Weekly News Summary for Admins — 2020-09-18

Update season has started. After the event on Tuesday, where Apple announced new Watches and iPads, iOS 14 shipped on Wednesday, giving developers and admins less than 24 hours advance warning and probably the shortest lived GM ever.

We also got macOS Big Sur beta 7 and new betas for iOS 14.2 and siblings.

The future releases of hardware and software this year should remain interesting. I expect at least two more events like this, one focussing on the new iPhones and the other for a new Apple Silicon Mac (or more). I would also guess that we will get the “missing” iOS 14.1 with the new iPhones, and 14.2 shortly after.

The reason this newsletter is a bit later than usual, is that I was finishing recording and editing my presentation for MacSysAdmin Online to submit it today, just in time for the deadline. This is the second presentation for a major MacAdmin conference that I recorded and finished this month. It feels strange that neither of these presentations will be streamed until October, but I am very much looking forward to when you get to see them and all the other presentations from both conferences.

Virtual JNUC 2020 is happening September 29 through October 1. My session will be on “Scripting Jamf Pro: Best Practices” on Oct 1 at 11am CDT (18:00 Central European). There will be a live Q&A during and after the session. You can still register for free.

The MacSysAdmin Online will be later in October. Participation will be free, but you can support the team by buying the MacSysAdmin Online T-Shirt, which will also enroll you in an exclusive giveaway raffle.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

Apple Event: Time Flies

News and Opinion

macOS 11 Big Sur and iOS 14

MacAdmins on Twitter

  • Mr. Macintosh: “I’m hearing that the Jamf Pro 10.24 beta Big Sur fixes are in 10.24.1. Official support will be listed in the patch notes of 10.25 (not sure on 10.25 version numbering). 10.24.1 = Big Sur compatible. 10.25 = Big Sur official supported version.”
  • Andreas Schenk: “Using an iPad as an additional screen for macOS with sidecar seems to still deliver notifications from iPadOS, even if macOS is in DND mode. So if you happen to run a presentation using sidecar, first set the iPad to do not disturb, then use sidecar.”

Bugs and Security

Support and HowTos

Scripting and Automation

Apple Support

Updates and Releases

To Listen

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-09-11

Apple has announced an event next week September 15, 10am PDT. They have seeded many people in the press and on social media with the information that there will be no iPhones at this event. Expectations are for a new watch and iPad Air.

A new watch will likely require watchOS 7, which will require iOS 14, so the Apple systems upgrade season will start soon after this event. If previous years can be used to extrapolate (not at all certain this year) the iOS system upgrades could be available Friday, September 18 or September 25.

I am not concerned at all about no iPhones or Macs at this event. These will probably be remote, pre-recorded events like they did at WWDC. Apple can easily do multiple of these events until well into October, giving every product full attention.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

Headlines

News and Opinion

macOS 11 Big Sur and iOS 14

macOS Catalina 10.15 and iOS 13 Updates

MacAdmins on Twitter

  • Arek Dreyer: “On your Mac, you can Option-Click the Notification Center icon to toggle Do Not Disturb.”
  • Arek Dreyer: “A bunch of Apple Reference and User Guide pages now have a ”Search the user guide” field, nice!”
  • Nathaniel Strauss: “Still true in Big Sur beta 6. Apple privacy/security team won a stupid fight… and everyone else lost. PPPC is needlessly confusing for most people. Schools won’t use Big Sur for at least 4–6 months after release. What a mess.” (More info from Michael Tsai)
  • Corey Quinn: “Myth: Companies are accelerating their cloud migrations due to COVID19. Fact: Companies are suddenly making better decisions since their executives aren’t being exposed to enterprise software ads in airports.”

Bugs and Security

Support and HowTos

Scripting and Automation

Apple Support

Updates and Releases

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

macOS Version Big Sur Update

Versioning software is a surprisingly difficult task. The version number conveys technical information: how much change can you expect and might it break existing workflows and data? Users will be more willing to pay for a major upgrade with new features, so the version number is used as a marketing tool. But for developers and MacAdmins, the version number has to be as granular as possible, ideally with a different number for each build made.

Because of these, sometimes opposing, interests, it is no wonder that versioning is often a problem for MacAdmins.

