mtan93/Installomator
1
0
Fork 0
mirror of https://github.com/mtan93/Installomator.git synced 2026-03-08 05:31:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #701 from Theile/MDM-scripts-with-Dialog-and-adding-to-Dock

Browse Source 
Mdm scripts with dialog and adding to dock
This commit is contained in:
Søren Theilgaard
2022-09-30 21:31:32 +02:00
committed by GitHub
parent 1903e8da80 dd3ac338b3
commit f5f2c3c605
38 changed files with 4797 additions and 716 deletions
Download Patch File Download Diff File Expand all files Collapse all files

185
MDM/App script.sh
View File

@@ -1,185 +0,0 @@
#!/bin/zsh
# Installation using Installomator
what="brave" # enter the software to install
# To be used as a script sent out from a MDM.
# Fill the variable "what" above with a label.
# Script will run this label.
LOGO="appstore" # or "addigy", "microsoft", "mosyleb", "mosylem"
######################################################################
# Parameters for reinstall/initial install (owner root:wheel):
# "BLOCKING_PROCESS_ACTION=quit_kill INSTALL=force IGNORE_APP_STORE_APPS=yes SYSTEMOWNER=1"
# Parameters for Self Service installed app:
# "BLOCKING_PROCESS_ACTION=prompt_user NOTIFY=all"
# Parameters for security important apps, like browsers (run automaticaly every day):
# "BLOCKING_PROCESS_ACTION=tell_user_then_kill"
# Update of service apps (run automatically):
# "BLOCKING_PROCESS_ACTION=quit_kill NOTIFY=silent"
parameters="BLOCKING_PROCESS_ACTION=tell_user_then_kill NOTIFY=all"
###############################################
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
cmdOutput="$(${destFile} ${what} LOGO=$LOGO $parameters LOGGING=WARN || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -ne 0 ]] ; then
echo -e "Error installing ${what}. Exit code ${exitStatus}"
#echo "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
echo "$errorOutput"
echo "Error installing ${what}. Exit code $?"
caffexit $?
fi
echo "[$(DATE)][LOG-END]"
caffexit 0
# notify behavior
# NOTIFY=success
# options:
# - success notify the user on success
# - silent no notifications
# - all all notifications (great for Self Service installation)
# behavior when blocking processes are found
# BLOCKING_PROCESS_ACTION=tell_user
# options:
# - ignore continue even when blocking processes are found
# - quit app will be told to quit nicely, if running
# - quit_kill told to quit twice, then it will be killed
# Could be great for service apps, if they do not respawn
# - silent_fail exit script without prompt or installation
# - prompt_user show a user dialog for each blocking process found
# abort after three attempts to quit
# (only if user accepts to quit the apps, otherwise
# the update is cancelled).
# - prompt_user_then_kill
# show a user dialog for each blocking process found,
# attempt to quit two times, kill the process finally
# - prompt_user_loop
# Like prompt-user, but clicking "Not Now", will just wait an hour,
# and then it will ask again.
# WARNING! It might block the MDM agent on the machine, as
# the scripts gets stuct in waiting until the hour has passed,
# possibly blocking for other management actions in this time.
# - tell_user User will be showed a notification about the important update,
# but user is only allowed to quit and continue, and then we
# ask the app to quit.
# - tell_user_then_kill
# Show dialog 2 times, and if the quitting fails, the
# blocking processes will be killed.
# - kill kill process without prompting or giving the user a chance to save
# logo-icon used in dialog boxes if app is blocking
# LOGO=appstore
# options:
# - appstore Icon is Apple App Store (default)
# - jamf JAMF Pro
# - mosyleb Mosyle Business
# - mosylem Mosyle Manager (Education)
# - addigy Addigy
# path can also be set in the command call, and if file exists, it will be used.
# Like 'LOGO="/System/Applications/App\ Store.app/Contents/Resources/AppIcon.icns"'
# (spaces have to be escaped).
# App Store apps handling
# IGNORE_APP_STORE_APPS=no
# options:
# - no If installed app is from App Store (which include VPP installed apps)
# it will not be touched, no matter it's version (default)
# - yes Replace App Store (and VPP) version of app and handle future
# updates using Installomator, even if latest version.
# Shouldnt give any problems for the user in most cases.
# Known bad example: Slack will loose all settings.
# install behavior
# INSTALL=""
# options:
# - When not set, software will only be installed
# if it is newer/different in version
# - force Install even if its the same version
# Re-opening of closed app
# REOPEN="yes"
# options:
# - yes App wil be reopened if it was closed
# - no App not reopened
########################
# Often used labels:
########################
# firefox
# firefox_intl
# brave
# torbrowser
# googlechrome
# netnewswire
# adobereaderdc
# textmate
# cyberduck
# keka
# theunarchiver
# vlc
# handbrake
# inkscape
# signal
# telegram
# whatsapp
# hazel
# devonthink
# teamviewerqs
# zoom
# malwarebytes
# githubdesktop
# sublimetext
# textmate
# visualstudiocode
# microsoftskypeforbusiness
# microsoftteams
# microsoftyammer
# microsoftedgeenterprisestable
# microsoftedgeconsumerstable
# microsoftsharepointplugin
# microsoftdefenderatp
# googledrivefilestream
# cdef
# desktoppr
# supportapp
# xink
# wwdc

346
MDM/App-install SS with swiftDialog and dockutil/App VFA SS github.sh Executable file
View File

@@ -0,0 +1,346 @@
#!/bin/sh
# Installation using Installomator with Dialog showing progress (and posibility of adding to the Dock)
# Installation of software using `valuesfromarguments` to install a custom software using Installomator through GitHub
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
#item="gfxcardstatus" # enter the software to install (if it has a label in future version of Installomator)
# Label variables below
# GitHub functions
downloadURLFromGit() { # $1 git user name, $2 git repo name
gitusername=${1?:"no git user name"}
gitreponame=${2?:"no git repo name"}
if [[ $type == "pkgInDmg" ]]; then
filetype="dmg"
elif [[ $type == "pkgInZip" ]]; then
filetype="zip"
else
filetype=$type
fi
if [ -n "$archiveName" ]; then
downloadURL=https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*$archiveName" | head -1 || true)
if [[ "$(echo $downloadURL | grep -ioE "https.*$archiveName" || true)" == "" ]]; then
#printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$archiveName\"/ { print \$4; exit }" || true)
fi
else
downloadURL=https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1 || true)
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype" || true)" == "" ]]; then
#printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }" || true)
fi
fi
if [ -z "$downloadURL" ]; then
echo "could not retrieve download URL for $gitusername/$gitreponame"
exit 1
else
echo "$downloadURL"
return 0
fi
}
versionFromGit() {
# credit: Søren Theilgaard (@theilgaard)
# $1 git user name, $2 git repo name
gitusername=${1?:"no git user name"}
gitreponame=${2?:"no git repo name"}
#appNewVersion=$(curl -L --silent --fail "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | grep tag_name | cut -d '"' -f 4 | sed 's/[^0-9\.]//g' || true)
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g' || true)
if [ -z "$appNewVersion" ]; then
#echo "could not retrieve version number for $gitusername/$gitreponame"
appNewVersion=""
else
echo "$appNewVersion"
return 0
fi
}
# Variables for label
name="gfxCardStatus"
type="zip"
packageID=""
downloadURL="$(downloadURLFromGit codykrieger gfxCardStatus)"
appNewVersion="$(versionFromGit codykrieger gfxCardStatus)"
versionKey=""
expectedTeamID="LF22FTQC25"
# Dialog icon
icon=""
# icon should be a file system path or an URL to an online PNG.
# In Mosyle an URL can be found by copy picture address from a Custom Command icon.
# dockutil variables
addToDock="1" # with dockutil after installation (0 if not)
appPath="/Applications/$name.app"
# Other variables
dialog_command_file="/var/tmp/dialog.log"
dialogApp="/Library/Application Support/Dialog/Dialog.app"
dockutil="/usr/local/bin/dockutil"
installomatorOptions="BLOCKING_PROCESS_ACTION=prompt_user DIALOG_CMD_FILE=${dialog_command_file}" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 10.0.2 : Improved icon checks and failovers
# v. 10.0.1 : github-functions added. Improved appIcon handling. Can add the app to Dock using dockutil.
# v. 10.0 : Integration with Dialog and Installomator v. 10
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
dialogUpdate() {
# $1: dialog command
local dcommand="$1"
if [[ -n $dialog_command_file ]]; then
echo "$dcommand" >> "$dialog_command_file"
echo "Dialog: $dcommand"
fi
}
checkCmdOutput () {
# $1: cmdOutput
local cmdOutput="$1"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
}
# Check the currently logged in user
currentUser=$(stat -f "%Su" /dev/console)
if [ -z "$currentUser" ] || [ "$currentUser" = "loginwindow" ] || [ "$currentUser" = "_mbsetupuser" ] || [ "$currentUser" = "root" ]; then
echo "ERROR. Logged in user is $currentUser! Cannot proceed."
exit 97
fi
# Get the current user's UID for dockutil
uid=$(id -u "$currentUser")
# Find the home folder of the user
userHome="$(dscl . -read /users/${currentUser} NFSHomeDirectory | awk '{print $2}')"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Mark: Installation begins
installomatorVersion="$(${destFile} version | cut -d "." -f1 || true)"
if [[ $installomatorVersion -lt 10 ]] || [[ $(sw_vers -buildVersion) < "20A" ]]; then
echo "Installomator should be at least version 10 to support Dialog. Installed version $installomatorVersion."
echo "And macOS 11 Big Sur (build 20A) is required for Dialog. Installed build $(sw_vers -buildVersion)."
installomatorNotify="NOTIFY=all"
else
installomatorNotify="NOTIFY=silent"
# check for Swift Dialog
if [[ ! -d $dialogApp ]]; then
echo "Cannot find dialog at $dialogApp"
# Install using Installlomator
cmdOutput="$(${destFile} dialog LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
# Configure and display swiftDialog
itemName=$( ${destFile} ${item} RETURN_LABEL_NAME=1 LOGGING=REQ INSTALL=force | tail -1 || true )
if [[ "$itemName" != "#" ]]; then
message="Installing ${itemName}"
else
message="Installing ${item}"
fi
echo "$item $itemName"
#Check icon (expecting beginning with “http” to be web-link and “/” to be disk file)
echo "icon before check: $icon"
if [[ "$(echo ${icon} | grep -iE "^(http|ftp).*")" != "" ]]; then
echo "icon looks to be web-link"
if ! curl -sfL --output /dev/null -r 0-0 "${icon}" ; then
echo "ERROR: Cannot download link. Reset icon."
icon=""
fi
elif [[ "$(echo ${icon} | grep -iE "^\/.*")" != "" ]]; then
echo "icon looks to be a file"
if [[ ! -a "${icon}" ]]; then
echo "ERROR: Cannot find file. Reset icon."
icon=""
fi
else
echo "ERROR: Cannot figure out icon. Reset icon."
icon=""
fi
echo "icon after first check: $icon"
# If no icon defined we are trying to search for installed app icon
if [[ "$icon" == "" ]]; then
appPath=$(mdfind "kind:application AND name:$itemName" | head -1 || true)
appIcon=$(defaults read "${appPath}/Contents/Info.plist" CFBundleIconFile || true)
if [[ "$(echo "$appIcon" | grep -io ".icns")" == "" ]]; then
appIcon="${appIcon}.icns"
fi
icon="${appPath}/Contents/Resources/${appIcon}"
echo "Icon before file check: ${icon}"
if [ ! -f "${icon}" ]; then
# Using LOGO variable to show logo in swiftDialog
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
icon="${LOGO_PATH}"
fi
fi
echo "LOGO: $LOGO"
echo "icon: ${icon}"
# display first screen
open -a "$dialogApp" --args \
--title none \
--icon "$icon" \
--message "$message" \
--mini \
--progress 100 \
--position bottomright \
--movable \
--commandfile "$dialog_command_file"
# give everything a moment to catch up
sleep 0.1
fi
# Install software using Installomator with valuesfromarguments
cmdOutput="$(${destFile} valuesfromarguments LOGO=$LOGO \
name=${name} \
type=${type} \
packageID=${packageID} \
downloadURL=\"$downloadURL\" \
appNewVersion=${appNewVersion} \
versionKey=${versionKey} \
expectedTeamID=${expectedTeamID} \
${installomatorOptions} ${installomatorNotify} || true)"
checkCmdOutput $cmdOutput
# Mark: dockutil stuff
if [[ $addToDock -eq 1 ]]; then
dialogUpdate "progresstext: Adding to Dock"
if [[ ! -d $dockutil ]]; then
echo "Cannot find dockutil at $dockutil, trying installation"
# Install using Installlomator
cmdOutput="$(${destFile} dockutil LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
echo "Adding to Dock"
$dockutil --add "${appPath}" "${userHome}/Library/Preferences/com.apple.dock.plist" || true
sleep 1
else
echo "Not adding to Dock."
fi
# Mark: Ending
if [[ $installomatorVersion -lt 10 ]]; then
echo "Again skipping Dialog stuff."
else
# close and quit dialog
dialogUpdate "progress: complete"
dialogUpdate "progresstext: Done"
# pause a moment
sleep 0.5
dialogUpdate "quit:"
# let everything catch up
sleep 0.5
# just to be safe
#killall "Dialog" 2>/dev/null || true
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

