search

kc9wwh / macOSUpgrade

Workflow for doing in-place upgrades.
Other
418 stars 103 forks source link

Add the support for package installation #110

Open ecanault opened 5 years ago

ecanault commented 5 years ago

Hi,

A very basic update to add the path of a package file in parameter #10.

Based on v2.7.2.1 of the original script. Main changes are between lines 112-115, lines 381-385, line 388 and line 390.

Regards, Emmanuel

ecanault commented 5 years ago

Hi,

Thanks for reviewing. Agree with you regarding confirmation of existence etc... As said initially it's a "very basic update".

By the way, the use of pkgopt was motivated by personal needs: use macOSUpgrade.sh to erase the Mac and reinstall macOS. After reinstall, a pkg (passed with pkopt) is in charge to remove the computer record from the Jamf Pro server. And I don't want the Mac to be removed from Jamf BEFORE it has been restored.

Regards, Emmanuel

taniguti commented 5 years ago

Hi, Emmanuel,

It's interesting.

You mean you want to remove the computer record after erasing and re-installing it, don't you? I image that the pkg file specified by pkgopt is a payload-free pkg file. It will execute postinstall script.

As you said, you don't want the Mac to be removed from Jamf before it has been restored, you must want to make sure if it has been restored in sucess. I think it is the easiest way is to make the computer report on it to your Jamf Server.

macOSUpgrade.sh has a postinstall script that runs only once to update the record information after installing the OS.

Instead of distributing a pkg file to delete records, it is recommended to call a policy to do that after restore. What I have in mind is a policy that runs a script that calls the API to delete its own computer record. Such a policy works the same as a payload-free pkg file.

You can do this by extending the script defined in $ finishOSInstallScriptFilePath like as following. https://github.com/kc9wwh/macOSUpgrade/blob/master/macOSUpgrade.sh#L283-L296

--- a/macOSUpgrade.sh
+++ b/macOSUpgrade.sh
@@ -109,6 +109,9 @@ fi
 userDialog="$9"
 if [[ ${userDialog:=0} != 1 ]]; then userDialog=0 ; fi

+## Post policy
+policyID="$10"
+
 # Control for auth reboot execution.
 if [ "$versionMajor" -ge 14 ]; then
     # Installer of macOS 10.14 or later set cancel to auth reboot.
@@ -288,6 +291,10 @@ fi
 /bin/sleep 2
 ## Update Device Inventory
 /usr/local/jamf/bin/jamf recon
+## post policy.
+if [ -n "$policyID" ]; then
+    /usr/local/jamf/bin/jamf policy -id "$policyID"
+fi
 ## Remove LaunchAgent and LaunchDaemon
 /bin/rm -f "$osinstallersetupdAgentSettingsFilePath"
 /bin/rm -f "$osinstallersetupdDaemonSettingsFilePath"

I think it takes less time than creating and distributing pkg files. How about that?

Best regards,

takanori

ecanault commented 5 years ago

Hi,

Perhaps I'm missing something, but postinstall script / launchd included in macOSUpgrade.sh can't be used in my case !?

After restore:

Still in work, but have a look here if you want to see how I handle the payload free package with postinstall script: https://github.com/ecanault/scripts/blob/master/s_macOSReinstall_deleteFromJamfPackageMaker

Regards, Emmanuel

taniguti commented 5 years ago

Hi, Emmanuel,

If you delete and reinstall, the jamf binary will also be erased, so you can not use the jamf binary. I'm so sorry I made you confused. I don't consider these obvious and simple things.

The jamf binary has disappeared, and nothing can be done from the Jamf Pro Server without initializing the system.So there seems to be only one way to use "pkgopt" like your first idea.

It would be nice if you could add a part to verify that the pkg file to be installed is appropriate.

Best regards,

takanori