In day-to-day support work, installing and removing macOS apps quickly, and cleanly, prevents repeat tickets and saves users time. It also shows up directly on the CompTIA A+ Core 2 (220-1202) exam, in Domain 1, Objective 1.8, which tests how well you manage application setup and removal on a desktop OS. If you can explain what happens behind a simple drag-and-drop install, you'll troubleshoot faster and with fewer guesses.
This guide covers how macOS apps get installed through the App Store and through common file types (.dmg, .pkg, and .app). You'll learn what each format usually contains, what user actions are expected, and what macOS prompts mean during installation.
Just as important, you'll learn safe uninstallation methods, including when dragging an app to the Trash is enough, and when it leaves items behind. Besides removing the main app, you'll also learn how to check for common leftovers like support files, launch items, and settings that can cause conflicts later.
Steps can look a little different across recent macOS versions, however the core ideas stay the same.
macOS App Files
CompTIA A+ 220-1202 (Core 2), Domain 1, Objective 1.8 expects you to recognize common macOS app installer file types and explain safe installation basics. In practice, these formats affect where an app lives, what it can change on the system, and how cleanly you can remove it later. A quick read of the file type often tells you what steps to take, and what prompts are normal.
Before you click anything, treat the installer like a package label. It usually tells you whether you are getting a simple app bundle, a disk image wrapper, or a full installer that can place files across macOS.
To make the differences easy to scan, here is the quick comparison:
| File type | What it is | Typical install action | Where the app ends up | Common next step |
|---|---|---|---|---|
.app | App bundle (a folder that macOS shows as one icon) | Drag to Applications (or run directly, short-term) | /Applications or ~/Applications | Grant needed permissions at first launch |
.dmg | Disk image that mounts like a drive | Open, then drag .app to Applications | /Applications or ~/Applications | Eject the mounted image in Finder |
.pkg | Installer package run by Apple Installer | Guided setup, may require admin | Multiple locations possible | Look for receipts or uninstallers later |
The takeaway: the more "installer-like" the format, the more system-wide changes it can make, and the more you should slow down and read prompts.
.app files, what they are and where they belong
A .app file is not a single file in the usual sense. It is an application bundle, which is a folder that macOS presents as one app icon. Inside that bundle are the app's executable, frameworks, and resources. Because the bundle is self-contained, many macOS apps install with simple drag-and-drop.
Most users should store apps in one of these locations:
/Applications(available to all users on the Mac)~/Applications(only for the current user, if that folder exists)
Running an app from Downloads works, but it is a poor long-term habit. The Downloads folder is a transit area, not a home. Files there get cleaned up, renamed, and duplicated. In addition, macOS may treat apps launched from Downloads as more suspicious, because that location is common for newly downloaded items.
A typical .app install looks like this: you download an app that already ends in .app, then you drag it into Applications. After that, you launch it from Applications, Spotlight, or Launchpad. If you keep launching the copy in Downloads by mistake, you can end up with two versions of the same app, which makes troubleshooting updates and settings harder.
When you first open a new .app, macOS may show common prompts. These are normal when they match what the app does:
- A warning that the app was downloaded from the internet, and you must confirm you want to open it.
- A request to access files in Documents, Desktop, Downloads, Photos, Contacts, Calendar, or the microphone and camera.
- A prompt to allow network access, especially for browsers, chat apps, and backup tools.
A good rule: an app should only ask for access that matches its purpose. A PDF reader asking for Contacts access is a reason to pause.
.dmg files, why macOS mounts them like a drive
A .dmg file is a disk image. Think of it as a virtual disk container that Finder can mount as a temporary volume. When you double-click a DMG, macOS verifies it, then shows it as a mounted drive in Finder's sidebar. Vendors use DMGs because they are easy to download and they can present a tidy install window with the app icon and an Applications shortcut.
The normal DMG flow is consistent across most macOS versions:
- Open the
.dmgfile, then wait for it to mount in Finder. - In the window that appears, drag the
.appicon into theApplicationsfolder shortcut (or into/Applicationsin another Finder window). - Confirm any prompt that asks to copy the item.
- Eject the mounted DMG volume (right-click the volume in Finder, then choose Eject).
- Delete the original
.dmgfrom Downloads after you confirm the app runs from Applications.
Ejecting matters because you do not want to run the app from the mounted image. If you launch from the DMG, the app may fail to update, and it can break if the DMG is not mounted later. Also, leaving many images mounted clutters Finder and can confuse less experienced users.
A short caution is warranted here because DMGs often get abused for fake installers. Keep it simple and look for signals that something is off:
- The volume name looks odd (misspellings, random characters, or "Installer Final 2024" style names).
- The window contains extra files like scripts, command files, or "RunMe" items that are not clearly explained.
- You get an unexpected password request before you even drag the app to Applications.
- The DMG opens, but the "app" is really another installer or a document that tells you to override security settings.
In other words, a DMG should usually behave like a clean shipping box. It should not demand credentials just to hand you the app.