293
MDM/App-install SS with swiftDialog and dockutil/App VFA SS.sh Executable file
View File

@@ -0,0 +1,293 @@
#!/bin/sh
# Installation using Installomator with Dialog showing progress (and posibility of adding to the Dock)
# Installation of software using `valuesfromarguments` to install a custom software using Installomator
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
#item="" # enter the software to install (if it has a label in future version of Installomator)
# Variables for label
name="ClickShare"
type="appInDmgInZip"
packageID=""
downloadURL="https://www.barco.com$( curl -fs "https://www.barco.com/en/clickshare/app" | grep -A6 -i "macos" | grep -i "FileNumber" | tr '"' "\n" | grep -i "FileNumber" )"
appNewVersion="$(eval "$( echo $downloadURL | sed -E 's/.*(MajorVersion.*BuildVersion=[0-9]*).*/\1/' | sed 's/&amp//g' )" ; ((MajorVersion++)) ; ((MajorVersion--)); ((MinorVersion++)) ; ((MinorVersion--)); ((PatchVersion++)) ; ((PatchVersion--)); ((BuildVersion++)) ; ((BuildVersion--)); echo "${MajorVersion}.${MinorVersion}.${PatchVersion}-b${BuildVersion}")"
versionKey=""
expectedTeamID="P6CDJZR997"
# Dialog icon
icon=""
# icon should be a file system path or an URL to an online PNG.
# In Mosyle an URL can be found by copy picture address from a Custom Command icon.
# dockutil variables
addToDock="1" # with dockutil after installation (0 if not)
appPath="/Applications/$name.app"
# Other variables
dialog_command_file="/var/tmp/dialog.log"
dialogApp="/Library/Application Support/Dialog/Dialog.app"
dockutil="/usr/local/bin/dockutil"
installomatorOptions="BLOCKING_PROCESS_ACTION=prompt_user DIALOG_CMD_FILE=${dialog_command_file}" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 10.0.2 : Improved icon checks and failovers
# v. 10.0.1 : Improved appIcon handling. Can add the app to Dock using dockutil
# v. 10.0 : Integration with Dialog and Installomator v. 10
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
dialogUpdate() {
# $1: dialog command
local dcommand="$1"
if [[ -n $dialog_command_file ]]; then
echo "$dcommand" >> "$dialog_command_file"
echo "Dialog: $dcommand"
fi
}
checkCmdOutput () {
# $1: cmdOutput
local cmdOutput="$1"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
}
# Check the currently logged in user
currentUser=$(stat -f "%Su" /dev/console)
if [ -z "$currentUser" ] || [ "$currentUser" = "loginwindow" ] || [ "$currentUser" = "_mbsetupuser" ] || [ "$currentUser" = "root" ]; then
echo "ERROR. Logged in user is $currentUser! Cannot proceed."
exit 97
fi
# Get the current user's UID for dockutil
uid=$(id -u "$currentUser")
# Find the home folder of the user
userHome="$(dscl . -read /users/${currentUser} NFSHomeDirectory | awk '{print $2}')"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Mark: Installation begins
installomatorVersion="$(${destFile} version | cut -d "." -f1 || true)"
if [[ $installomatorVersion -lt 10 ]] || [[ $(sw_vers -buildVersion) < "20A" ]]; then
echo "Installomator should be at least version 10 to support Dialog. Installed version $installomatorVersion."
echo "And macOS 11 Big Sur (build 20A) is required for Dialog. Installed build $(sw_vers -buildVersion)."
installomatorNotify="NOTIFY=all"
else
installomatorNotify="NOTIFY=silent"
# check for Swift Dialog
if [[ ! -d $dialogApp ]]; then
echo "Cannot find dialog at $dialogApp"
# Install using Installlomator
cmdOutput="$(${destFile} dialog LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
# Configure and display swiftDialog
itemName=$( ${destFile} ${item} RETURN_LABEL_NAME=1 LOGGING=REQ INSTALL=force | tail -1 || true )
if [[ "$itemName" != "#" ]]; then
message="Installing ${itemName}"
else
message="Installing ${item}"
fi
echo "$item $itemName"
#Check icon (expecting beginning with “http” to be web-link and “/” to be disk file)
echo "icon before check: $icon"
if [[ "$(echo ${icon} | grep -iE "^(http|ftp).*")" != "" ]]; then
echo "icon looks to be web-link"
if ! curl -sfL --output /dev/null -r 0-0 "${icon}" ; then
echo "ERROR: Cannot download link. Reset icon."
icon=""
fi
elif [[ "$(echo ${icon} | grep -iE "^\/.*")" != "" ]]; then
echo "icon looks to be a file"
if [[ ! -a "${icon}" ]]; then
echo "ERROR: Cannot find file. Reset icon."
icon=""
fi
else
echo "ERROR: Cannot figure out icon. Reset icon."
icon=""
fi
echo "icon after first check: $icon"
# If no icon defined we are trying to search for installed app icon
if [[ "$icon" == "" ]]; then
appPath=$(mdfind "kind:application AND name:$itemName" | head -1 || true)
appIcon=$(defaults read "${appPath}/Contents/Info.plist" CFBundleIconFile || true)
if [[ "$(echo "$appIcon" | grep -io ".icns")" == "" ]]; then
appIcon="${appIcon}.icns"
fi
icon="${appPath}/Contents/Resources/${appIcon}"
echo "Icon before file check: ${icon}"
if [ ! -f "${icon}" ]; then
# Using LOGO variable to show logo in swiftDialog
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
icon="${LOGO_PATH}"
fi
fi
echo "LOGO: $LOGO"
echo "icon: ${icon}"
# display first screen
open -a "$dialogApp" --args \
--title none \
--icon "$icon" \
--message "$message" \
--mini \
--progress 100 \
--position bottomright \
--movable \
--commandfile "$dialog_command_file"
# give everything a moment to catch up
sleep 0.1
fi
# Install software using Installomator with valuesfromarguments
cmdOutput="$(${destFile} valuesfromarguments LOGO=$LOGO \
name=${name} \
type=${type} \
packageID=${packageID} \
downloadURL=\"$downloadURL\" \
appNewVersion=${appNewVersion} \
versionKey=${versionKey} \
expectedTeamID=${expectedTeamID} \
${installomatorOptions} ${installomatorNotify} || true)"
checkCmdOutput $cmdOutput
# Mark: dockutil stuff
if [[ $addToDock -eq 1 ]]; then
dialogUpdate "progresstext: Adding to Dock"
if [[ ! -d $dockutil ]]; then
echo "Cannot find dockutil at $dockutil, trying installation"
# Install using Installlomator
cmdOutput="$(${destFile} dockutil LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
echo "Adding to Dock"
$dockutil --add "${appPath}" "${userHome}/Library/Preferences/com.apple.dock.plist" || true
sleep 1
else
echo "Not adding to Dock."
fi
# Mark: Ending
if [[ $installomatorVersion -lt 10 ]]; then
echo "Again skipping Dialog stuff."
else
# close and quit dialog
dialogUpdate "progress: complete"
dialogUpdate "progresstext: Done"
# pause a moment
sleep 0.5
dialogUpdate "quit:"
# let everything catch up
sleep 0.5
# just to be safe
#killall "Dialog" 2>/dev/null || true
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