A brief history of the Mac operating system versions

Before the “Mac OS” label, the Macintosh operating system was called “System 7.” “Mac OS 8”, code-named “Copland,” was supposed to be the new operating system with all the new features, but the project kept slipping and then was cancelled. The “System 7.7” update was then re-named “Mac OS 8” to get Apple out of some third party licensing deals, which were set to expire on version 8. Marketing and legal matters decided the versioning here. (But it wasn’t all just marketing: Mac OS 8 also got the new interface design that had been created for Copland.)

When Apple announced the NextSTEP based major overhaul for the Macintosh in the late nineties, they chose to not give it a different name and new version numbers. Instead they chose to label the new system as “Mac OS X”, where the “X” was read as the roman numeral ten. I assume this was a marketing choice to demonstrate continuity with the previous versions, which had been “Mac OS 8” and “Mac OS 9.”

The first version of Mac OS X had the numerical version number 10.0.0 and got four “updates” to 10.0.4 Then it got the first major “upgrade” to 10.1. This broke with conventional versioning as major upgrades should get a new major number. When “Mac OS X 10.2 Jaguar” was announced at WWDC in 2002, it was obvious that Apple now considered “Mac OS X” a brand and would stick to the 10 in the system version numbers.

With the “Xserve,” the ‘X’ became a moniker to represent Apple’s “professional” or “EXpert” hardware and distinguish them from the ‘i’ prefix used for the consumer friendly devices and software. (iMac, iBook, iPod, iTunes, iMovie, iPhoto, etc.) Later “pro” software tools, such as “Xcode,” “Xsan,” and “Xgrid” picked up that prefix. Confusingly, the leading “X” was pronounced ‘ecks’ and the trailing ‘X’ in “Mac OS X” was still pronounced as ‘ten.’ Or at least that was what Apple marketing insisted it should be called.

In 2012, Apple dropped the “Mac” from the operating system for “OS X Mountain Lion” (10.8) The “X” represented the “pro” nature of Mac platform, as opposed to “iOS” for iPhone and iPad. Apparently, the “X” was considered a stronger brand for “pro” than “Mac” at the time…

This changed when Apple finally dropped the “X-as-ten” and returned the “Mac” with “macOS Sierra” (10.12) in 2016.

Even without the “X” in the system name, the ‘10’ has remained in the version number up to macOS 10.15 Catalina.

(The “X-as-ten” lives on with “Final Cut Pro X” and “Logic Pro X”. The prefix “X” lives on with “Xcode.”)

Big Sur goes to 11

The naming and versioning of the Mac platforms operating system was largely driven by symbolism, marketing and even legal matters. The same is true this year: Apple has finally given up on the “ten” and will raise the major version of macOS to 11.

I have a post on my opinion and reaction to macOS 11. Whatever the reasons, this is the year that we will get macOS 11.

When you go to “About this Mac” on a Mac running the Big Sur beta, it will proudly announce that it is running macOS 11.0. You get the same result when you run sw_vers:

% sw_vers -productVersion
11.0

This seems easy enough, however, there is a catch to this.

10.16 vs 11.0

Big Sur will not always report 11.0 as the macOS version. It might report 10.16 in some cases. These cases are meant for situations where software might just check the second part of the version for version checks.

The rules are detailed in this post from Howard Oakley.

In Big Sur you can force the compatibility mode by setting the SYSTEM_VERSION_COMPAT environment variable to 1:

export SYSTEM_VERSION_COMPAT=1
> sw_vers -productVersion
10.16

Checking the Version

When you have a script that checked the version of macOS (or Mac OS X or OS X), so far it was safe to ignore the first number of the product version and only compare the second. For example to see if macOS was Mojave or newer, you probably would have done something like this:

minorVersion=$(sw_vers -productVersion | awk -F. '{ print $2; }')
if [[ $minorVersion -ge 14 ]]; then
  echo "Mojave or higher"
fi

Now, with the release of macOS 11.0, this setup will return 0 for the minorVersion and fail.

The obvious solution here would be to extract the majorVersion as well and compare that first:

majorVersion=$(sw_vers -productVersion | awk -F. '{ print $1; }')
minorVersion=$(sw_vers -productVersion | awk -F. '{ print $2; }')
if [[ $majorVersion -ge 11 || $minorVersion -ge 14 ]]; then
  echo "Mojave or higher"
fi

This will work well enough, even when the script runs in a setup where it might get 10.16 as the version number. But is not particularly nice to read. Also, when you want to compare update versions, these will be (presumably) the minorVersion for Big Sur and later and the third part of the version number in Catalina and earlier and things will get even more messy quickly.

