diff --git a/CHANGELOG.md b/CHANGELOG.md index 89e037f..6b84793 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,8 +2,7 @@ - We have moved the root check to the beginning of the script, and improved DEBUG handling with two different modes. `DEBUG=0` is still for production, and `1` is still for the DEBUG we previously knew downloading to the directory it is running from, but `2` will download to temporary folder, will detect updates, but will not install anything, but it will notify the user (almost as running the script without root before). - Changed logic if `IGNORE_APP_STORE_APPS=yes`. Before this version a label like `microsoftonedrive` that was installed from App Store, and that we want to replace with the “ordinary” version, Installomator would still use `updateTool`, even though `IGNORE_APP_STORE_APPS=yes`. So we would have to have `INSTALL=force` in order to have the app replaced, as `updateTool` would be used. But now if `IGNORE_APP_STORE_APPS=yes` then `updateTool` will be not set, and the App Store app will be replaced. BUT if the installed software was not from App Store, then `updateTool` will not be used, and it would be a kind of a forced install (in the example of `microsoftonedrive`), except if the version is the same (where installation is skipped). - - +- Added variable `SYSTEMOWNER` that is used when copying files when installing. Default `0` is to change owner of the app to the current user on the Mac, like this user was installing this app themselves. When using `1` we will put “root:wheel” on the app, which can be useful for shared machines. ## v8.0 diff --git a/Labels.txt b/Labels.txt index e873028..20c2d91 100644 --- a/Labels.txt +++ b/Labels.txt @@ -328,6 +328,7 @@ textmate theunarchiver things thunderbird +tidal toggltrack tom4aconverter torbrowser diff --git a/README.md b/README.md index aef13c3..51e22c2 100644 --- a/README.md +++ b/README.md @@ -262,6 +262,12 @@ __options:__ - `no`: If installed app is from App Store (which include VPP installed apps) it will not be touched, no matter it's version (default) - `yes`: Replace App Store (and VPP) version of app and handle future updates using Installomator, even if latest version. Shouldn’t give any problems for the user in most cases. Known bad example: Slack will loose all settings. +### Owner of copied apps +Default is `SYSTEMOWNER=0` +__options:__ +- `0`: Current user will be owner of copied apps, just like if they installed it themselves (default). +- `1`: root:wheel will be set on the copied app. Useful for shared machines. + ### Install behavior (force installation) Since we now make a version checking, and only installs the software if the version is different, an `INSTALL` variable can be used to force the installation: diff --git a/fragments/arguments.sh b/fragments/arguments.sh index 0f8765f..d682862 100644 --- a/fragments/arguments.sh +++ b/fragments/arguments.sh @@ -58,7 +58,7 @@ versionKey="CFBundleShortVersionString" currentUser=$(scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ { print $3 }') # MARK: check for root -if [[ "$(whoami)" != "root" && "$DEBUG" -ne 2 ]]; then +if [[ "$(whoami)" != "root" && "$DEBUG" -eq 0 ]]; then # not running as root cleanupAndExit 6 "not running as root, exiting" fi diff --git a/fragments/functions.sh b/fragments/functions.sh index f5d5137..4ae4518 100644 --- a/fragments/functions.sh +++ b/fragments/functions.sh @@ -392,11 +392,12 @@ installAppWithPath() { # $1: path to app to install in $targetDir fi # set ownership to current user - if [ "$currentUser" != "loginwindow" ]; then + if [[ "$currentUser" != "loginwindow" && $SYSTEMOWNER -ne 1 ]]; then printlog "Changing owner to $currentUser" chown -R "$currentUser" "$targetDir/$appName" else - printlog "No user logged in, not changing user" + printlog "No user logged in or SYSTEMOWNER=1, setting owner to root:wheel" + chown -R root:wheel "$targetDir/$appName" fi elif [[ ! -z $CLIInstaller ]]; then diff --git a/fragments/header.sh b/fragments/header.sh index c41879d..7107a10 100644 --- a/fragments/header.sh +++ b/fragments/header.sh @@ -88,6 +88,13 @@ IGNORE_APP_STORE_APPS=no # Shouldn’t give any problems for the user in most cases. # Known bad example: Slack will loose all settings. +# Owner of copied apps +SYSTEMOWNER=0 +# options: +# - 0 Current user will be owner of copied apps, just like if they +# installed it themselves (default). +# - 1 root:wheel will be set on the copied app. +# Useful for shared machines. # install behavior INSTALL="" diff --git a/fragments/labels/applenyfonts.sh b/fragments/labels/applenyfonts.sh index 16c7185..fe4f258 100644 --- a/fragments/labels/applenyfonts.sh +++ b/fragments/labels/applenyfonts.sh @@ -3,5 +3,5 @@ applenyfonts) type="pkgInDmg" downloadURL="https://devimages-cdn.apple.com/design/resources/download/NY.dmg" packageID="com.apple.pkg.NYFonts" - expectedTeamID="Development Update" + expectedTeamID="Software Update" ;; diff --git a/fragments/labels/applesfcompact.sh b/fragments/labels/applesfcompact.sh index aef7977..5f4bcf2 100644 --- a/fragments/labels/applesfcompact.sh +++ b/fragments/labels/applesfcompact.sh @@ -3,5 +3,5 @@ applesfcompact) type="pkgInDmg" downloadURL="https://devimages-cdn.apple.com/design/resources/download/SF-Compact.dmg" packageID="com.apple.pkg.SanFranciscoCompact" - expectedTeamID="Development Update" + expectedTeamID="Software Update" ;; diff --git a/fragments/labels/applesfpro.sh b/fragments/labels/applesfpro.sh index 9d76895..fecd78a 100644 --- a/fragments/labels/applesfpro.sh +++ b/fragments/labels/applesfpro.sh @@ -3,5 +3,5 @@ applesfpro) type="pkgInDmg" downloadURL="https://devimages-cdn.apple.com/design/resources/download/SF-Pro.dmg" packageID="com.apple.pkg.SanFranciscoPro" - expectedTeamID="Development Update" + expectedTeamID="Software Update" ;; diff --git a/fragments/labels/autopkgr.sh b/fragments/labels/autopkgr.sh index 2937f08..4a4cf82 100644 --- a/fragments/labels/autopkgr.sh +++ b/fragments/labels/autopkgr.sh @@ -1,8 +1,6 @@ autopkgr) - # credit: Søren Theilgaard (@theilgaard) name="AutoPkgr" type="dmg" - #downloadURL=$(curl -fs "https://api.github.com/repos/lindegroup/autopkgr/releases/latest" | awk -F '"' "/browser_download_url/ && /dmg/ && ! /sig/ && ! /CLI/ && ! /sha256/ { print \$4 }") downloadURL=$(downloadURLFromGit lindegroup autopkgr) appNewVersion=$(versionFromGit lindegroup autopkgr) expectedTeamID="JVY2ZR6SEF" diff --git a/fragments/labels/boxdrive.sh b/fragments/labels/boxdrive.sh index cf5fc1d..dacd68b 100644 --- a/fragments/labels/boxdrive.sh +++ b/fragments/labels/boxdrive.sh @@ -1,12 +1,6 @@ boxdrive) - # credit: Isaac Ordonez, Mann consulting (@mannconsulting) name="Box" type="pkg" - if [[ $(arch) == "arm64" ]]; then - #Note: https://support.box.com/hc/en-us/articles/1500004479962-Box-Drive-support-on-devices-with-M1-chips - downloadURL="https://e3.boxcdn.net/desktop/pre-releases/mac/BoxDrive.2.20.140-M1-beta.pkg" - elif [[ $(arch) == "i386" ]]; then - downloadURL="https://e3.boxcdn.net/box-installers/desktop/releases/mac/Box.pkg" - fi + downloadURL="https://e3.boxcdn.net/box-installers/desktop/releases/mac/Box.pkg" expectedTeamID="M683GB7CPW" ;; diff --git a/fragments/labels/dangerzone.sh b/fragments/labels/dangerzone.sh index ab9cf57..1bdeada 100644 --- a/fragments/labels/dangerzone.sh +++ b/fragments/labels/dangerzone.sh @@ -1,7 +1,7 @@ dangerzone) - # credit: Micah Lee (@micahflee) name="Dangerzone" type="dmg" - downloadURL=$(curl -s https://dangerzone.rocks/ | grep https://github.com/firstlookmedia/dangerzone/releases/download | grep \.dmg | cut -d'"' -f2) - expectedTeamID="P24U45L8P5" + downloadURL="$(downloadURLFromGit firstlookmedia dangerzone)" + appNewVersion="$(versionFromGit firstlookmedia dangerzone)" + expectedTeamID="N9B95FDWH4" ;; diff --git a/fragments/labels/ferdi.sh b/fragments/labels/ferdi.sh index f081f0a..28a2a12 100644 --- a/fragments/labels/ferdi.sh +++ b/fragments/labels/ferdi.sh @@ -1,13 +1,12 @@ ferdi) name="Ferdi" type="zip" - if [[ $(arch) == i386 ]]; then - downloadURL=$(curl --silent --fail "https://api.github.com/repos/getferdi/ferdi/releases/latest" \ - | awk -F '"' "/browser_download_url/ && /mac.zip/ && ! /blockmap/ && ! /arm64-mac/ && ! /AppImage/{ print \$4 }") - elif [[ $(arch) == arm64 ]]; then - downloadURL=$(downloadURLFromGit getferdi ferdi ) - archiveName="arm64-mac.zip" - fi + if [[ $(arch) == "arm64" ]]; then + archiveName="arm64-mac.zip" + elif [[ $(arch) == "i386" ]]; then + archiveName="Ferdi-[0-9.]*-mac.zip" + fi + downloadURL="$(downloadURLFromGit getferdi ferdi)" appNewVersion=$(versionFromGit getferdi ferdi ) expectedTeamID="B6J9X9DWFL" ;; diff --git a/fragments/labels/gpgsync.sh b/fragments/labels/gpgsync.sh index 814875f..af3b5ca 100644 --- a/fragments/labels/gpgsync.sh +++ b/fragments/labels/gpgsync.sh @@ -1,7 +1,8 @@ gpgsync) - # credit: Micah Lee (@micahflee) name="GPG Sync" type="pkg" - downloadURL="https://github.com$(curl -s -L https://github.com/firstlookmedia/gpgsync/releases/latest | grep /firstlookmedia/gpgsync/releases/download | grep \.pkg | cut -d'"' -f2)" + packageID="org.firstlook.gpgsync" + downloadURL="$(downloadURLFromGit firstlookmedia gpgsync)" + appNewVersion="$(versionFromGit firstlookmedia gpgsync)" expectedTeamID="P24U45L8P5" ;; diff --git a/fragments/labels/iina b/fragments/labels/iina new file mode 100644 index 0000000..2ec2f28 --- /dev/null +++ b/fragments/labels/iina @@ -0,0 +1,7 @@ +iina) + name="IINA" + type="dmg" + downloadURL=$(downloadURLFromGit iina iina ) + appNewVersion=$(versionFromGit iina iina ) + expectedTeamID="67CQ77V27R" + ;; diff --git a/fragments/labels/itsycal.sh b/fragments/labels/itsycal.sh new file mode 100644 index 0000000..5153f36 --- /dev/null +++ b/fragments/labels/itsycal.sh @@ -0,0 +1,7 @@ +itsycal) + name="Itsycal" + type="zip" + downloadURL=$(curl -fs https://s3.amazonaws.com/itsycal/itsycal-apple-silicon.xml | xpath '(//rss/channel/item/enclosure/@url)[1]' 2>/dev/null | head -1 | cut -d '"' -f 2) + appNewVersion=$(curl -fs https://s3.amazonaws.com/itsycal/itsycal-apple-silicon.xml | xpath '(//rss/channel/item/enclosure/@sparkle:shortVersionString)[1]' 2>/dev/null | head -1 | cut -d '"' -f 2) + expectedTeamID="HFT3T55WND" + ;; diff --git a/fragments/labels/paretosecurity.sh b/fragments/labels/paretosecurity.sh new file mode 100644 index 0000000..d92ed2a --- /dev/null +++ b/fragments/labels/paretosecurity.sh @@ -0,0 +1,7 @@ +paretosecurity) + name="Pareto Security" + type="dmg" + downloadURL=$(downloadURLFromGit