275
MDM/App-install SS with swiftDialog and dockutil/App browser-security SS.sh Executable file
View File

@@ -0,0 +1,275 @@
#!/bin/sh
# Installation using Installomator with Dialog showing progress (and posibility of adding to the Dock)
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="" # enter the software to install
# Examples: brave, duckduckgo, firefoxpkg, googlechromepkg, microsoftedge, opera
# Dialog icon
icon=""
# icon should be a file system path or an URL to an online PNG.
# In Mosyle an URL can be found by copy picture address from a Custom Command icon.
# dockutil variables
addToDock="1" # with dockutil after installation (0 if not)
appPath="/Applications/Firefox.app"
# Other variables
dialog_command_file="/var/tmp/dialog.log"
dialogApp="/Library/Application Support/Dialog/Dialog.app"
dockutil="/usr/local/bin/dockutil"
installomatorOptions="BLOCKING_PROCESS_ACTION=tell_user_then_quit DIALOG_CMD_FILE=${dialog_command_file}" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 10.0.2 : Improved icon checks and failovers
# v. 10.0.1 : Improved appIcon handling. Can add the app to Dock using dockutil
# v. 10.0 : Integration with Dialog and Installomator v. 10
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
dialogUpdate() {
# $1: dialog command
local dcommand="$1"
if [[ -n $dialog_command_file ]]; then
echo "$dcommand" >> "$dialog_command_file"
echo "Dialog: $dcommand"
fi
}
checkCmdOutput () {
# $1: cmdOutput
local cmdOutput="$1"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
}
# Check the currently logged in user
currentUser=$(stat -f "%Su" /dev/console)
if [ -z "$currentUser" ] || [ "$currentUser" = "loginwindow" ] || [ "$currentUser" = "_mbsetupuser" ] || [ "$currentUser" = "root" ]; then
echo "ERROR. Logged in user is $currentUser! Cannot proceed."
exit 97
fi
# Get the current user's UID for dockutil
uid=$(id -u "$currentUser")
# Find the home folder of the user
userHome="$(dscl . -read /users/${currentUser} NFSHomeDirectory | awk '{print $2}')"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Mark: Installation begins
installomatorVersion="$(${destFile} version | cut -d "." -f1 || true)"
if [[ $installomatorVersion -lt 10 ]] || [[ $(sw_vers -buildVersion) < "20A" ]]; then
echo "Installomator should be at least version 10 to support Dialog. Installed version $installomatorVersion."
echo "And macOS 11 Big Sur (build 20A) is required for Dialog. Installed build $(sw_vers -buildVersion)."
installomatorNotify="NOTIFY=all"
else
installomatorNotify="NOTIFY=silent"
# check for Swift Dialog
if [[ ! -d $dialogApp ]]; then
echo "Cannot find dialog at $dialogApp"
# Install using Installlomator
cmdOutput="$(${destFile} dialog LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
# Configure and display swiftDialog
itemName=$( ${destFile} ${item} RETURN_LABEL_NAME=1 LOGGING=REQ INSTALL=force | tail -1 || true )
if [[ "$itemName" != "#" ]]; then
message="Installing ${itemName}"
else
message="Installing ${item}"
fi
echo "$item $itemName"
#Check icon (expecting beginning with “http” to be web-link and “/” to be disk file)
echo "icon before check: $icon"
if [[ "$(echo ${icon} | grep -iE "^(http|ftp).*")" != "" ]]; then
echo "icon looks to be web-link"
if ! curl -sfL --output /dev/null -r 0-0 "${icon}" ; then
echo "ERROR: Cannot download link. Reset icon."
icon=""
fi
elif [[ "$(echo ${icon} | grep -iE "^\/.*")" != "" ]]; then
echo "icon looks to be a file"
if [[ ! -a "${icon}" ]]; then
echo "ERROR: Cannot find file. Reset icon."
icon=""
fi
else
echo "ERROR: Cannot figure out icon. Reset icon."
icon=""
fi
echo "icon after first check: $icon"
# If no icon defined we are trying to search for installed app icon
if [[ "$icon" == "" ]]; then
appPath=$(mdfind "kind:application AND name:$itemName" | head -1 || true)
appIcon=$(defaults read "${appPath}/Contents/Info.plist" CFBundleIconFile || true)
if [[ "$(echo "$appIcon" | grep -io ".icns")" == "" ]]; then
appIcon="${appIcon}.icns"
fi
icon="${appPath}/Contents/Resources/${appIcon}"
echo "Icon before file check: ${icon}"
if [ ! -f "${icon}" ]; then
# Using LOGO variable to show logo in swiftDialog
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
icon="${LOGO_PATH}"
fi
fi
echo "LOGO: $LOGO"
echo "icon: ${icon}"
# display first screen
open -a "$dialogApp" --args \
--title none \
--icon "$icon" \
--message "$message" \
--mini \
--progress 100 \
--position bottomright \
--movable \
--commandfile "$dialog_command_file"
# give everything a moment to catch up
sleep 0.1
fi
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} ${installomatorNotify} || true)"
checkCmdOutput $cmdOutput
# Mark: dockutil stuff
if [[ $addToDock -eq 1 ]]; then
dialogUpdate "progresstext: Adding to Dock"
if [[ ! -d $dockutil ]]; then
echo "Cannot find dockutil at $dockutil, trying installation"
# Install using Installlomator
cmdOutput="$(${destFile} dockutil LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
echo "Adding to Dock"
$dockutil --add "${appPath}" "${userHome}/Library/Preferences/com.apple.dock.plist" || true
sleep 1
else
echo "Not adding to Dock."
fi
# Mark: Ending
if [[ $installomatorVersion -lt 10 ]]; then
echo "Again skipping Dialog stuff."
else
# close and quit dialog
dialogUpdate "progress: complete"
dialogUpdate "progresstext: Done"
# pause a moment
sleep 0.5
dialogUpdate "quit:"
# let everything catch up
sleep 0.5
# just to be safe
#killall "Dialog" 2>/dev/null || true
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

278
MDM/App-install SS with swiftDialog and dockutil/App normal SS multi-app.sh Normal file
View File

@@ -0,0 +1,278 @@
#!/bin/sh
# Installation using Installomator with Dialog showing progress (and posibility of adding to the Dock)
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="microsoftoffice365" # enter the software to install
# Examples: microsoftofficebusinesspro, microsoftoffice365
# Dialog icon
icon=""
# icon should be a file system path or an URL to an online PNG.
# In Mosyle an URL can be found by copy picture address from a Custom Command icon.
# dockutil variables
addToDock="1" # with dockutil after installation (0 if not)
appPaths=("/Applications/Microsoft Outlook.app" "/Applications/Microsoft Word.app" "/Applications/Microsoft Excel.app" "/Applications/Microsoft PowerPoint.app" "/Applications/Microsoft OneNote.app")
# Other variables
dialog_command_file="/var/tmp/dialog.log"
dialogApp="/Library/Application Support/Dialog/Dialog.app"
dockutil="/usr/local/bin/dockutil"
installomatorOptions="BLOCKING_PROCESS_ACTION=prompt_user DIALOG_CMD_FILE=${dialog_command_file}" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 10.0.2 : Improved icon checks and failovers
# v. 10.0.1 : Improved appIcon handling. Can add the app to Dock using dockutil
# v. 10.0 : Integration with Dialog and Installomator v. 10
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
dialogUpdate() {
# $1: dialog command
local dcommand="$1"
if [[ -n $dialog_command_file ]]; then
echo "$dcommand" >> "$dialog_command_file"
echo "Dialog: $dcommand"
fi
}
checkCmdOutput () {
# $1: cmdOutput
local cmdOutput="$1"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
}
# Check the currently logged in user
currentUser=$(stat -f "%Su" /dev/console)
if [ -z "$currentUser" ] || [ "$currentUser" = "loginwindow" ] || [ "$currentUser" = "_mbsetupuser" ] || [ "$currentUser" = "root" ]; then
echo "ERROR. Logged in user is $currentUser! Cannot proceed."
exit 97
fi
# Get the current user's UID for dockutil
uid=$(id -u "$currentUser")
# Find the home folder of the user
userHome="$(dscl . -read /users/${currentUser} NFSHomeDirectory | awk '{print $2}')"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Mark: Installation begins
installomatorVersion="$(${destFile} version | cut -d "." -f1 || true)"
if [[ $installomatorVersion -lt 10 ]] || [[ $(sw_vers -buildVersion) < "20A" ]]; then
echo "Installomator should be at least version 10 to support Dialog. Installed version $installomatorVersion."
echo "And macOS 11 Big Sur (build 20A) is required for Dialog. Installed build $(sw_vers -buildVersion)."
installomatorNotify="NOTIFY=all"
else
installomatorNotify="NOTIFY=silent"
# check for Swift Dialog
if [[ ! -d $dialogApp ]]; then
echo "Cannot find dialog at $dialogApp"
# Install using Installlomator
cmdOutput="$(${destFile} dialog LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
# Configure and display swiftDialog
itemName=$( ${destFile} ${item} RETURN_LABEL_NAME=1 LOGGING=REQ INSTALL=force | tail -1 || true )
if [[ "$itemName" != "#" ]]; then
message="Installing ${itemName}"
else
message="Installing ${item}"
fi
echo "$item $itemName"
#Check icon (expecting beginning with “http” to be web-link and “/” to be disk file)
echo "icon before check: $icon"
if [[ "$(echo ${icon} | grep -iE "^(http|ftp).*")" != "" ]]; then
echo "icon looks to be web-link"
if ! curl -sfL --output /dev/null -r 0-0 "${icon}" ; then
echo "ERROR: Cannot download link. Reset icon."
icon=""
fi
elif [[ "$(echo ${icon} | grep -iE "^\/.*")" != "" ]]; then
echo "icon looks to be a file"
if [[ ! -a "${icon}" ]]; then
echo "ERROR: Cannot find file. Reset icon."
icon=""
fi
else
echo "ERROR: Cannot figure out icon. Reset icon."
icon=""
fi
echo "icon after first check: $icon"
# If no icon defined we are trying to search for installed app icon
if [[ "$icon" == "" ]]; then
appPath=$(mdfind "kind:application AND name:$itemName" | head -1 || true)
appIcon=$(defaults read "${appPath}/Contents/Info.plist" CFBundleIconFile || true)
if [[ "$(echo "$appIcon" | grep -io ".icns")" == "" ]]; then
appIcon="${appIcon}.icns"
fi
icon="${appPath}/Contents/Resources/${appIcon}"
echo "Icon before file check: ${icon}"
if [ ! -f "${icon}" ]; then
# Using LOGO variable to show logo in swiftDialog
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
icon="${LOGO_PATH}"
fi
fi
echo "LOGO: $LOGO"
echo "icon: ${icon}"
# display first screen
open -a "$dialogApp" --args \
--title none \
--icon "$icon" \
--message "$message" \
--mini \
--progress 100 \
--position bottomright \
--movable \
--commandfile "$dialog_command_file"
# give everything a moment to catch up
sleep 0.1
fi
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} ${installomatorNotify} || true)"
checkCmdOutput $cmdOutput
# Mark: dockutil stuff
if [[ $addToDock -eq 1 ]]; then
dialogUpdate "progresstext: Adding to Dock"
if [[ ! -d $dockutil ]]; then
echo "Cannot find dockutil at $dockutil, trying installation"
# Install using Installlomator
cmdOutput="$(${destFile} dockutil LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
echo "Adding to Dock"
for appPath in "${appPaths[@]}"; do
$dockutil --add "${appPath}" "${userHome}/Library/Preferences/com.apple.dock.plist" --no-restart || true
done
$dockutil --add "/AppThatDoesNotExistAnywhereOnDiskButMakingDockutilRestartTheDock" "${userHome}/Library/Preferences/com.apple.dock.plist" || true
sleep 1
else
echo "Not adding to Dock."
fi
# Mark: Ending
if [[ $installomatorVersion -lt 10 ]]; then
echo "Again skipping Dialog stuff."
else
# close and quit dialog
dialogUpdate "progress: complete"
dialogUpdate "progresstext: Done"
# pause a moment
sleep 0.5
dialogUpdate "quit:"
# let everything catch up
sleep 0.5
# just to be safe
#killall "Dialog" 2>/dev/null || true
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

