I am building an installable package (.pkg) with PackageMaker 1.1.11 (that's the one that comes with Panther).
The package is for installing things both to /Applications and to some folders in /Library (/Library/StartupItems and a new folder that I'm putting in /Library).
I do (obviously) not choose Overwrite (directory) permissions.
I am putting the whole stuff together as recommended, mirroring the actual directory structure in the folder I am building my package from, choosing a Default Location of /, making it non-relocatable.
I am permissioning my "source" folder in the exact way that I want the files to be later -- mostly root:admin with rwxrwxr-x and rw-rw-r--. (Admins should be allowed to muck around with it, but no one else.)
Now I have two choices: I can either select Admin Authorization or Root Authorization as the Authorization Action.
(No Authorization Required obviously wouldn't do what I want.)
I am unsure which one of the two to choose, and what the effective difference is between them (if any).
Now, no jumping to conclusions here, please folks.
I do know the difference between an admin and the root account.
HOWEVER:The Developer documentation states (under "Authorization, File Ownership, and Permissions"):
It further says:
and:
Now, maybe I am getting this wrong, but it seems to me that this means that there is virtually no effective difference between asking for root or admin authorization in this scenario (the only difference being that according to Table 12-1 in the said documentation, requiring Root Authorization will promt an admin user to enter their password,
whereas requiring just Admin Authorization would not prompt an admin user.
Am I right?
Is that the only difference?
Is it otherwise inconsequential whether I ask for Root or Admin authorization in this scenario?
Help on this is MUCH appreciated.
rop
The package is for installing things both to /Applications and to some folders in /Library (/Library/StartupItems and a new folder that I'm putting in /Library).
I do (obviously) not choose Overwrite (directory) permissions.
I am putting the whole stuff together as recommended, mirroring the actual directory structure in the folder I am building my package from, choosing a Default Location of /, making it non-relocatable.
I am permissioning my "source" folder in the exact way that I want the files to be later -- mostly root:admin with rwxrwxr-x and rw-rw-r--. (Admins should be allowed to muck around with it, but no one else.)
Now I have two choices: I can either select Admin Authorization or Root Authorization as the Authorization Action.
(No Authorization Required obviously wouldn't do what I want.)
I am unsure which one of the two to choose, and what the effective difference is between them (if any).
Now, no jumping to conclusions here, please folks.
I do know the difference between an admin and the root account.
HOWEVER:The Developer documentation states (under "Authorization, File Ownership, and Permissions"):
Even if a package specifies root authorization, a user can authenticate by supplying the administrator password and can then install the software.
(Emphasis by me.)It further says:
If authorization is required, the files are owned by the owner specified in the files archive within the package, regardless of the user and password supplied to complete the authentication.
and:
Authorization should be set to root if any component needs to be set to root.
(Emphasis by me.)Now, maybe I am getting this wrong, but it seems to me that this means that there is virtually no effective difference between asking for root or admin authorization in this scenario (the only difference being that according to Table 12-1 in the said documentation, requiring Root Authorization will promt an admin user to enter their password,
whereas requiring just Admin Authorization would not prompt an admin user.
Am I right?
Is that the only difference?
Is it otherwise inconsequential whether I ask for Root or Admin authorization in this scenario?
Help on this is MUCH appreciated.
rop