Opened 20 months ago
Last modified 8 months ago
#66878 new defect
Crowdstrike (security scanner) freaks out when the package installer runs — at Initial Version
| Reported by: | chrisridd (Chris Ridd) | Owned by: | |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | base | Version: | 2.8.1 |
| Keywords: | Cc: | ||
| Port: |
Description
Our IT folks use some software called Crowdstrike to protect our Macs.
I don't know if the package installer script has changed recently, or if Crowdstrike's become more sensitive, but installing the MacPorts-2.8.1-13-Ventura.pkg just now caused Crowdstrike to freak out and kill the script.
Maybe there's another way to do what the installer's doing without upsetting Crowdstrike? Or maybe MacPorts can ask Crowdstrike to whitelist this particular script?
I am attaching a screenshot of the Crowdstrike error.
The script it is complaining about is this:
/bin/sh -c if test -n "/usr/bin/dscl" -a -n "/usr/sbin/dseditgroup" ; then if ! /usr/bin/dscl -q . -read "/Groups/macports" > /dev/null 2>&1 ; then if test `id -u` -eq 0; then echo "Creating group \"macports\"" ; /usr/sbin/dseditgroup -q -o create "macports" ; else echo "Not creating group \"macports\" (not root)" ; fi ; fi ; if ! /usr/bin/dscl -q . -list "/Users/macports" > /dev/null 2>&1 ; then if test `id -u` -eq 0; then echo "Creating user \"macports\"" ; NEXTUID=501; while test -n "`/usr/bin/dscl -q /Search -search /Users UniqueID $NEXTUID`"; do let "NEXTUID=NEXTUID+1"; done; /usr/bin/dscl -q . -create "/Users/macports" UniqueID $NEXTUID ; /usr/bin/dscl -q . -delete "/Users/macports" AuthenticationAuthority ; /usr/bin/dscl -q . -delete "/Users/macports" PasswordPolicyOptions ; /usr/bin/dscl -q . -delete "/Users/macports" dsAttrTypeNative:KerberosKeys ; /usr/bin/dscl -q . -delete "/Users/macports" dsAttrTypeNative:ShadowHashData ; /usr/bin/dscl -q . -create "/Users/macports" RealName MacPorts ; /usr/bin/dscl -q . -create "/Users/macports" Password \* ; /usr/bin/dscl -q . -create "/Users/macports" PrimaryGroupID $(/usr/bin/dscl -q . -read "/Groups/macports" PrimaryGroupID | /usr/bin/awk '{print $2}') ; /usr/bin/dscl -q . -create "/Users/macports" NFSHomeDirectory "/opt/local/var/macports/home" ; /usr/bin/dscl -q . -create "/Users/macports" UserShell /usr/bin/false ; else echo "Not creating user \"macports\" (not root)" ; fi ; fi ; if test "$(/usr/bin/dscl -q . -read "/Users/macports" NFSHomeDirectory)" = "NFSHomeDirectory: /var/empty" ; then if test `id -u` -eq 0; then echo "Updating home directory location for user \"macports\"" ; /usr/bin/dscl -q . -create "/Users/macports" NFSHomeDirectory "/opt/local/var/macports/home" ; else echo "Not updating home directory location for user \"macports\" (not root)" ; fi ; fi ; if test "22" -eq 8 -a `id -u` -eq 0; then GID=`/usr/bin/dscl -q . -read "/Groups/macports" PrimaryGroupID | /usr/bin/awk '{print $2}'` ; if test "`/usr/bin/dscl -q . -read "/Users/macports" PrimaryGroupID 2>/dev/null | /usr/bin/awk '{print $2}'`" != "$GID"; then echo "Fixing PrimaryGroupID for user \"macports\"" ; /usr/bin/dscl -q . -create "/Users/macports" PrimaryGroupID $GID ; /usr/bin/dscl -q . -create "/Users/macports" RealName MacPorts ; fi ; fi ; else echo "Can't find /usr/bin/dscl / /usr/sbin/dseditgroup, not creating user \"macports\"" ; fi
Change History (1)
Changed 20 months ago by chrisridd (Chris Ridd)
| Attachment: | crowdstrike.png added |
|---|
Note: See
TracTickets for help on using
tickets.
Screenshot of the Crowdstrike alert