ParetoSecurity pareto-mac) + appNewVersion=$(versionFromGit ParetoSecurity pareto-mac) + expectedTeamID="PM784W7B8X" + ;; diff --git a/fragments/labels/pritunl.sh b/fragments/labels/pritunl.sh new file mode 100644 index 0000000..8b35a64 --- /dev/null +++ b/fragments/labels/pritunl.sh @@ -0,0 +1,13 @@ +pritunl) + name="Pritunl" + type="pkgInZip" + packageID="com.pritunl.pkg.Pritunl" + if [[ $(arch) == "arm64" ]]; then + archiveName="Pritunl.arm64.pkg.zip" + elif [[ $(arch) == "i386" ]]; then + archiveName="Pritunl.pkg.zip" + fi + downloadURL=$(downloadURLFromGit pritunl pritunl-client-electron) + appNewVersion=$(versionFromGit pritunl pritunl-client-electron) + expectedTeamID="U22BLATN63" + ;; diff --git a/fragments/labels/proxyman.sh b/fragments/labels/proxyman.sh index cb78fe3..eddcd8f 100644 --- a/fragments/labels/proxyman.sh +++ b/fragments/labels/proxyman.sh @@ -1,7 +1,8 @@ proxyman) - name="Proxyman" - type="dmg" - downloadURL="https://proxyman.io/release/osx/Proxyman_latest.dmg" - expectedTeamID="3X57WP8E8V" - appNewVersion=$(curl -s -L https://github.com/ProxymanApp/Proxyman | grep -o 'releases/tag/.*\>' | awk -F '/' '{print $3}') - ;; + name="Proxyman" + type="dmg" + #downloadURL="https://proxyman.io/release/osx/Proxyman_latest.dmg" + downloadURL="$(downloadURLFromGit ProxymanApp Proxyman)" + appNewVersion="$(versionFromGit ProxymanApp Proxyman)" + expectedTeamID="3X57WP8E8V" + ;; diff --git a/fragments/labels/secretive.sh b/fragments/labels/secretive.sh new file mode 100644 index 0000000..4873fb3 --- /dev/null +++ b/fragments/labels/secretive.sh @@ -0,0 +1,8 @@ +secretive) + name="Secretive" + type="zip" + downloadURL=$(downloadURLFromGit maxgoedjen secretive) + appNewVersion=$(versionFromGit maxgoedjen secretive) + expectedTeamID="Z72PRUAWF6" + ;; + diff --git a/fragments/labels/textexpander.sh b/fragments/labels/textexpander.sh index 6965ee7..63736f2 100644 --- a/fragments/labels/textexpander.sh +++ b/fragments/labels/textexpander.sh @@ -1,7 +1,7 @@ textexpander) name="TextExpander" type="dmg" - downloadURL="https://textexpander.com/cgi-bin/redirect.pl?cmd=download&platform=osx" - appNewVersion=$( curl -fsIL "https://textexpander.com/cgi-bin/redirect.pl?cmd=download&platform=osx" | grep -i "^location" | awk '{print $2}' | tail -1 | cut -d "_" -f2 | sed -nre 's/^[^0-9]*(([0-9]+\.)*[0-9]+).*/\1/p' ) + downloadURL="https://cgi.textexpander.com/cgi-bin/redirect.pl?cmd=download&platform=osx" + appNewVersion=$( curl -fsIL "https://cgi.textexpander.com/cgi-bin/redirect.pl?cmd=download&platform=osx" | grep -i "^location" | awk '{print $2}' | tail -1 | cut -d "_" -f2 | sed -nre 's/^[^0-9]*(([0-9]+\.)*[0-9]+).*/\1/p' ) expectedTeamID="7PKJ6G4DXL" ;; diff --git a/fragments/labels/tidal.sh b/fragments/labels/tidal.sh new file mode 100644 index 0000000..c32febb --- /dev/null +++ b/fragments/labels/tidal.sh @@ -0,0 +1,7 @@ +tidal) + name="TIDAL" + type="dmg" + downloadURL="https://download.tidal.com/desktop/TIDAL.dmg" + appNewVersion=$(curl -fs https://update.tidal.com/updates/latest\?v\=1 | cut -d '"' -f4 | sed -E 's/https.*\/TIDAL\.([0-9.]*)\.zip/\1/g') + expectedTeamID="GK2243L7KB" + ;; diff --git a/fragments/labels/wireshark.sh b/fragments/labels/wireshark.sh index d9617b5..3c4dafb 100644 --- a/fragments/labels/wireshark.sh +++ b/fragments/labels/wireshark.sh @@ -1,5 +1,4 @@ wireshark) - # credit: Oh4sh0 https://github.com/Oh4sh0 name="Wireshark" type="dmg" downloadURL="https://1.as.dl.wireshark.org/osx/Wireshark%20Latest%20Intel%2064.dmg"