.pkg installers, when you should expect a guided setup
A .pkg file runs Apple's Installer app. Unlike a simple .app bundle, a PKG can place files in multiple locations across macOS. That includes /Applications, system libraries, kernel or system extensions (when applicable), fonts, printers, drivers, and background services.
Because PKGs can affect the system more broadly, the install experience is guided. You should expect:
- A welcome screen that names the software.
- A license agreement screen.
- A destination selection screen (for example, install for all users, or choose a drive).
- A progress bar and summary at the end.
- An admin username and password prompt when system locations are involved.
That password request is often legitimate, because writing to protected folders requires elevated rights. Still, you should read what you are approving. Many enterprise tools, VPN clients, security software, printer suites, and device management agents use PKG installers for good reasons.
Support teams care about PKGs because they often install more than the app you click. For example, a VPN client might add a menu bar helper, a network extension, and launch items that start at login. Similarly, audio tools may install device drivers or background processes. As a result, uninstalling is not always "drag the app to Trash."
PKG installs also matter because macOS keeps records that can help later. Depending on the vendor, you may see:
- A dedicated uninstaller app placed in
/Applicationsor inside the app's folder. - A vendor uninstall script in a support folder (common in business tools).
- An installer receipt stored by macOS, which helps the system track what was installed.
If you are troubleshooting a stubborn app or a recurring background process, remembering "this came from a PKG" helps you search in the right places later.
Quick safety checks: source, signatures, and permissions
Most safe installs come down to three ideas: where you got it, whether macOS trusts it, and what access it asks for. You do not need to be a security expert to do these checks, and you do not need to treat every installer as a threat.
First, choose a reliable source. Prefer the Mac App Store or the vendor's official site. If you found the download through a pop-up ad, a "Your Mac is infected" page, or a file-hosting mirror, stop and back out. Those routes are common causes of unwanted add-ons and fake installers.
Next, understand Gatekeeper at a high level. Gatekeeper is the macOS feature that checks downloaded apps before they run. It relies on two related concepts:
- Code signing: the developer signs the app to prove who built it.
- Notarization: Apple scans the app and records that it passed automated checks.
When something fails these checks, macOS may block the app or show a warning. In many cases, that warning is a helpful signal, not an inconvenience to override.
Finally, pay attention to prompts during install and first launch. Some permission requests are expected, but the pattern should make sense. For example:
- A screen recorder asking for Screen Recording permission is normal.
- A cloud backup tool asking for Full Disk Access can be normal, because it must read many folders.
- A simple wallpaper app asking for Full Disk Access is not a good sign.
Also watch for timing. A drag-and-drop .app should not ask for an admin password just to copy into your user Applications folder. A PKG may ask, but it should clearly explain what it is installing.
The bottom line is practical: slow down when an installer asks for more power than it needs. Most bad installs succeed because people click through prompts without reading them.
Install apps the right way: App Store, disk images, and packages
CompTIA A+ 220-1202 (Core 2), Domain 1, Objective 1.8 expects you to explain how macOS apps install and uninstall, including App Store installs and common installer types like .dmg and .pkg. In real support work, the "right way" matters because it reduces update issues, avoids duplicate app copies, and leaves a clearer trail when you need to troubleshoot later.
Different install methods also create different support outcomes. App Store apps usually update cleanly and keep consistent records. DMG installs depend on whether the user copied the app correctly. PKG installs can add background components, which changes both troubleshooting and removal.
Installing from the Mac App Store, the simplest path
The Mac App Store is the most predictable install method. Apple ties the install, licensing, and updates to an Apple Account (Apple ID). That link helps when you need to re-install quickly on the same Mac, or after a device replacement.
A simple workflow keeps things orderly:
- Open App Store.
- Use Search to find the app, then select it to review the developer name and details.
- Click Get or the price button, then authenticate if prompted.
- Wait for the install to finish, then open the app from Launchpad, Spotlight, or
/Applications.
Updates are also centralized. Open the App Store and check Updates (or the account area, depending on macOS version). If Automatic Updates are enabled in System Settings, macOS installs updates with little user effort. This reduces version drift across devices.
Re-downloads are handled through your account history:
- Go to the App Store account area and look for Purchased.
- Find the app, then click the download icon to install again.
In support scenarios, App Store installs are easier to manage because updates, re-downloads, and ownership are handled in one place, with fewer "which file did you click?" problems.
Installing from a .dmg, the common drag-and-drop method
A .dmg acts like a temporary drive. The goal is to copy the app out of the disk image and into Applications, then run it from there. If you skip that copy step, you may end up launching the app from the mounted image, which often breaks updates and shortcuts.
Use a clean sequence each time:
- Download the
.dmg(prefer the vendor's official site). - Double-click the file to open it.
- Confirm it mounted by checking Finder's sidebar for the new volume.
- Drag the app icon into Applications (use the shortcut in the DMG window, or open
/Applicationsin another Finder window). - Launch the app from Applications, not from the DMG.
- Eject the mounted disk image in Finder.
- Delete the downloaded
.dmgfrom Downloads after you confirm the app opens.
If macOS blocks the app, treat that as a signal to pause.