Maybe there is a better way of doing this than using the product (marketing) version of macOS?

Build Version

As I mentioned earlier, the user visible version may not be granular enough for the needs of developers. And because of this macOS has a second version, called the “build version”

The build version for the current version of macOS Catalina as I am writing this is 19G2021.

> sw_vers -buildVersion
19G2021

You can also see the build version in the “About this Mac” window when you click on the version number.

The build version consists of three parts and a fourth optional one. The first number is the Darwin Version. The following capital letter designates the update. The following number (up to four digits) is the specific build number. Sometimes the build number is followed by a lower case letter.

Darwin Version

This part of the version takes its name from the Darwin core of macOS.

The Darwin Version is number that is increased on every major release of macOS. Mac OS X 10.2 Jaguar was the first release of Mac OS X to consistently report its Darwin Version as 6. From that you can conclude that 10.0 had Darwin version 4 which makes sense, because it was the fourth release of NextSTEP, the operating system Mac OS X is based on.

macOS 10.15 Catalina, has a Darwin version of 19 and Big Sur reports 20.

You can also get the Darwin version in the shell from the OSTYPE environment variable:

> echo $OSTYPE
darwin19.0

But keep in mind that environment variable may not be set depending on the context your script runs in.

A safer way to get the Darwin version is with the uname command:

> uname -r
19.6.0

This Darwin version includes the update information.

Updates

In the build version updates are tracked with a capital letter. The letter A stands for the .0 or first release of a major version. B signifies the second release or first update or .1 release, and so on.

The current Catalina build version starts with 19G so we know it is the seventh release or sixth update to Catalina (10.15.6). The current Big Sur beta starts with 20A so it is the first release or .0 version.

Build numbers

The significance of the build number is most often seen during the beta phase. While the Darwin version and update letter are fixed during the beta phase, the build number increases with every beta release. This is the most granular number we have to determine the version.

For each update and major release the build number starts over, so it can only be used to compare releases for the same major release and update version.

Traditionally, there was a difference between two- and three-digit build numbers and four-digit build numbers. The builds with lower numbers of digits were general release builds, that will run on all Macs that support this version of macOS. The four digit build numbers designated either a security update or a hardware specific build.

Hardware specific builds occur when a new Mac model is released. These usually get a hardware specific build of macOS, since the drivers necessary for the new hardware are not included in the current general release version. Even though the product version numbers of macOS are the same for the general release and the hardware specific release, they have different build numbers.

Usually, the hardware specific drivers are merged into the general release on the next update. However, until the builds are merged, MacAdmins may have to manage hardware specific system installers and workflows for new hardware. This was especially annoying with the release of the 2018 MacBook Pro which had a specific build of 10.13.6 that was never merged into the general 10.13 build. MacAdmins that wanted or needed to support 10.13 had to manage a separate installer for these MacBooks.

Intruigingly, the Big Sur beta is different: its build number started in the 4000s and switched to the 5000s with beta 3.

Special builds

Some releases of macOS have a trailing lower case letter after the build number. This is particularly common during the beta phase. It is unclear what this letter designates exactly. It might designate that the installer application was re-built one or more times.

You can use regular expressions to parse out all the individual pieces of the build version:

if [[ $buildVersion =~ ([[:digit:]]{1,2})([[:upper:]])([[:digit:]]+)(.*) ]]; then
    darwinVersion=$match[1]
    updateLetter=$match[2]
    buildNumber=$match[3]
    specialBuild=$match[4]
else
    echo "couldn't parse build version"
    exit 2
fi

But in most cases, you will not need this level of detail.

Using the Build Version

The build version provides a way to compare macOS system versions that is not subject to the whims of marketing. We can even use it distinguish hardware specific builds of macOS from general versions or determine if security or supplemental updates have been applied.

For most comparisons, we only need the Darwin version and maybe the update.

