diff --git a/MDM/App-update/App browser-security Auto-install.sh b/MDM/App-update/App browser-security Auto-install.sh new file mode 100644 index 0000000..211e564 --- /dev/null +++ b/MDM/App-update/App browser-security Auto-install.sh @@ -0,0 +1,92 @@ +#!/bin/sh + +# Update with Installomator if app exist + +LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1" + +item="microsoftedge" # enter the software to install +# Examples: brave, duckduckgo, firefoxpkg, googlechromepkg, microsoftedge, opera +appPath="/Applications/Microsoft Edge.app" +# Examples: Microsoft Edge.app, Brave Browser.app, DuckDuckGo.app, Google Chrome.app, Firefox.app, Opera.app + +installomatorOptions="BLOCKING_PROCESS_ACTION=tell_user_then_quit" # Separated by space + +# Other installomatorOptions: +# LOGGING=REQ +# LOGGING=DEBUG +# LOGGING=WARN +# BLOCKING_PROCESS_ACTION=ignore +# BLOCKING_PROCESS_ACTION=tell_user +# BLOCKING_PROCESS_ACTION=tell_user_then_quit +# BLOCKING_PROCESS_ACTION=prompt_user +# BLOCKING_PROCESS_ACTION=prompt_user_loop +# BLOCKING_PROCESS_ACTION=prompt_user_then_kill +# BLOCKING_PROCESS_ACTION=quit +# BLOCKING_PROCESS_ACTION=kill +# NOTIFY=all +# NOTIFY=success +# NOTIFY=silent +# IGNORE_APP_STORE_APPS=yes +# INSTALL=force +###################################################################### +# To be used as a script sent out from a MDM. +# Fill the variable "item" above with a label. +# Script will run this label through Installomator. +###################################################################### +# v. 9.2.1 : Better logging handling and installomatorOptions fix. +###################################################################### + +# Mark: Script +# PATH declaration +export PATH=/usr/bin:/bin:/usr/sbin:/sbin + +echo "$(date +%F\ %T) [LOG-BEGIN] $item" + +# Check if app is installed +# We only want this to run if it's already installed +if [ ! -e "${appPath}" ]; then + echo "App not found here:" + echo "${appPath}" + echo "Exiting." + exit 98 +fi +echo "${appPath} Found!" + +# Verify that Installomator has been installed +destFile="/usr/local/Installomator/Installomator.sh" +if [ ! -e "${destFile}" ]; then + echo "Installomator not found here:" + echo "${destFile}" + echo "Exiting." + exit 99 +fi + +# No sleeping +/usr/bin/caffeinate -d -i -m -u & +caffeinatepid=$! +caffexit () { + kill "$caffeinatepid" + pkill caffeinate + exit $1 +} + +# Install software using Installomator +cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true)" + +# Check result +exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )" +if [[ ${exitStatus} -eq 0 ]] ; then + echo "${item} succesfully installed." + warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )" + echo "$warnOutput" +else + echo "ERROR installing ${item}. Exit code ${exitStatus}" + echo "$cmdOutput" + #errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )" + #echo "$errorOutput" +fi + +echo "[$(DATE)][LOG-END]" + +caffexit $exitStatus + diff --git a/MDM/App-update/App normal Auto-install.sh b/MDM/App-update/App normal Auto-install.sh new file mode 100644 index 0000000..c2ac671 --- /dev/null +++ b/MDM/App-update/App normal Auto-install.sh @@ -0,0 +1,92 @@ +#!/bin/sh + +# Update with Installomator if app exist + +LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1" + +item="" # enter the software to install +# Examples: cyberduck, handbrake, textmate, vlc +appPath="/Applications/Cyberduck.app" +# Examples: Cyberduck.app, Handbrake.app, Textmate.app, VLC.app + +installomatorOptions="BLOCKING_PROCESS_ACTION=prompt_user" # Separated by space + +# Other installomatorOptions: +# LOGGING=REQ +# LOGGING=DEBUG +# LOGGING=WARN +# BLOCKING_PROCESS_ACTION=ignore +# BLOCKING_PROCESS_ACTION=tell_user +# BLOCKING_PROCESS_ACTION=tell_user_then_quit +# BLOCKING_PROCESS_ACTION=prompt_user +# BLOCKING_PROCESS_ACTION=prompt_user_loop +# BLOCKING_PROCESS_ACTION=prompt_user_then_kill +# BLOCKING_PROCESS_ACTION=quit +# BLOCKING_PROCESS_ACTION=kill +# NOTIFY=all +# NOTIFY=success +# NOTIFY=silent +# IGNORE_APP_STORE_APPS=yes +# INSTALL=force +###################################################################### +# To