272
MDM/App-install SS with swiftDialog and dockutil/App normal SS.sh Normal file
View File

@@ -0,0 +1,272 @@
#!/bin/sh
# Installation using Installomator with Dialog showing progress (and posibility of adding to the Dock)
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="" # enter the software to install
# Examples: adobecreativeclouddesktop, canva, cyberduck, handbrake, inkscape, textmate, vlc
# Dialog icon
icon=""
# icon should be a file system path or an URL to an online PNG, so beginning with either “/” or “http”.
# In Mosyle an URL can be found by copy picture address from a Custom Command icon.
# dockutil variables
addToDock="0" # with dockutil after installation (0 if not)
appPath="/Applications/Cyberduck.app"
# Other variables
dialog_command_file="/var/tmp/dialog.log"
dialogApp="/Library/Application Support/Dialog/Dialog.app"
dockutil="/usr/local/bin/dockutil"
installomatorOptions="BLOCKING_PROCESS_ACTION=prompt_user DIALOG_CMD_FILE=${dialog_command_file}" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 10.0.2 : Improved icon checks and failovers
# v. 10.0.1 : Improved appIcon handling. Can add the app to Dock using dockutil
# v. 10.0 : Integration with Dialog and Installomator v. 10
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
dialogUpdate() {
# $1: dialog command
local dcommand="$1"
if [[ -n $dialog_command_file ]]; then
echo "$dcommand" >> "$dialog_command_file"
echo "Dialog: $dcommand"
fi
}
checkCmdOutput () {
# $1: cmdOutput
local cmdOutput="$1"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
}
# Check the currently logged in user
currentUser=$(stat -f "%Su" /dev/console)
if [ -z "$currentUser" ] || [ "$currentUser" = "loginwindow" ] || [ "$currentUser" = "_mbsetupuser" ] || [ "$currentUser" = "root" ]; then
echo "ERROR. Logged in user is $currentUser! Cannot proceed."
exit 97
fi
# Get the current user's UID for dockutil
uid=$(id -u "$currentUser")
# Find the home folder of the user
userHome="$(dscl . -read /users/${currentUser} NFSHomeDirectory | awk '{print $2}')"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Mark: Installation begins
installomatorVersion="$(${destFile} version | cut -d "." -f1 || true)"
if [[ $installomatorVersion -lt 10 ]] || [[ $(sw_vers -buildVersion) < "20A" ]]; then
echo "Installomator should be at least version 10 to support Dialog. Installed version $installomatorVersion."
echo "And macOS 11 Big Sur (build 20A) is required for Dialog. Installed build $(sw_vers -buildVersion)."
installomatorNotify="NOTIFY=all"
else
installomatorNotify="NOTIFY=silent"
# check for Swift Dialog
if [[ ! -d $dialogApp ]]; then
echo "Cannot find dialog at $dialogApp"
# Install using Installlomator
cmdOutput="$(${destFile} dialog LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
# Configure and display swiftDialog
itemName=$( ${destFile} ${item} RETURN_LABEL_NAME=1 LOGGING=REQ INSTALL=force | tail -1 || true )
if [[ "$itemName" != "#" ]]; then
message="Installing ${itemName}"
else
message="Installing ${item}"
fi
echo "$item $itemName"
#Check icon (expecting beginning with “http” to be web-link and “/” to be disk file)
echo "icon before check: $icon"
if [[ "$(echo ${icon} | grep -iE "^(http|ftp).*")" != "" ]]; then
echo "icon looks to be web-link"
if ! curl -sfL --output /dev/null -r 0-0 "${icon}" ; then
echo "ERROR: Cannot download link. Reset icon."
icon=""
fi
elif [[ "$(echo ${icon} | grep -iE "^\/.*")" != "" ]]; then
echo "icon looks to be a file"
if [[ ! -a "${icon}" ]]; then
echo "ERROR: Cannot find file. Reset icon."
icon=""
fi
else
echo "ERROR: Cannot figure out icon. Reset icon."
icon=""
fi
echo "icon after first check: $icon"
# If no icon defined we are trying to search for installed app icon
if [[ "$icon" == "" ]]; then
appPath=$(mdfind "kind:application AND name:$itemName" | head -1 || true)
appIcon=$(defaults read "${appPath}/Contents/Info.plist" CFBundleIconFile || true)
if [[ "$(echo "$appIcon" | grep -io ".icns")" == "" ]]; then
appIcon="${appIcon}.icns"
fi
icon="${appPath}/Contents/Resources/${appIcon}"
echo "Icon before file check: ${icon}"
if [ ! -f "${icon}" ]; then
# Using LOGO variable to show logo in swiftDialog
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
icon="${LOGO_PATH}"
fi
fi
echo "LOGO: $LOGO"
echo "icon: ${icon}"
# display first screen
open -a "$dialogApp" --args \
--title none \
--icon "$icon" \
--message "$message" \
--mini \
--progress 100 \
--position bottomright \
--movable \
--commandfile "$dialog_command_file"
# give everything a moment to catch up
sleep 0.1
fi
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} ${installomatorNotify} || true)"
checkCmdOutput $cmdOutput
# Mark: dockutil stuff
if [[ $addToDock -eq 1 ]]; then
dialogUpdate "progresstext: Adding to Dock"
if [[ ! -d $dockutil ]]; then
echo "Cannot find dockutil at $dockutil, trying installation"
# Install using Installlomator
cmdOutput="$(${destFile} dockutil LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
echo "Adding to Dock"
$dockutil --add "${appPath}" "${userHome}/Library/Preferences/com.apple.dock.plist" || true
sleep 1
else
echo "Not adding to Dock."
fi
# Mark: Ending
if [[ $installomatorVersion -lt 10 ]]; then
echo "Again skipping Dialog stuff."
else
# close and quit dialog
dialogUpdate "progress: complete"
dialogUpdate "progresstext: Done"
# pause a moment
sleep 0.5
dialogUpdate "quit:"
# let everything catch up
sleep 0.5
# just to be safe
#killall "Dialog" 2>/dev/null || true
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

