you’d like to understand a bit more about what’s going on. The first part of the command, gzip -cd archive.pax.gz, runs the gzip program, which can be used to compress or expand files and folders. The -cd options tell gzip to send the output to stdout, leaving the original files untouched (that’s the c option). The d flag tells gzip that we want to decompress the named file. So the first command expands the file, but does so only to the screen, leaving the archive itself untouched.

The next portion of the command, | pax, sends the output of gzip (via the first pipe symbol ( | )) to pax. And what is pax ? This program reads and writes file archives. When run with no options, it accepts an archive file from standard input, which is (you guessed it) the screen, and writes a table of contents of that archive back to the screen.

The final portion of the command, | more, merely enables paging so that you’ll see a screenful of the list at a time.

Other compression methods

You can peek into other forms of compressed folders as well. Here are variants for .tgz, .tar.gz, and .tar archives:

	$ tar tvzf file.tgz

$ tar tvzf file.tar.gz
$ tar tvf file.tar

I now use this command as a matter of habit whenever I’m installing a program that uses an installer; I like the idea that I know what’s going where before anything’s been done.

Shop Tech Products at Amazon