The Darwin version has had two digits since Mac OS X 10.6 Snow Leopard. It is safe to assume that you won’t be managing Macs running 10.5 Leopard any more. (And if you do, they will probably be “hand-fed” and not subject to your deployment and update automations.) Assuming a two digit Darwin version, we can use string comparison to compare build versions:

# check if Mojave or higher
if [[ $(sw_vers -buildVersion) > "18" ]]; then
...

Since all versions of Mojave start with 18A... they are all alphabetically greater than 18. The same would go if you want to check for a maximum macOS version:

# check if Mojave or earlier
if [ $(sw_vers -buildVersion) < "19" ]; then
...

You can also filter for specific minimum updates:

# check if Mojave 10.14.6 or later
if [ $(sw_vers -buildVersion) > "18E” ]; then
...

By using the build version, we are avoiding all the trouble that the “marketing-driven” build version brings with it.

zsh solution

The above works for sh, bash and zsh scripts. However, when you are using zsh, there is another useful solution. zsh provides a function to compare versions called is-at-least.

When you use zsh in the Terminal interactively, it is probably already loaded, but when you want to use it in scripts, you should use autoload to make sure it is loaded. Then you can use is-at-least this way:

autoload is-at-least
# check for Mojave or higher
if is-at-least 10.14 $(sw_vers -productVersion); then
...

Since both 11.0 and 10.16 are higher than 10.14 this will work no matter what number Big Sur might be reporting, but if you want to check that the system is Big Sur, you want to use 10.16 as the minimum, which covers both possible values:

autoload is-at-least
# check for Big Sur or higher
if is-at-least 10.16 $(sw_vers -productVersion); then
...

Conclusion

The change of the version number in macOS 11 Big Sur might affect or even break some of your system version checking in your deployment and management scripts. There are some nice and easy solutions that are more resilient to changes in the “marketing” product version.

Weekly News Summary for Admins — 2020-09-04

How can it be September already!? Where did the summer go?

Apple’s beta phase is heating up with a new beta release for iOS and macOS. We also got iOS and iPadOS 13.7.

Since Fall is here, so are some more virtual conferences. I will have sessions prepared for Virtual JNUC and MacSysAdmin Online.

Virtual JNUC 2020 is happening September 29 through October 1. You can still register for free.

The MacSysAdmin Online will be later in October. Participation will be free, but you can support the team by buying the MacSysAdmin Online T-Shirt, which will also enroll you in an exclusive giveaway raffle.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

macOS 11 Big Sur and iOS 14

macOS Catalina 10.15 and iOS 13 Updates

Bugs and Security

Support and HowTos

Scripting and Automation

Apple Support

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-08-28

Some great posts from fellow MacAdmins this week. New betas for iOS 14 and iOS 13.7(!) dropped, but none for macOS so far.

Remember that you can still register for Virtual JNUC 2020 for free. you won’t just get to see my great talk, but there are many other amazing talks from amazing MacAdmins.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

News and Opinion

macOS 11 Big Sur and iOS 14

MacAdmins on Twitter

  • William Smith: “Outlook for Mac 16.38 can let users try New Outlook. MacAdmins can manage this preference: Domain: com.microsoft.Outlook Key: EnableNewOutlook Values (integer): 0 = Switch hidden (default) 1 = Switch displayed, off 2 = Switch displayed, on 3 = Enabled, switch hidden”
  • mikeymikey: “If you’re not a full Screen aficionado – you may have seen that hovering over the zoom control gives you options you don’t care for – but did you know those options change to non-full screen windowed choices if you hold down Option?”
  • tlark: “The thing that kills me the most about TCC/PPPC is there is no real clear documentation on how to properly implement it. You stream logs, run things and play a game of whack-a-mole. I am all about increased security posture, but come on Apple, help us configure it.”

Bugs and Security

Support and HowTos

Scripting and Automation

Updates and Releases

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Running a Command as another User

This post is an update to an older post on the same topic. macOS has changed and I had a few things to add. Rather than keep modifying the older post, I decided to make this new one.

As MacAdmins, most of the scripts we write will use tools that require administrator or super user/root privileges. The good news here that many of the management tools we can use to run scripts on clients already run with root privileges. The pre– and postinstall scripts in installation packages (pkgs), the agent for your management system, and scripts executed as LaunchDaemons all run with root privileges.

However, some commands need to be run not as root, but as the user.