be used as a script sent out from a MDM. +# Fill the variable "item" above with a label. +# Script will run this label through Installomator. +###################################################################### +# v. 9.2.1 : Better logging handling and installomatorOptions fix. +###################################################################### + +# Mark: Script +# PATH declaration +export PATH=/usr/bin:/bin:/usr/sbin:/sbin + +echo "$(date +%F\ %T) [LOG-BEGIN] $item" + +# Check if app is installed +# We only want this to run if it's already installed +if [ ! -e "${appPath}" ]; then + echo "App not found here:" + echo "${appPath}" + echo "Exiting." + exit 98 +fi +echo "${appPath} Found!" + +# Verify that Installomator has been installed +destFile="/usr/local/Installomator/Installomator.sh" +if [ ! -e "${destFile}" ]; then + echo "Installomator not found here:" + echo "${destFile}" + echo "Exiting." + exit 99 +fi + +# No sleeping +/usr/bin/caffeinate -d -i -m -u & +caffeinatepid=$! +caffexit () { + kill "$caffeinatepid" + pkill caffeinate + exit $1 +} + +# Install software using Installomator +cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true)" + +# Check result +exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )" +if [[ ${exitStatus} -eq 0 ]] ; then + echo "${item} succesfully installed." + warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )" + echo "$warnOutput" +else + echo "ERROR installing ${item}. Exit code ${exitStatus}" + echo "$cmdOutput" + #errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )" + #echo "$errorOutput" +fi + +echo "[$(DATE)][LOG-END]" + +caffexit $exitStatus + diff --git a/MDM/README.md b/MDM/README.md index efa012c..2f0da26 100644 --- a/MDM/README.md +++ b/MDM/README.md @@ -1,8 +1,16 @@ # MDM scripts -This is a long list of various scripts for certain use in MDM solutions that cannot call a script internally with parameters, like Jamf Pro can do it. +This is a long list of various scripts for certain use in the various MDM solutions that we have used Installomator with. -So for Mosyle, Addigy, and Microsoft Endpoint Manager (Intune), these are know to be good. If these works in other MDMs, let us know. +There are two categories of MDMs. Either like Jamf Pro, that can contain the full script, and call that as a software installation (called policy in Jamf Pro). If the MDM cannot do that, it have to be able to run a script on the clients. That script can call Installomator on the client, and should therefore be locally installed. + +## “Jamf”-folder + +Here you have scripts for using swiftDialog as part of the Installomator installation. Showing progress in a small window. Separate [ReadMe-file](Jamf/ReadMe.md) in this folder. + +## Script capable MDM-solutions + +So for Mosyle, Addigy, and Microsoft Endpoint Manager (Intune), we have tested these scripts. If these works in other MDMs, let us know. Especially for Addigy, and maybe also for other MDMs, `condition`-scripts has been added if software installation will run on certain conditions. Also `prevention`-scripts has been added, if you manually need to eliminate the runnning of a script, this can be needed if you want to use the enrollment script, but don’t want it to run on the currently managed Macs Then you should sent out the `prevention`-script to make sure the file it creates is present on the Macs so the ordinary script will not do anything (it will detect this file and stop if found). @@ -80,3 +88,12 @@ What is also differentiated is what kind of app it is. Is it of the kind of brow All of the notes for the above scripts are the same for these. But these scripts utilize __swiftDialog__ to show a more live progress for the installation, and they also have a setting to use __dockutil__ to add the software to the Dock of the user. + +# App-update + +These script verifies if the app is already installed, before runnning Installomator. + +- App browser-security Auto-install.sh +- App normal Auto-install.sh + +These scripts only use Installomator, like “App-install”, but will check for the app to be installed first. Very usefull for Addigy and Microsoft.