Uncategorized – Page 7 – Scripting OS X

All the Articles

While organizing links for my upcoming MacAD.UK presentation, I noticed that there are quite a few series of articles I have written over the past year or so. Some are weren’t quite intended as series but turned into loose sequels. Some were intended as series from the start, but usually turned out longer than intended.

Anyway, while I was organizing links anyway I also created a new page on this site that organizes the series:

Article Series on Scripting OS X

I intend to keep it updated as new articles and series are added.

Enjoy!

Dutch MacAdmins Meeting

The Dutch MacAdmins will meet at the IO Building of the TU Delft on Friday, March 9 from 2pm to 4:30pm. Topics will include the demise of macOS Server and the challenges of the iMac Pro.

If you need more information, join us in the #thenetherlands channel on the MacAdmins Slack.

Show the Installer Log During High Sierra Installation

In previous versions of macOS you could show the installer log during system installation with the keyboard shortcut ⌘L. Since macOS Sierra, much of the system installation process happens on a black screen with a white Apple logo and a progress bar.

On that screen, you can use the keyboard shortcut ⇧⌃⌥⌘W, and it will switch back to traditional UI with the grey window. There you can then use ⌘L to show the log window again.

(Double mouse pointers are because I was running the installer in a VM to record the screen.)

Scripting OS X on micro.blog

I set up a micro.blog for this website. For now, it’ll just cross post the articles posted here. So in addition to Twitter, Facebook and this plain old website, you can now also follow on micro.blog if that is how you roll.

Scripting OS X on micro.blog

MacAD.UK Interview on self-publishing Books

To build up anticipation for their conference, MacAD.UK are posting articles and interviews with the speakers. Today, you can hear me speak about my books and process on self publishing and (seemingly but not really unrelated) how much I like the “Harry Potter” series.

Want to write a book? Armin Briegel Talks Self Publishing macOS and iBooks

And, yes, now it is official, I will speak at MacAd.UK. You will learn the topic in the interview.

Watch the interview and then go get my books!

Whitebox Packages 1.2

Stéphane Sudre’s Whitebox Packages application is the best graphical application to build package installers on macOS. As I mentioned before in my post on updating my books, the app had some problems running on High Sierra.

However, now the latest version (1.2) is available with all the fixes and support for the latest macOS!

MacSysAdmin 2017 Session Video(s)

The video of my MacSysAdmin session: “Scripting Bash” is already online:

MacSysAdmin 2017 Session Documentation (Direct link to video)

Look at the other sessions that have been posted (so far), too! Most of them go online within a day, which is a quite impressive turnaround.

All the links and resources for my session can be found here.

This is my first time presenting and attending MacSysAdmin 2017 and I have to say it is a wonderful conference. I am flattered to be part of this group of amazing speakers as well as all the awesome attendees. It is well organized in a gorgeous (if wet) location (Göteborg).

My thanks to the organizers for putting this together and I hope to return next year.

MacSysAdmin 2017 Presentation

I am attending MacSysAdmin 2017 in Göteborg this week, so posting will be light. However, I have the honor of presenting there on “Scripting Bash”.

The slides and links that go with this presentation can be found here.

Session video is already available here. All the other wonderful and great MacSysAdmin sessions are also (or will be) collected here.

So Long, Cassini, and Thanks for all the Pics!

(Please indulge me while I stray from my usual topics.)

Today the Cassini orbiter will burn up in Saturn’s atmosphere, nearly twenty years after it was launched from Earth and thirteen years after it entered orbit around Saturn.

It makes me terribly sad to see the (physical) end of its mission. But I believe it is better to celebrate what an amazing and mind-boggling mission it has been.

Not only did the Huygens probe land on another planet’s moon, but every time the controllers pointed Cassini’s camera and sensors at something new, it discovered a surprise.

Cassini saw the hexagonal storm on Saturn’s pole. A moon that looks like a dryed out sponge, moons with ridges, hydrocarbon lakes on Titan, water volcanoes on Enceladus, gravity waves in the rings…

The list goes on and on.

And the pictures sent back to Earth kept being utterly beautiful, showing a planetscape and moonscapes vastly different from our terrestrial experience. We could never have imagined the views and features revealed to us by the orbiter’s camera.

But now we can.

This is of course, the point of science and exploration. Where ever humanity starts to explore, we always discover the unexpected.

Cassini, Rosetta, Juno, NewHorizon and all the other probes in space, prove over and over again, that the universe is stranger than we can imagine. But once someone has measured or seen our universe has expanded. We have learned.

After today there will be one spacecraft left in the outer solar system: Juno is orbiting Jupiter and scheduled to be scuttled into the Jovian atmosphere in 2018. NewHorizons has zipped through the Plutonian system and is preparing to meet a small icy body in the Kuiper belt on its way out of the system.

As of now, none of the space agencies are preparing another mission to the outer solar system. There are plans. However, the preparation and travel necessary for these missions requires several years.

