Author: ab
quickpkg update
I updated quickpkg
with a few additions:
Scripts
You can now add pre- and postinstall scripts or an entire folder of scripts.
Ownership
Added an --ownership
parameter that will be passed straight through to pkgbuild
. Usually the default recommended
will be what you want, but it is there if you need it.
Output
There is now a --output
parameter that gives you more control over the location and name of the resulting package.
Bonus Trick
And as a neat trick, you can easily create a droplet for quickpkg
with Automator by following the same instructions as for munkiimport
in this article.
Managed installs of Office 2016 for Mac
An pratical guide on installing and managing Office 2016 for Mac. Includes – common questions, best practices, bugs/fixes, preferences, etc.
Source: Demystify Office 2016 for Mac – Just another tech blog
Control Apple Remote Desktop Access with Munki
Previously, I posted how to ensure SSH access is enabled with Munki. Another favored (though sorely neglected by Apple) tool to remote control Macs is obviously Apple Remote Desktop.
Note: Apple Remote Desktop access is called ‘Remote Management’ in the Sharing Preference Pane. This also includes access for the Screen Sharing application.
We will use a nopkg
setup to control, so we need one script to check wether the configuration needs to be fixed (ard_installcheck.sh
) and a postinstall script to actually do the fixing (ard_postinstall.sh
).
The install check script first tests wether ardagent process is running, wether the “All Users” access option is turned on, and finally wether our user for remote access (clientadmin
in this example, modify for your needs) is in the privileged group.
Paradoxically, the installcheck
has to return 1
when everything is ok. (The actuall install does not have to run so the install is aborted.) If any of the settings aren’t as they should be the script returns 0
(installation needs to proceed) and Munki will run the postinstall
script.
The postinstall
script uses the kickstart
tool to setup ARD the way we want it. (In this example we enable access for two admin accounts clientadmin
and localadmin
, modify to what you need.)
The run makepkginfo to build the pkginfo which tells Munki what to do:
makepkginfo --name=EnableARD \
--displayname="Enable Apple Remote Desktop" \
--pkgvers=1.0 \
--nopkg \
--installcheck_script=ard_installcheck.sh \
--postinstall_script=ard_postinstall.sh \
--unattended-install > EnableARD.pkginfo
(ard_installcheck.sh
and ard_postinstall.sh
need to be in the current working directory, or give the path to the scripts.)
Then copy the pkginfo file to the pkginfo
folder on the munki repository (or a subfolder), add EnableARD
to a manifest and run makecatalogs
.
Run managedsoftwareupdate
on a client that has that manifest configured.
Even if a user changes the “Remote Management” setting, the next time Munki runs in the background it should notice the change and set them back with the postinstall
script.
Introducing `quickpkg`
This tool will quickly and easily build a package from an installed application, a disk image file or zip archive with an enclosed application bundle. It will also extract the application name and version and use it to name the resulting pkg
file.
The tool will look for applications on the first level of the disk image or archive. If it finds no or more than one application it will error.
The name of the resulting package will be of the form {name}-{version}.pkg
. Spaces will be removed from the name. The package will be written to the current working directory.
Get the tool at the quickpkg
repository.
Examples
Build package from installed application:
quickpkg /Applications/Numbers.app
Build package from a disk image:
quickpkg ~/Downloads/Firefox\ 43.0.4.dmg
Build package from a zip archive:
quickpkg ~/Downloads/Things.zip
Background
OS X has had the pkgbuild
tool since Xcode 3.2 on Snow Leopard. With pkgbuild you can directly build a installer package from an application in the /Applications
folder:
pkgbuild --component /Applications/Numbers.app Numbers.pkg
Or even an application inside a mounted dmg:
pkgbuild --component /Volumes/Firefox/Firefox.app \
--install-location /Applications \
Firefox.pkg
This tool even does the work of determining a bundle’s identifier and version and sets the identifier and version of the pkg to the same values.
However, while pkgbuild
does automatically name the package, it does not include the version, which is important when you tracking many versions of the same application. It also doesn’t automatically look into a dmg
file or zip
archive.
quickpkg
vs autopkg
This tool is not meant to replace autopkg
. autopkg
will automate the download, the re-packaging (if necessary) and the upload to and configuration of your client management system. It can also handle much more complex setups than quickpkg
. autopkg
is far superior and should be your tool of choice.