275
MDM/App-install SS with swiftDialog and dockutil/App service SS.sh Normal file
View File

@@ -0,0 +1,275 @@
#!/bin/sh
# Installation using Installomator
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="" # enter the software to install
# Examples: applenyfonts, applesfarabic, applesfcompact, applesfmono, applesfpro, applesfsymbols, desktoppr, dialog, dockutil, knockknock, lulu, nomad, nudge, shield, supportapp, wordservice, xcreds, xink
# Dialog icon
icon=""
# icon should be a file system path or an URL to an online PNG.
# In Mosyle an URL can be found by copy picture address from a Custom Command icon.
# dockutil variables
addToDock="1" # with dockutil after installation (0 if not)
appPath="/Applications/Xink.app"
# Other variables
dialog_command_file="/var/tmp/dialog.log"
dialogApp="/Library/Application Support/Dialog/Dialog.app"
dockutil="/usr/local/bin/dockutil"
installomatorOptions="BLOCKING_PROCESS_ACTION=ignore NOTIFY=silent DIALOG_CMD_FILE=${dialog_command_file}" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 10.0.2 : Improved icon checks and failovers
# v. 10.0.1 : Can add the app to Dock using dockutil
# v. 10.0 : Integration with Dialog and Installomator v. 10
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
dialogUpdate() {
# $1: dialog command
local dcommand="$1"
if [[ -n $dialog_command_file ]]; then
echo "$dcommand" >> "$dialog_command_file"
echo "Dialog: $dcommand"
fi
}
checkCmdOutput () {
# $1: cmdOutput
local cmdOutput="$1"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
}
# Check the currently logged in user
currentUser=$(stat -f "%Su" /dev/console)
if [ -z "$currentUser" ] || [ "$currentUser" = "loginwindow" ] || [ "$currentUser" = "_mbsetupuser" ] || [ "$currentUser" = "root" ]; then
echo "ERROR. Logged in user is $currentUser! Cannot proceed."
exit 97
fi
# Get the current user's UID for dockutil
uid=$(id -u "$currentUser")
# Find the home folder of the user
userHome="$(dscl . -read /users/${currentUser} NFSHomeDirectory | awk '{print $2}')"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Mark: Installation begins
installomatorVersion="$(${destFile} version | cut -d "." -f1 || true)"
if [[ $installomatorVersion -lt 10 ]] || [[ $(sw_vers -buildVersion) < "20A" ]]; then
echo "Installomator should be at least version 10 to support Dialog. Installed version $installomatorVersion."
echo "And macOS 11 Big Sur (build 20A) is required for Dialog. Installed build $(sw_vers -buildVersion)."
installomatorNotify="NOTIFY=all"
else
installomatorNotify="NOTIFY=silent"
# check for Swift Dialog
if [[ ! -d $dialogApp ]]; then
echo "Cannot find dialog at $dialogApp"
# Install using Installlomator
cmdOutput="$(${destFile} dialog LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
# Configure and display swiftDialog
itemName=$( ${destFile} ${item} RETURN_LABEL_NAME=1 LOGGING=REQ INSTALL=force | tail -1 || true )
if [[ "$itemName" != "#" ]]; then
message="Installing ${itemName}"
else
message="Installing ${item}"
fi
echo "$item $itemName"
#Check icon (expecting beginning with “http” to be web-link and “/” to be disk file)
echo "icon before check: $icon"
if [[ "$(echo ${icon} | grep -iE "^(http|ftp).*")" != "" ]]; then
echo "icon looks to be web-link"
if ! curl -sfL --output /dev/null -r 0-0 "${icon}" ; then
echo "ERROR: Cannot download link. Reset icon."
icon=""
fi
elif [[ "$(echo ${icon} | grep -iE "^\/.*")" != "" ]]; then
echo "icon looks to be a file"
if [[ ! -a "${icon}" ]]; then
echo "ERROR: Cannot find file. Reset icon."
icon=""
fi
else
echo "ERROR: Cannot figure out icon. Reset icon."
icon=""
fi
echo "icon after first check: $icon"
# If no icon defined we are trying to search for installed app icon
if [[ "$icon" == "" ]]; then
appPath=$(mdfind "kind:application AND name:$itemName" | head -1 || true)
appIcon=$(defaults read "${appPath}/Contents/Info.plist" CFBundleIconFile || true)
if [[ "$(echo "$appIcon" | grep -io ".icns")" == "" ]]; then
appIcon="${appIcon}.icns"
fi
icon="${appPath}/Contents/Resources/${appIcon}"
echo "Icon before file check: ${icon}"
if [ ! -f "${icon}" ]; then
# Using LOGO variable to show logo in swiftDialog
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
icon="${LOGO_PATH}"
fi
fi
echo "LOGO: $LOGO"
echo "icon: ${icon}"
# display first screen
open -a "$dialogApp" --args \
--title none \
--icon "$icon" \
--message "$message" \
--mini \
--progress 100 \
--position bottomright \
--movable \
--commandfile "$dialog_command_file"
# give everything a moment to catch up
sleep 0.1
fi
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} ${installomatorNotify} || true)"
checkCmdOutput $cmdOutput
# Mark: dockutil stuff
if [[ $addToDock -eq 1 ]]; then
dialogUpdate "progresstext: Adding to Dock"
if [[ ! -d $dockutil ]]; then
echo "Cannot find dockutil at $dockutil, trying installation"
# Install using Installlomator
cmdOutput="$(${destFile} dockutil LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore LOGGING=REQ NOTIFY=silent || true)"
checkCmdOutput $cmdOutput
fi
echo "Adding to Dock"
$dockutil --add "${appPath}" "${userHome}/Library/Preferences/com.apple.dock.plist" || true
sleep 1
else
echo "Not adding to Dock."
fi
# Mark: Ending
if [[ $installomatorVersion -lt 10 ]]; then
echo "Again skipping Dialog stuff."
else
# close and quit dialog
dialogUpdate "progress: complete"
dialogUpdate "progresstext: Done"
# pause a moment
sleep 0.5
dialogUpdate "quit:"
# let everything catch up
sleep 0.5
# just to be safe
#killall "Dialog" 2>/dev/null || true
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

98
MDM/App-install/App VFA.sh Executable file
View File

@@ -0,0 +1,98 @@
#!/bin/sh
# Installation using Installomator
# Installation of software using valuesfromarguments to install a custom software using Installomator
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
#item="" # enter the software to install (if it has a label in future version of Installomator)
# Variables for label
name="ClickShare"
type="appInDmgInZip"
packageID=""
downloadURL="https://www.barco.com$( curl -fs "https://www.barco.com/en/clickshare/app" | grep -A6 -i "macos" | grep -i "FileNumber" | tr '"' "\n" | grep -i "FileNumber" )"
appNewVersion="$(eval "$( echo $downloadURL | sed -E 's/.*(MajorVersion.*BuildVersion=[0-9]*).*/\1/' | sed 's/&amp//g' )" ; ((MajorVersion++)) ; ((MajorVersion--)); ((MinorVersion++)) ; ((MinorVersion--)); ((PatchVersion++)) ; ((PatchVersion--)); ((BuildVersion++)) ; ((BuildVersion--)); echo "${MajorVersion}.${MinorVersion}.${PatchVersion}-b${BuildVersion}")"
versionKey=""
expectedTeamID="P6CDJZR997"
installomatorOptions="BLOCKING_PROCESS_ACTION=prompt_user LOGGING=INFO NOTIFY=all" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "what" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $what"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator with valuesfromarguments
cmdOutput="$(${destFile} valuesfromarguments LOGO=$LOGO \
name=\"${name}\" \
type=${type} \
packageID=${packageID} \
downloadURL=\"$downloadURL\" \
appNewVersion=${appNewVersion} \
versionKey=${versionKey} \
expectedTeamID=${expectedTeamID} \
blockingProcesses=\"NONE\" \
${installomatorOptions} || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${what} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${what}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

79
MDM/App-install/App browser-security Auto-install.sh Normal file
View File

@@ -0,0 +1,79 @@
#!/bin/sh
# Installation using Installomator
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="firefoxpkg" # enter the software to install
# Examples: brave, duckduckgo, firefoxpkg, googlechromepkg, microsoftedge, opera
installomatorOptions="BLOCKING_PROCESS_ACTION=tell_user_then_quit" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

79
MDM/App-install/App browser-security SS.sh Normal file
View File

@@ -0,0 +1,79 @@
#!/bin/sh
# Installation using Installomator
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="" # enter the software to install
# Examples: brave, duckduckgo, firefoxpkg, googlechromepkg, microsoftedge, opera
installomatorOptions="BLOCKING_PROCESS_ACTION=tell_user_then_quit NOTIFY=all" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "what" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $what"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator
cmdOutput="$(${destFile} ${what} LOGO=$LOGO ${installomatorOptions} || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${what} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${what}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

79
MDM/App-install/App normal Auto-install.sh Normal file
View File

@@ -0,0 +1,79 @@
#!/bin/sh
# Installation using Installomator
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="" # enter the software to install
# Examples: adobecreativeclouddesktop, textmate, vlc
installomatorOptions="BLOCKING_PROCESS_ACTION=tell_user" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

80
MDM/App-install/App normal SS.sh Normal file
View File

@@ -0,0 +1,80 @@
#!/bin/sh
# Installation using Installomator
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="" # enter the software to install
# Examples: adobecreativeclouddesktop, canva, cyberduck, handbrake, inkscape, textmate, vlc
installomatorOptions="BLOCKING_PROCESS_ACTION=prompt_user NOTIFY=all" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

79
MDM/App-install/App service Auto-install.sh Normal file
View File

@@ -0,0 +1,79 @@
#!/bin/sh
# Installation using Installomator
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="dockutil" # enter the software to install
# Examples: applenyfonts, applesfarabic, applesfcompact, applesfmono, applesfpro, applesfsymbols, desktoppr, dialog, dockutil, knockknock, lulu, nomad, nudge, shield, supportapp, wordservice, xcreds, xink
installomatorOptions="BLOCKING_PROCESS_ACTION=ignore NOTIFY=silent" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