Once Juno is scuttled, we will not see new pictures from the outer solar system for at least a decade or more.

This makes me much more sad than seeing the end of this glorious, astounding and wonderful mission.

Thank you, Cassini, and everyone who made this happen!

New Support Articles for High Sierra

Apple has released a few support articles relevant for Mac Administrators:

These contain a few very interesting and useful pieces of information.

System Installation and Upgrades

The article lists four supported methods of installing or upgrading macOS:

the Installer application
a bootable installer
macOS Recovery
NetInstall built with System Image Utility

The article explicitly states installing with Target Disk Mode is not supported. Also it states that “monolithic imaging” is neither supported nor recommended for “upgrading or updating”. The reason given is that firmware updates, which may be required for the new version of macOS, will not be applied with monolithic imaging or installing over Target Disk Mode.

Interestingly enough the article goes on to say that imaging can be used to restore a Mac to the currently installed macOS version. You can build images from/with APFS volumes with Disk Utility/diskutil and System Image Utility.

This is a surprisingly detailed amount of guidance from Apple. It does not matter whether you use “fat imaging” where you capture a fully installed image from an existing installation or “thin imaging” where you create a base system image with some small additional installations with a tool like AutoDMG.

You should not use imaging to upgrade an OS, either major or minor upgrades. You can, however, still use imaging to restore a Mac quickly to the currently installed OS version. Keeping the firmware of the Mac in sync with the OS is the obvious reason, but remember that TouchBar MacBook Pros have a separate firmware/OS for the TouchBar/Secure enclave controller. Also the APFS file system conversion that happens during the macOS High Sierra upgrade rearranges the system volume layout.

If you don’t need to quickly restore Macs often, you should interpret this as the official direction to abandon imaging. You should use one of the supported installation and upgrade methods for the OS and a software management system such as Munki, Jamf Pro, Filewave etc. for the additional software and configuration.

If you are in an environment where you frequently need to quickly restore Macs (classrooms and loaner laptops), then you need two workflows: one to upgrade the OS and firmware, and another for the quick restoration using imaging (which I assume will still work with Target Disk Mode).

Imaging is dead!

(except for some particular use cases)

Some people are already working on extracting the firmware update part from the system image installer and that may be useful for some workflows. But in general it will be less effort and trouble to go with the recommended, supported solutions.

If you need to check if the firmware of a given Mac matches the OS, you can use this table provided by Pepijn Bruienne.

You can see your firmware version in the System Profiler application, it is listed under ‘Hardware’ as ‘Boot ROM Version.’ You can also use the system_profiler command: system_profiler SPHardwareDataType

Secure Kernel Extension Loading

The article on Secure Kernel Extension Loading (SKEL) recaps what we already know from Technical Note TN2459 but has two very interesting additions:

In macOS High Sierra, enrolling in Mobile Device Management (MDM) automatically disables SKEL. The behavior for loading kernel extensions will be the same as macOS Sierra.
In a future update to macOS High Sierra, you will be able to use MDM to enable or disable SKEL and to manage the list of kernel extensions which are allowed to load without user consent.

Once again this provides fairly obvious direction: you should use MDM in some form to manage Macs.

You do not have to use a combined solution for MDM and software management (e.g. Jamf or Filewave) but can combine an MDM with a different management solution (e.g. Munki and/or Chef or Puppet). SimpleMDM and AirWatch are leading with solutions that support installing the client agents over the MDM InstallApplication command, which means you can distribute Munki etc. to Mac clients even over DEP.

APFS

The article on APFS also recaps much of what we already know. However there is one sentence which clarifies when a Mac will be upgraded to APFS and when it will remain on HFS+:

When you upgrade to macOS High Sierra, systems with all flash storage configurations are converted automatically. Systems with hard disk drives (HDD) and Fusion drives won’t be converted to APFS. You can’t opt-out of the transition to APFS.

In other words: spinning disks (including Fusion) remain on HFS+, “pure” SSDs get APFS. You get no choice either way. Since the conversion to APFS seems to contain more that merely the filesystem conversion (APFS system volumes have a different partition layout).

The APFS conversion is another step that will happen when you run the macOS Installer, rather than when you image. Technically you will able to build an APFS macOS image on an SSD Mac and then image that to a Mac with spinning disk, but the result is not supported according to the upgrade article.

It will be interesting to see if Fusion drives will be added to APFS support in a future update. It might be that the parts to support multi-drive APFS aren’t quite ready yet, or that Apple considers the benefits are not worth the effort, and Fusion drives should be considered a fading tech from now on.

Disk Utility can format external drives as APFS, but consider that those will only be readable by Macs with 10.12.6 and 10.13.

Summary

I am sure I missed a lot of pieces, things are still fresh and not even entirely out of beta yet. New workflows and methods will definitely emerge once High Sierra is released. However, now we actually got some specific “dos and don’ts” from Apple. Use these to plan your future workflows and infrastructure. If you have not started testing with the developer beta or public beta yet, now is the time.