For example, the defaults command can be used to read or set a specific setting for a user. When your script, executed by your management system, is running as root and contains this command:

defaults write com.apple.dock orientation left

Then it will write this preference into root’s home directory in /var/root/Library/Preferences/com.apple.dock.plist. This is probably not what you intended to do.

Get the Current User

To get the correct behavior, you need to run the command as a user. Then the problem is as which user you want to run as. In many cases the answer is the user that is currently logged in.

I have written a few posts about how to determine the currently logged in user from shell scripts and will use the solution from those:

currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )

This will return the currently logged in user or loginwindow when there is none. This is the Posix sh compatible syntax, which will also run with bash or zsh.

Running as User

There are two ways to run a command as the current user. The first is with sudo:

sudo -u "$currentUser" defaults write com.apple.dock orientation left

The second is with launchctl asuser.

uid=$(id -u "$currentUser")
launchctl asuser $uid launchctl load com.example.agent

The launchctl command uses the numerical user ID instead of the user’s shortname so we need generate that first.

It used to be that the sudo solution would not work in all contexts, but the launchctl asuser solution would. This changed at some point during the Mojave release time.

Now, the lauchctl asuser works and is required when you want to load and unload LaunchAgents (which run as the user), but it does not seem to work in other contexts any more.

So, for most use cases, you want to use the sudo solution but in some you need the launchctl form. The good news here is, that you can play it safe and use both at the same time:

launchctl asuser "$uid" sudo -u "$currentUser" command arguments

This works for all commands in all contexts. This is, however, a lot to type and memorize. I built a small shell function that I use in many of my scripts. Paste this at the beginning of your scripts:

# convenience function to run a command as the current user
# usage:
#   runAsUser command arguments...
runAsUser() {  
  if [ "$currentUser" != "loginwindow" ]; then
    launchctl asuser "$uid" sudo -u "$currentUser" "$@"
  else
    echo "no user logged in"
    # uncomment the exit command
    # to make the function exit with an error when no user is logged in
    # exit 1
  fi
}

and then you can use the function like this:

runAsUser defaults write com.apple.dock orientation left

runAsUser launchctl load com.example.agent

Note: the function, as written above, will simply do nothing when the Mac is sitting at the login window with no user logged in. You can uncomment the exit 1 line to make the script exit with an error in that case. In your script, you should generally check whether a user is logged in and handle that situation before you use the runAsUser function. For example you could use:

if [ -z "$currentUser" -o "$currentUser" = "loginwindow" ]; then
  echo "no user logged in, cannot proceed"
  exit 1
fi

Insert this at the beginning of your code (but after the declaration of the currentUser variable) and you can assume that a user is logged in and safely use the $currentUser variable and the runAsUser function afterwards. The exact detail on when and how you should check for a logged in user depends on the workflow of your script. In general, earlier is better.

When to Run as User

Generally, you should run as the user when the command interacts with the user interface, user processes and applications, or user data. As MacAdmins these are common commands you should run as the user;

  • defaults, when reading or changing a user’s preferences
  • osascript
  • open
  • launchctl load|unload for Launch Agents (not Launch Daemons)

This is not a complete list. Third party configuration scripts may need to be run as root or user. You will need to refer to documentation or, in many cases, just determine the correct action by trial and error.

Sample Script

I have put together a script that combines the above code into a working example.

Weekly News Summary for Admins — 2020-08-21

Welcome back! I get the impression I was the only one to take a while off this summer. So many post to sort through and link to…

I will be presenting at Virtual JNUC2020 this year. My session is “Scripting Jamf: Best Practices” (JNUC307) and is scheduled for Oct 1 at 11am CT (18:00 Central European time). The entire session schedule can be reviewed on their site and you can still register for free!