193
MDM/App-loop script.sh
View File

@@ -1,193 +0,0 @@
#!/bin/zsh
# Installation using Installomator
whatList="microsoftteams microsoftyammer firefox bravebrowser cyberduck vlc signal" # enter the software to install separated with spaces
# To be used as a script sent out from a MDM.
# Fill the variable "whatList" above with labels separated by space " ".
# Script will loop through these labels.
LOGO="appstore" # or "addigy", "microsoft", "mosyleb", "mosylem"
######################################################################
# Parameters for reinstall/initial install (owner root:wheel):
# "BLOCKING_PROCESS_ACTION=quit_kill INSTALL=force IGNORE_APP_STORE_APPS=yes SYSTEMOWNER=1"
# Parameters for Self Service installed app:
# "BLOCKING_PROCESS_ACTION=prompt_user NOTIFY=all"
# Parameters for security important apps, like browsers (run automaticaly every day):
# "BLOCKING_PROCESS_ACTION=tell_user_then_kill"
# Update of service apps (run automatically):
# "BLOCKING_PROCESS_ACTION=quit_kill NOTIFY=silent"
parameters="BLOCKING_PROCESS_ACTION=tell_user NOTIFY=all"
######################################################################
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Count errors
errorCount=0
for what in $whatList; do
#echo $what
# Install software using Installomator
cmdOutput="$(${destFile} ${what} LOGO=$LOGO $parameters LOGGING=WARN || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -ne 0 ]] ; then
echo -e "Error installing ${what}. Exit code ${exitStatus}"
#echo "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
echo "$errorOutput"
let errorCount++
fi
done
echo
echo "Errors: $errorCount"
echo "[$(DATE)][LOG-END]"
caffexit $errorCount
# notify behavior
# NOTIFY=success
# options:
# - success notify the user on success
# - silent no notifications
# - all all notifications (great for Self Service installation)
# behavior when blocking processes are found
# BLOCKING_PROCESS_ACTION=tell_user
# options:
# - ignore continue even when blocking processes are found
# - quit app will be told to quit nicely, if running
# - quit_kill told to quit twice, then it will be killed
# Could be great for service apps, if they do not respawn
# - silent_fail exit script without prompt or installation
# - prompt_user show a user dialog for each blocking process found
# abort after three attempts to quit
# (only if user accepts to quit the apps, otherwise
# the update is cancelled).
# - prompt_user_then_kill
# show a user dialog for each blocking process found,
# attempt to quit two times, kill the process finally
# - prompt_user_loop
# Like prompt-user, but clicking "Not Now", will just wait an hour,
# and then it will ask again.
# WARNING! It might block the MDM agent on the machine, as
# the scripts gets stuct in waiting until the hour has passed,
# possibly blocking for other management actions in this time.
# - tell_user User will be showed a notification about the important update,
# but user is only allowed to quit and continue, and then we
# ask the app to quit.
# - tell_user_then_kill
# Show dialog 2 times, and if the quitting fails, the
# blocking processes will be killed.
# - kill kill process without prompting or giving the user a chance to save
# logo-icon used in dialog boxes if app is blocking
# LOGO=appstore
# options:
# - appstore Icon is Apple App Store (default)
# - jamf JAMF Pro
# - mosyleb Mosyle Business
# - mosylem Mosyle Manager (Education)
# - addigy Addigy
# path can also be set in the command call, and if file exists, it will be used.
# Like 'LOGO="/System/Applications/App\ Store.app/Contents/Resources/AppIcon.icns"'
# (spaces have to be escaped).
# App Store apps handling
# IGNORE_APP_STORE_APPS=no
# options:
# - no If installed app is from App Store (which include VPP installed apps)
# it will not be touched, no matter it's version (default)
# - yes Replace App Store (and VPP) version of app and handle future
# updates using Installomator, even if latest version.
# Shouldnt give any problems for the user in most cases.
# Known bad example: Slack will loose all settings.
# install behavior
# INSTALL=""
# options:
# - When not set, software will only be installed
# if it is newer/different in version
# - force Install even if its the same version
# Re-opening of closed app
# REOPEN="yes"
# options:
# - yes App wil be reopened if it was closed
# - no App not reopened
########################
# Often used labels:
########################
# firefox
# firefox_intl
# brave
# torbrowser
# googlechrome
# netnewswire
# adobereaderdc
# textmate
# cyberduck
# keka
# theunarchiver
# vlc
# handbrake
# inkscape
# signal
# telegram
# whatsapp
# hazel
# devonthink
# teamviewerqs
# zoom
# malwarebytes
# githubdesktop
# sublimetext
# textmate
# visualstudiocode
# microsoftskypeforbusiness
# microsoftteams
# microsoftyammer
# microsoftedgeenterprisestable
# microsoftedgeconsumerstable
# microsoftsharepointplugin
# microsoftdefenderatp
# googledrivefilestream
# cdef
# desktoppr
# supportapp
# xink
# wwdc

92
MDM/App-update/App browser-security Auto-install.sh Normal file
View File

@@ -0,0 +1,92 @@
#!/bin/sh
# Update with Installomator if app exist
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="microsoftedge" # enter the software to install
# Examples: brave, duckduckgo, firefoxpkg, googlechromepkg, microsoftedge, opera
appPath="/Applications/Microsoft Edge.app"
# Examples: Microsoft Edge.app, Brave Browser.app, DuckDuckGo.app, Google Chrome.app, Firefox.app, Opera.app
installomatorOptions="BLOCKING_PROCESS_ACTION=tell_user_then_quit" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
# Check if app is installed
# We only want this to run if it's already installed
if [ ! -e "${appPath}" ]; then
echo "App not found here:"
echo "${appPath}"
echo "Exiting."
exit 98
fi
echo "${appPath} Found!"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

92
MDM/App-update/App normal Auto-install.sh Normal file
View File

@@ -0,0 +1,92 @@
#!/bin/sh
# Update with Installomator if app exist
LOGO="" # "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
item="" # enter the software to install
# Examples: cyberduck, handbrake, textmate, vlc
appPath="/Applications/Cyberduck.app"
# Examples: Cyberduck.app, Handbrake.app, Textmate.app, VLC.app
installomatorOptions="BLOCKING_PROCESS_ACTION=prompt_user" # Separated by space
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
# To be used as a script sent out from a MDM.
# Fill the variable "item" above with a label.
# Script will run this label through Installomator.
######################################################################
# v. 9.2.1 : Better logging handling and installomatorOptions fix.
######################################################################
# Mark: Script
# PATH declaration
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
echo "$(date +%F\ %T) [LOG-BEGIN] $item"
# Check if app is installed
# We only want this to run if it's already installed
if [ ! -e "${appPath}" ]; then
echo "App not found here:"
echo "${appPath}"
echo "Exiting."
exit 98
fi
echo "${appPath} Found!"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator
cmdOutput="$(${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "warn" || true )"
echo "$warnOutput"
else
echo "ERROR installing ${item}. Exit code ${exitStatus}"
echo "$cmdOutput"
#errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
#echo "$errorOutput"
fi
echo "[$(DATE)][LOG-END]"
caffexit $exitStatus

43
MDM/InstallInstallomator.sh
View File

@@ -1,43 +0,0 @@
#!/bin/sh
# This script is meant to povide the simplest MDM/management platform agnostic way to install Installomator
# The only requirement is an Internet connection
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Get the URL of the latest PKG From the Installomator GitHub repo
url=$(curl --silent --fail "https://api.github.com/repos/Installomator/Installomator/releases/latest" | awk -F '"' "/browser_download_url/ && /pkg\"/ { print \$4; exit }")
# Expected Team ID of the downloaded PKG
expectedTeamID="JME5BW3F3R"
exitCode=0
# Check for Installomator and install if not found
if [ ! -e "/usr/local/Installomator/Installomator.sh" ]; then
echo "Installomator not found. Installing."
# Create temporary working directory
tempDirectory=$( mktemp -d )
echo "Created working directory '$tempDirectory'"
# Download the installer package
echo "Downloading Installomator package"
curl --location --silent "$url" -o "$tempDirectory/Installomator.pkg"
# Verify the download
teamID=$(spctl -a -vv -t install "$tempDirectory/Installomator.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()')
echo "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
echo "Package verified. Installing package Installomator.pkg"
installer -pkg "$tempDirectory/Installomator.pkg" -target / -verbose
exitCode=$?
else
echo "Package verification failed before package installation could start. Download link may be invalid. Aborting."
exitCode=1
exit $exitCode
fi
# Remove the temporary working directory when done
echo "Deleting working directory '$tempDirectory' and its contents"
rm -Rf "$tempDirectory"
else
echo "Installomator already installed."
fi
exit $exitCode

