Script to install unsigned packages on Mac

In this doc, you will learn how to install an unsigned package on Mac using scripts.

An unsigned package (PKG) refers to a software package that has not been digitally signed by the developer or a recognized certificate authority. Digital signatures are cryptographic certificates that verify the authenticity and integrity of software. When a package is signed, it indicates that the software comes from a trusted source and has not been tampered with.

Sometimes, IT admins need to deploy specialized development tools in the form of open-source software distributed as packages that may or may not be signed. These tools, such as advanced debugging libraries, specialized testing frameworks, beta software versions, and others, are essential for effective software development. By utilizing the script provided below, IT administrators can install unsigned packages on Mac using Hexnode’s ‘Execute Custom Script’ action.

Deploying a script to install unsigned package on Mac

The script provided below will deploy and install an unsigned package on a Mac:

The script utilizes the ‘curl’ command to download a macOS package from a specified URL and saves it in the ‘/tmp’ directory. Replace with the name the downloaded unsigned package should be saved as. Subsequently, the ‘installer’ command is employed with administrative privileges to install the downloaded package on the Mac. ‘-verboseR’ is used to provide detailed information during the installation process. The ‘-target /’ option specifies the root directory as the installation location, indicating that the package will be installed system-wide.

What happens at the device end?

After executing the script, the unsigned application package will be silently installed on the Mac and the app icon will appear in the Applications folder in Finder.