However, there are situations where autopkg
does not work well. The most common reason is if the download cannot be automated because the download page is behind a paywall. Also autopkg
requires a recipe for a given piece of software. If no recipe exists, quickpkg
may be a simple alternative. (Though if quickpkg
works, creating an autopkg
recipe should not be hard.)
Warning
All quickpkg
does is identify an application bundle and package it in a way that the package will install that application bundle into the /Applications
folder. If the application needs other files (libraries, frameworks, configuration files, license files, preferences etc.) to run and work they are your responsibility.
Creating a Droplet for munkiimport
You can use Automator to build an applet for munkiimport
. Then you can just drag and drop pkgs, dmgs and Applications on it to import them.
However, can’t just use do shell script
since munkiimport
will prompt for some extra information. Instead you can use Terminal’s command do script
. While do shell script
will execute then given command quietly in the background, do script
will open a new Terminal window and run the given command – just what we need.
Open Automator and create a new workflow. Choose ‘Application’ as the template. This template will accept files and folders dropped on it. Add a ‘Run AppleScript’ action and fill in the following code:
on run {input, parameters} repeat with x in input tell application "Terminal" do script "munkiimport" & space & quoted form of POSIX path of (x as alias) end tell end repeat return input end run
Then save the Automator applet as ‘MunkImport’. (or whatever suites you)
The downside of do script
versus do shell script
is that you cannot receive and process the result.
Copy all Safari tabs to Notes.app
I had previously posted about one of my oldest but still frequently used scripts which gathers all tabs from a window into a text list to be pasted in an email or something like that.
I have recently adapted that script to do something new. This new script will gather the tabs in the frontmost Safari window and create a note in the Notes app with all the links (then, presumably, you would want to clean out and close most of the tabs)
Also I learned that the Safari tabs from all your Macs and iOS devices are stored in the `~/Library/SyncedPreferences/com.apple.Safari.plist` and extended the script to read that instead of grabbing them directly from Safari:
To use it is probably easiest to enable the Script menu (in Script Editor > Preferences) and drop the scripts in the `~/Library/Scripts/Applications/Safari` folder.
MacID adds Scripting Support
MacID is a very useful application which automatically locks a Mac when a paired iOS device moves out of range. It will also offer to unlock the Mac using Touch ID on the device, but I use that part less than I would expect. (You can also unlock with Apple Watch, which is cool.)
The latest update adds scripting support:
You can now extend MacID by dropping AppleScript text files (they MUST be exported as text files) into onSleep, onLock, onWake, onUnlock directories in ~/Application Support/MacID/. MacID will execute these scripts at the respective event. For example, you could pause iTunes when your Mac locks, and resume playing when your Mac unlocks.
To try this, I created a simple AppleScript
tell application "iTunes"
pause
end tell
and saved it as a text AppleScript document in the onUnlock
folder. Works as expected!
Typefaces for Terminal and text editing
Many users on Twitter pointed out a new typeface designed for terminals and text editors called Hack. It looks nice but I thought I’d make a list of other useful open source typefaces:
-
Source Code Pro from Adobe is designed for code editing. This is my favorite and I have set it in Terminal and BBEdit. It has many different weights, italics, and also related typefaces Source Sans Pro and Source Serif Pro in case you want proportional typefaces as well. These are regularly updated with minor improvements and new glyphs.
-
Courier Prime is an improvement on the standard Courier typeface. There are also sans serif and code versions available.
-
Hack is the new typeface which inspired this post. The characters seem much larger than similar fonts at the same point size, but according to the page that is intentional.
Hack will be nice to have around, but for now Source Code Pro remains my favorite.
(If you, like me, are curious when to use ‘typeface’ vs ‘font’ then read this helpful article.)
Mount a dmg off a web server
I saw this project by Douglas Nerad which stream lines the bootstrapping installation of Munki, so that you can do it while booted from the Recovery partition. This is useful to inject munkitools on a new Mac without having to go through setting up a user.
The read me recommends to put the script and other resources on a USB key, which works fine, as long you have only one USB key. If you have to share this tool among multiple admins keeping the keys up to date (and in your pocket) can be a pain.
If you put all the resources and the script in an dmg file on a web server, you can run
hdiutil attach http://webserver/path/to/InstallThis.dmg
and then run scripts and installer pkgs from the attached volume.
installer -pkg /Volumes/InstallThis/munkitools2-latest.pkg /Volumes/InstallThis/setupEverything.sh
Note that you cannot run python scripts from the Recovery partition. It is best to use shell or bash scripts.