360
MDM/Installomator 1st Auto-install DEPNotify.sh Executable file
View File

@@ -0,0 +1,360 @@
#!/bin/sh
# Installomator 1st installation with DEPNotify window (auto installation at enrollment)
instance="" # Name of used instance
LOGO="" # "appstore", "jamf", "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
items=(dialog dockutil microsoftautoupdate supportapp applenyfonts applesfpro applesfmono applesfcompact xink zohoworkdrivetruesync textmate 1password7 wwdc theunarchiver keka microsoftedge microsoftteams microsoftonedrive microsoftoffice365)
# Remember: dialog dockutil
installomatorOptions="NOTIFY=silent BLOCKING_PROCESS_ACTION=ignore INSTALL=force IGNORE_APP_STORE_APPS=yes LOGGING=REQ"
# DEPNotify display settings, change as desired
title="Installing Apps and other software"
message="Please wait while we download and install the needed software."
endMessage="Installation complete! Please reboot to activate FileVault."
errorMessage="A problem was encountered setting up this Mac. Please contact IT."
######################################################################
# Installomator 1st DEPNotify
#
# Installation using Installomator showing progress with DEPNotify
# Great stand-alone solution if installs are only done using Installomator.
# No customization below…
######################################################################
# This script can be used to install software using Installomator.
# Script will start DEPNotify to display a progress bar.
# Progress bar moves between installations
######################################################################
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
#
# This script made by Søren Theilgaard
# https://github.com/Theile
# Twitter and MacAdmins Slack: @theilgaard
#
# Some functions and code from Installomator:
# https://github.com/Installomator/Installomator
#
######################################################################
scriptVersion="9.5"
# v. 9.5 : 2022-09-21 : change of GitHub download
# v. 9.4 : 2022-09-14 : downloadURL can fall back on GitHub API
# v. 9.3 : 2022-08-29 : installomatorOptions in quotes and ignore blocking processes. Improved installation with looping if it fails, so it can try again. Improved GitHub handling. ws1 support.
# v. 9.2.2 : 2022-06-17 : installomatorOptions introduced. Check 1.1.1.1 for internet connection.
# v. 9.2.1 : 2022-05-30 : Some changes to logging
# v. 9.2 : 2022-05-19 : Built in installer for Installlomator, and display dialog if error happens. Now universal script for all supported MDMs based on LOGO variable.
# v. 9.1 : 2022-04-13 : Using INSTALL=force in Label only, so Microsoft labels will not start updating
# v. 9.0.1 : 2022-02-21 : LOGO=addigy, few more "true" lines, and errorOutput on error
# v. 9.0.0 : 2022-02-14 : Updated for Inst. 9.0, Logging improved with printlog
######################################################################
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Check before running
case $LOGO in
addigy|microsoft)
conditionFile="/var/db/.Installomator1stDone"
# Addigy and Microsoft Endpoint Manager (Intune) need a check for a touched file
if [ -e "$conditionFile" ]; then
echo "$LOGO setup detected"
echo "$conditionFile exists, so we exit."
exit 0
else
echo "$conditionFile not found, so we continue…"
fi
;;
esac
# Mark: Constants, logging and caffeinate
log_message="$instance: Installomator 1st with DEPNotify, v$scriptVersion"
label="1st-v$scriptVersion"
log_location="/private/var/log/Installomator.log"
printlog(){
timestamp=$(date +%F\ %T)
if [[ "$(whoami)" == "root" ]]; then
echo "$timestamp :: $label : $1" | tee -a $log_location
else
echo "$timestamp :: $label : $1"
fi
}
printlog "[LOG-BEGIN] ${log_message}"
# Internet check
if [[ "$(nc -z -v -G 10 1.1.1.1 53 2>&1 | grep -io "succeeded")" != "succeeded" ]]; then
printlog "ERROR. No internet connection, we cannot continue."
exit 90
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid" || true
pkill caffeinate || true
printlog "[LOG-END] Status $1"
exit $1
}
# Command-file to DEPNotify
DEPNOTIFY_LOG="/var/tmp/depnotify.log"
# Counters
errorCount=0
countLabels=${#items[@]}
printlog "Total installations: $countLabels"
# Using LOGO variable to specify MDM and shown logo
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
printlog "LOGO: $LOGO - LOGO_PATH: $LOGO_PATH"
# Mark: Functions
printlog "depnotify_command function"
echo "" > $DEPNOTIFY_LOG || true
function depnotify_command(){
printlog "DEPNotify-command: $1"
echo "$1" >> $DEPNOTIFY_LOG || true
}
printlog "startDEPNotify function"
function startDEPNotify() {
currentUser="$(stat -f "%Su" /dev/console)"
currentUserID=$(id -u "$currentUser")
launchctl asuser $currentUserID open -a "/Applications/Utilities/DEPNotify.app/Contents/MacOS/DEPNotify" --args -path "$DEPNOTIFY_LOG" || true # --args -fullScreen
sleep 5
depnotify_command "Command: KillCommandFile:"
depnotify_command "Command: MainTitle: $title"
depnotify_command "Command: Image: $LOGO_PATH"
depnotify_command "Command: MainText: $message"
depnotify_command "Command: Determinate: $countLabels"
}
# Notify the user using AppleScript
printlog "displayDialog function"
function displayDialog(){
currentUser="$(stat -f "%Su" /dev/console)"
currentUserID=$(id -u "$currentUser")
if [[ "$currentUser" != "" ]]; then
launchctl asuser $currentUserID sudo -u $currentUser osascript -e "button returned of (display dialog \"$message\" buttons {\"OK\"} default button \"OK\" with icon POSIX file \"$LOGO_PATH\")" || true
fi
}
# Mark: Code
name="Installomator"
printlog "$name check for installation"
# download URL, version and Expected Team ID
# Method for GitHub pkg
gitusername="Installomator"
gitreponame="Installomator"
#printlog "$gitusername $gitreponame"
filetype="pkg"
#downloadURL="https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
downloadURL="https://github.com$(curl -sfL "$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "expanded_assets" | head -1)" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype")" == "" ]]; then
printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }")
fi
#printlog "$downloadURL"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
#printlog "$appNewVersion"
expectedTeamID="JME5BW3F3R"
destFile="/usr/local/Installomator/Installomator.sh"
currentInstalledVersion="$(${destFile} version 2>/dev/null || true)"
printlog "${destFile} version: $currentInstalledVersion"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
printlog "$name not found or version not latest."
printlog "${destFile}"
printlog "Installing version ${appNewVersion} ..."
# Create temporary working directory
tmpDir="$(mktemp -d || true)"
printlog "Created working directory '$tmpDir'"
# Download the installer package
printlog "Downloading $name package version $appNewVersion from: $downloadURL"
installationCount=0
exitCode=9
while [[ $installationCount -lt 3 && $exitCode -gt 0 ]]; do
curlDownload=$(curl -Ls "$downloadURL" -o "$tmpDir/$name.pkg" || true)
curlDownloadStatus=$(echo $?)
if [[ $curlDownloadStatus -ne 0 ]]; then
printlog "error downloading $downloadURL, with status $curlDownloadStatus"
printlog "${curlDownload}"
exitCode=1
else
printlog "Download $name succes."
# Verify the download
teamID=$(spctl -a -vv -t install "$tmpDir/$name.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()' || true)
printlog "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
printlog "$name package verified. Installing package '$tmpDir/$name.pkg'."
pkgInstall=$(installer -verbose -dumplog -pkg "$tmpDir/$name.pkg" -target "/" 2>&1)
pkgInstallStatus=$(echo $?)
if [[ $pkgInstallStatus -ne 0 ]]; then
printlog "ERROR. $name package installation failed."
printlog "${pkgInstall}"
exitCode=2
else
printlog "Installing $name package succes."
exitCode=0
fi
else
printlog "ERROR. Package verification failed for $name before package installation could start. Download link may be invalid."
exitCode=3
fi
fi
((installationCount++))
printlog "$installationCount time(s), exitCode $exitCode"
if [[ $installationCount -lt 3 ]]; then
if [[ $exitCode -gt 0 ]]; then
printlog "Sleep a bit before trying download and install again. $installationCount time(s)."
printlog "Remove $(rm -fv "$tmpDir/$name.pkg" || true)"
sleep 2
fi
else
printlog "Download and install of $name succes."
fi
done
# Remove the temporary working directory
printlog "Deleting working directory '$tmpDir' and its contents."
printlog "Remove $(rm -Rfv "${tmpDir}" || true)"
# Handle installation errors
if [[ $exitCode != 0 ]]; then
printlog "ERROR. Installation of $name failed. Aborting."
caffexit $exitCode
else
printlog "$name version $appNewVersion installed!"
fi
else
printlog "$name version $appNewVersion already found. Perfect!"
fi
# Installing DEPNotify
cmdOutput="$( ${destFile} depnotify LOGO=$LOGO NOTIFY=silent BLOCKING_PROCESS_ACTION=ignore LOGGING=WARN || true )"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
printlog "DEPNotify install result: $exitStatus"
itemName=""
errorLabels=""
((countLabels++))
((countLabels--))
printlog "$countLabels labels to install"
startDEPNotify
for item in "${items[@]}"; do
# Check if DEPNotify is running and try open it if not
if ! pgrep -xq "DEPNotify"; then
startDEPNotify
fi
itemName=$( ${destFile} ${item} RETURN_LABEL_NAME=1 LOGGING=REQ INSTALL=force | tail -1 || true )
if [[ "$itemName" != "#" ]]; then
depnotify_command "Status: $itemName installing…"
else
depnotify_command "Status: $item installing…"
fi
printlog "$item $itemName"
cmdOutput="$( ${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true )"
#cmdOutput="2022-05-19 13:20:45 : REQ : installomator : ################## End Installomator, exit code 0"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
printlog "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text "WARN" || true )"
printlog "$warnOutput"
else
printlog "Error installing ${item}. Exit code ${exitStatus}"
#printlog "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
printlog "$errorOutput"
((errorCount++))
errorLabels="$errorLabels ${item}"
fi
((countLabels--))
itemName=""
done
# Mark: Finishing
# Prevent re-run of script if conditionFile is set
if [[ ! -z "$conditionFile" ]]; then
printlog "Touching condition file so script will not run again"
touch "$conditionFile" || true
printlog "$(ls -al "$conditionFile" || true)"
fi
# Show error to user if any
printlog "Errors: $errorCount"
if [[ $errorCount -ne 0 ]]; then
errorMessage="${errorMessage} Total errors: $errorCount"
message="$errorMessage"
displayDialog &
endMessage="$message"
printlog "errorLabels: $errorLabels"
fi
depnotify_command "Command: MainText: $endMessage"
depnotify_command "Command: Quit: $endMessage"
sleep 1
printlog "Remove $(rm -fv $DEPNOTIFY_LOG || true)"
printlog "Ending"
caffexit $errorCount

