Awesome
bomutils
Open source tools to create bill-of-materials files used in Mac OS X installers
bomutils are a set of tools to create Mac OS X installer packages on foreign OSes (Windows, Linux, etc.). These tools can be used as part of the cross-compilation process. In particular, it includes an open source version of the mkbom tool which on macOS is distributed as a closed-source Developer Tool.
[!CAUTION] This project has matured and is not being actively maintained.
Please note that, while bomutils still produce and consume valid BOM formats as of 2024, there is no guarantee for security updates, bug fixes, added features or support for future formats to appear in this repository.
Build Instructions
- On UNIX-like OSes, compile the code by executing:
make all
;
on Mingw64 for Windows, usemake -f Makefile.win all
instead;
there is no support for a native Windows build. - Tools become available in the
build/bin
directory after the build. - Install the tools by executing the install target on the same Makefile as a privileged user.
Usage
To create a Bom file on UNIX type OSes, follow these steps:
- Put the installation payload into a directory, e.g.
pkgdir
- Use mkbom to create the Bom file by invoking
mkbom -u 0 -g 80 pkgdir Bom
Docker
A Dockerfile
is provided so that you can build a Docker image with:
make docker-image
This will build a local Docker image called bomutils
:
$ docker images | egrep '^REPO|bomutils'
REPOSITORY TAG IMAGE ID CREATED SIZE
bomutils latest b337a65c9450 4 minutes ago 7.18MB
Here's an example of running mkbom
and lsbom
using this image:
$ docker run -it --rm -v $(pwd):/pwd -w /pwd bomutils mkbom src/ Bom
$ docker run -it --rm -v $(pwd):/pwd -w /pwd bomutils lsbom Bom
. 40755 0/0
./bom.h 100644 0/0 4326 3041715736
./crc32.cpp 100644 0/0 4744 188989394
./crc32.hpp 100644 0/0 1042 3230108458
./crc32_poly.hpp 100644 0/0 4609 3805068363
./dumpbom.cpp 100644 0/0 11885 2443865403
./ls4mkbom.cpp 100644 0/0 1851 4279638821
./lsbom.cpp 100644 0/0 14439 3082545787
./mkbom.cpp 100644 0/0 17568 1328881612
./printnode.cpp 100644 0/0 3719 3615238253
./printnode.hpp 100644 0/0 1098 2509017999
Note that the Docker image itself comes with a Bom
(why not?), which you can inspect with:
$ docker run -it --rm bomutils lsbom /Bom
. 40755 0/0
./usr 40755 0/0
./usr/bin 40755 0/0
./usr/bin/dumpbom 100755 0/0 1771008 3672370744
./usr/bin/ls4mkbom 100755 0/0 1766912 2953923935
./usr/bin/lsbom 100755 0/0 1783296 1267751980
./usr/bin/mkbom 100755 0/0 1857056 3038373640
Documentation
For full documentation it is best to follow the tutorial at http://hogliux.github.io/bomutils/tutorial.html
Acknowledgments
Joseph Coffland and Julian Devlin for initial contributions. Baron Roberts for numerous improvements (symlink support, code clean-up, ...)
Contact
@hogliux