I am also preparing something for the MacSysAdmin Online. This will be a free online event this year where they will publish some of the best presentations from previous years and new content as well. You can support the team by buying the MacSysAdmin Online T-Shirt, which will also enroll you in an exclusive giveaway raffle.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

News and Opinion

macOS 11 Big Sur and iOS 14

macOS Catalina 10.15 and iOS 13 Updates

MacAdmins on Twitter

  • William Smith: “Small undocumented change with Policies in Jamf Pro 10.22 that I didn’t learn about until today: New policies no longer automatically include the Restart payload.”
  • Victor (groob): “Instead of asking ”experts“ for how you’d go about doing something, tell them what you tried, and ask why it’s not working.”
  • Anthony Reimer: “Intriguing. On the new 27-inch iMac, you can not customize the 256 GB of storage on the base model. You must move up to the middle model to get 512GB or more of storage.”
  • Victor (groob): “Four betas. Four subtle ways Apple broke a core workflow in MDM zero touch provisioning. All undocumented.”
  • Graham Pugh: “Jamf Self Service policies will not run on macOS 10.12 Sierra on Jamf Pro versions 10.22 and above. Jamf will not fix this as they drop support for Sierra in the next release.”
  • Anthony Reimer: “I’ve updated my Mac Obsolescence chart with the new iMac (hopefully making an appearance in a home near me). obsolescence.jazzace.ca
  • Per Olofsson: “Companion niche tip: creating a sparsebundle from a folder and then converting it to a compressed read only dmg is multithreaded and faster than creating the dmg directly. In my testing the resulting dmg will also be smaller.”
  • Neil Martin: “TIL in profilecreator if you long-click the export button, you can export your payloads as MCX-style plists – handy!”
  • Erik Schwiebert: “Two month alert! Microsoft support for Office 2016 for the Mac ends on October 13, 2020

Bugs and Security

Support and HowTos

Scripting and Automation

Updates and Releases

To Watch

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Weekly News Summary for Admins — 2020-07-24

You can’t really tell it from the weather here in the Netherlands, but summer is here!

Summer brings more beta testing: the third beta of the new Apple systems dropped this week. It also brings vacation. This newsletter will be on vacation until late August. As usual, I will keep gathering interesting posts and links and return with a big August summary.

Hope you get to enjoy your summer and vacation. Stay safe!

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

News and Opinion

macOS 11 Big Sur and iOS 14

Coronavirus and Remote Work

MacAdmins on Twitter

  • Rich Trouton: “I’ve bought a share of Jamf stock. Now I can show up at both JNUC and shareholder meetings with my gripes.”

Bugs and Security

Support and HowTos

Scripting and Automation

Updates and Releases

To Watch

To Listen

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Installomator Updated: v0.3

It’s been more than a month since the last update, and while there has been work on the dev branch, I was quite distracted with other things (like this). The good news is, that there have been quite a few contributions from others! A huge thanks to all who helped make this a better script.

All it took was for me to find some time to put all the contributions together, which I finally found some time for.

What’s new in v0.3:

  • added several new labels for total of 98
  • removed the powershell labels, since the installer is not notarized
  • when run without any arguments, the script now lists all labels
  • changed how zips are expanded because this was broken on Mojave
  • improved logging in some statements
  • several more minor improvements

Get the script and find the instructions on the GitHub repo.

Some of the contributions and requests have not yet been addressed. I believe they will require some more thinking and planning. I would like to approach those in the next version.

If you have any feedback or questions, please join us in the #installomator channel on MacAdmins Slack.

Thanks again to all those who contributed!

Weekly News Summary for Admins — 2020-07-17

No summer break yet for MacAdmins. As expected, the updates for macOS Catalina 10.15.6 and iOS 13.6 and siblings were published.

As a big reprieve for MacAdmins, the functionality of softwareupdate --ignore has been re-instated for system software updates, but only when the Mac is supervised (i.e. enrolled in MDM with Automated Deployment or user-approved MDM). This allows MacAdmins to block major updates from being installed or even notified about. This is likely a direct result of all the feedback MacAdmins have passed on to Apple.

However, this reprieve is only temporary because it is not implemented in the macOS Big Sur beta. So, keep providing feedback through all your channels to Apple, that macOS requires a managed means to block software updates for longer than 90 days, preferable indefinitely.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

News and Opinion

macOS 11 Big Sur and iOS 14

macOS Catalina 10.15 and iOS 13 Updates

MacAdmins on Twitter

  • Rosyna Keller: “Please, please don’t normalize right-clicking on your app to get it to run. This is a tactic malware uses to get past Gatekeeper. Screenshot from actual malware. Even after Flash died at the end of this year, this type of social engineering will continue. I hope Adobe runs PSAs.” (Image, thread)

Bugs and Security

Support and HowTos

Scripting and Automation

Apple Documentation

To Listen

Just for Fun

Support

If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!