308
MDM/Installomator 1st Auto-install.sh Executable file
View File

@@ -0,0 +1,308 @@
#!/bin/sh
# Installomator 1st installation (auto installation at enrollment)
instance="" # Name of used instance
LOGO="" # "appstore", "jamf", "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
items=(dialog dockutil microsoftautoupdate supportapp xink zohoworkdrivetruesync textmate applenyfonts applesfpro applesfmono applesfcompact 1password7 wwdc theunarchiver keka microsoftedge microsoftteams microsoftonedrive microsoftoffice365)
# Remember: dialog dockutil
installomatorOptions="NOTIFY=silent BLOCKING_PROCESS_ACTION=ignore INSTALL=force IGNORE_APP_STORE_APPS=yes LOGGING=REQ"
# Error message to user if any occur
showError="1" # Show error message if 1 (0 if it should not be shown)
errorMessage="A problem was encountered setting up this Mac. Please contact IT."
######################################################################
# Installomator 1st
#
# Installation using Installomator
# (use separate Progress 1st script to show progress)
# No customization below…
######################################################################
# This script can be used to install software using Installomator.
# Script will display a dialog if any errors happens.
# User is not notified about installations.
######################################################################
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
#
# This script made by Søren Theilgaard
# https://github.com/Theile
# Twitter and MacAdmins Slack: @theilgaard
#
# Some functions and code from Installomator:
# https://github.com/Installomator/Installomator
#
######################################################################
scriptVersion="9.5"
# v. 9.5 : 2022-09-21 : change of GitHub download
# v. 9.4 : 2022-09-14 : Making error message optional. downloadURL can fall back on GitHub API.
# v. 9.3 : 2022-08-29 : installomatorOptions in quotes and ignore blocking processes. Improved installation with looping if it fails, so it can try again. Improved GitHub handling. ws1 support.
# v. 9.2.2 : 2022-06-17 : installomatorOptions introduced. Check 1.1.1.1 for internet connection.
# v. 9.2.1 : 2022-05-30 : Some changes to logging
# v. 9.2 : 2022-05-19 : Built in installer for Installomator, and display dialog if error happens. Now universal script for all supported MDMs based on LOGO variable.
######################################################################
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Check before running
case $LOGO in
addigy|microsoft)
conditionFile="/var/db/.Installomator1stDone"
# Addigy and Microsoft Endpoint Manager (Intune) need a check for a touched file
if [ -e "$conditionFile" ]; then
echo "$LOGO setup detected"
echo "$conditionFile exists, so we exit."
exit 0
else
echo "$conditionFile not found, so we continue…"
fi
;;
esac
# Mark: Constants, logging and caffeinate
log_message="$instance: Installomator 1st, v$scriptVersion"
label="1st-v$scriptVersion"
log_location="/private/var/log/Installomator.log"
printlog(){
timestamp=$(date +%F\ %T)
if [[ "$(whoami)" == "root" ]]; then
echo "$timestamp :: $label : $1" | tee -a $log_location
else
echo "$timestamp :: $label : $1"
fi
}
printlog "[LOG-BEGIN] ${log_message}"
# Internet check
if [[ "$(nc -z -v -G 10 1.1.1.1 53 2>&1 | grep -io "succeeded")" != "succeeded" ]]; then
printlog "ERROR. No internet connection, we cannot continue."
caffexit 90
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid" || true
pkill caffeinate || true
printlog "[LOG-END] Status $1"
exit $1
}
# Counters
errorCount=0
countLabels=${#items[@]}
printlog "Total installations: $countLabels"
# Using LOGO variable to specify MDM and shown logo
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
printlog "LOGO: $LOGO LOGO_PATH: $LOGO_PATH"
# Mark: Functions
# Notify the user using AppleScript
function displayDialog(){
currentUser="$(stat -f "%Su" /dev/console)"
currentUserID=$(id -u "$currentUser")
if [[ "$currentUser" != "" ]]; then
launchctl asuser $currentUserID sudo -u $currentUser osascript -e "button returned of (display dialog \"$message\" buttons {\"OK\"} default button \"OK\" with icon POSIX file \"$LOGO_PATH\")" || true
fi
}
# Mark: Code
name="Installomator"
printlog "$name check for installation"
# download URL, version and Expected Team ID
# Method for GitHub pkg
gitusername="Installomator"
gitreponame="Installomator"
#printlog "$gitusername $gitreponame"
filetype="pkg"
#downloadURL="https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
downloadURL="https://github.com$(curl -sfL "$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "expanded_assets" | head -1)" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype")" == "" ]]; then
printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }")
fi
#printlog "$downloadURL"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
#printlog "$appNewVersion"
expectedTeamID="JME5BW3F3R"
destFile="/usr/local/Installomator/Installomator.sh"
currentInstalledVersion="$(${destFile} version 2>/dev/null || true)"
printlog "${destFile} version: $currentInstalledVersion"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
printlog "$name not found or version not latest."
printlog "${destFile}"
printlog "Installing version ${appNewVersion} ..."
# Create temporary working directory
tmpDir="$(mktemp -d || true)"
printlog "Created working directory '$tmpDir'"
# Download the installer package
printlog "Downloading $name package version $appNewVersion from: $downloadURL"
installationCount=0
exitCode=9
while [[ $installationCount -lt 3 && $exitCode -gt 0 ]]; do
curlDownload=$(curl -Ls "$downloadURL" -o "$tmpDir/$name.pkg" || true)
curlDownloadStatus=$(echo $?)
if [[ $curlDownloadStatus -ne 0 ]]; then
printlog "error downloading $downloadURL, with status $curlDownloadStatus"
printlog "${curlDownload}"
exitCode=1
else
printlog "Download $name succes."
# Verify the download
teamID=$(spctl -a -vv -t install "$tmpDir/$name.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()' || true)
printlog "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
printlog "$name package verified. Installing package '$tmpDir/$name.pkg'."
pkgInstall=$(installer -verbose -dumplog -pkg "$tmpDir/$name.pkg" -target "/" 2>&1)
pkgInstallStatus=$(echo $?)
if [[ $pkgInstallStatus -ne 0 ]]; then
printlog "ERROR. $name package installation failed."
printlog "${pkgInstall}"
exitCode=2
else
printlog "Installing $name package succes."
exitCode=0
fi
else
printlog "ERROR. Package verification failed for $name before package installation could start. Download link may be invalid."
exitCode=3
fi
fi
((installationCount++))
printlog "$installationCount time(s), exitCode $exitCode"
if [[ $installationCount -lt 3 ]]; then
if [[ $exitCode -gt 0 ]]; then
printlog "Sleep a bit before trying download and install again. $installationCount time(s)."
printlog "Remove $(rm -fv "$tmpDir/$name.pkg" || true)"
sleep 2
fi
else
printlog "Download and install of $name succes."
fi
done
# Remove the temporary working directory
printlog "Deleting working directory '$tmpDir' and its contents."
printlog "Remove $(rm -Rfv "${tmpDir}" || true)"
# Handle installation errors
if [[ $exitCode != 0 ]]; then
printlog "ERROR. Installation of $name failed. Aborting."
caffexit $exitCode
else
printlog "$name version $appNewVersion installed!"
fi
else
printlog "$name version $appNewVersion already found. Perfect!"
fi
errorLabels=""
((countLabels++))
((countLabels--))
printlog "$countLabels labels to install"
for item in "${items[@]}"; do
printlog "$item"
cmdOutput="$( ${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true )"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
printlog "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text "WARN" || true )"
printlog "$warnOutput"
else
printlog "Error installing ${item}. Exit code ${exitStatus}"
#printlog "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
printlog "$errorOutput"
((errorCount++))
errorLabels="$errorLabels ${item}"
fi
((countLabels--))
itemName=""
done
# Mark: Finishing
# Prevent re-run of script if conditionFile is set
if [[ ! -z "$conditionFile" ]]; then
printlog "Touching condition file so script will not run again"
touch "$conditionFile" || true
printlog "$(ls -al "$conditionFile" || true)"
fi
# Show error to user if any
printlog "Errors: $errorCount"
if [[ $errorCount -ne 0 ]]; then
printlog "ERROR: Display error dialog to user!"
errorMessage="${errorMessage} Total errors: $errorCount"
if [[ $showError -eq 1 ]]; then
message="$errorMessage"
displayDialog &
fi
printlog "errorLabels: $errorLabels"
fi
printlog "Ending"
caffexit $errorCount

360
MDM/Installomator 1st SS DEPNotify.sh Executable file
View File

@@ -0,0 +1,360 @@
#!/bin/sh
# Installomator 1st installation with DEPNotify window (for self Service deployment)
instance="" # Name of used instance
LOGO="" # "appstore", "jamf", "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
items=(dialog dockutil microsoftautoupdate supportapp applenyfonts applesfpro applesfmono applesfcompact xink zohoworkdrivetruesync textmate 1password7 wwdc theunarchiver keka microsoftedge microsoftteams microsoftonedrive microsoftoffice365)
# Remember: dialog dockutil
installomatorOptions="NOTIFY=all BLOCKING_PROCESS_ACTION=prompt_user"
# DEPNotify display settings, change as desired
title="Installing Apps and other software"
message="Please wait while we download and install the needed software."
endMessage="Installation complete! Please reboot to activate FileVault."
errorMessage="A problem was encountered setting up this Mac. Please contact IT."
######################################################################
# Installomator 1st DEPNotify
#
# Installation using Installomator showing progress with DEPNotify
# Great stand-alone solution if installs are only done using Installomator.
# No customization below…
######################################################################
# This script can be used to install software using Installomator.
# Script will start DEPNotify to display a progress bar.
# Progress bar moves between installations
######################################################################
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
#
# This script made by Søren Theilgaard
# https://github.com/Theile
# Twitter and MacAdmins Slack: @theilgaard
#
# Some functions and code from Installomator:
# https://github.com/Installomator/Installomator
#
######################################################################
scriptVersion="9.5"
# v. 9.5 : 2022-09-21 : change of GitHub download
# v. 9.4 : 2022-09-14 : downloadURL can fall back on GitHub API
# v. 9.3 : 2022-08-29 : installomatorOptions in quotes and ignore blocking processes. Improved installation with looping if it fails, so it can try again. Improved GitHub handling. ws1 support.
# v. 9.2.2 : 2022-06-17 : installomatorOptions introduced. Check 1.1.1.1 for internet connection.
# v. 9.2.1 : 2022-05-30 : Some changes to logging
# v. 9.2 : 2022-05-19 : Built in installer for Installlomator, and display dialog if error happens. Now universal script for all supported MDMs based on LOGO variable.
# v. 9.1 : 2022-04-13 : Using INSTALL=force in Label only, so Microsoft labels will not start updating
# v. 9.0.1 : 2022-02-21 : LOGO=addigy, few more "true" lines, and errorOutput on error
# v. 9.0.0 : 2022-02-14 : Updated for Inst. 9.0, Logging improved with printlog
######################################################################
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Check before running
case $LOGO in
addigy|microsoft)
conditionFile="/var/db/.Installomator1stDone"
# Addigy and Microsoft Endpoint Manager (Intune) need a check for a touched file
if [ -e "$conditionFile" ]; then
echo "$LOGO setup detected"
echo "$conditionFile exists, so we exit."
exit 0
else
echo "$conditionFile not found, so we continue…"
fi
;;
esac
# Mark: Constants, logging and caffeinate
log_message="$instance: Installomator 1st with DEPNotify, v$scriptVersion"
label="1st-v$scriptVersion"
log_location="/private/var/log/Installomator.log"
printlog(){
timestamp=$(date +%F\ %T)
if [[ "$(whoami)" == "root" ]]; then
echo "$timestamp :: $label : $1" | tee -a $log_location
else
echo "$timestamp :: $label : $1"
fi
}
printlog "[LOG-BEGIN] ${log_message}"
# Internet check
if [[ "$(nc -z -v -G 10 1.1.1.1 53 2>&1 | grep -io "succeeded")" != "succeeded" ]]; then
printlog "ERROR. No internet connection, we cannot continue."
exit 90
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid" || true
pkill caffeinate || true
printlog "[LOG-END] Status $1"
exit $1
}
# Command-file to DEPNotify
DEPNOTIFY_LOG="/var/tmp/depnotify.log"
# Counters
errorCount=0
countLabels=${#items[@]}
printlog "Total installations: $countLabels"
# Using LOGO variable to specify MDM and shown logo
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
printlog "LOGO: $LOGO - LOGO_PATH: $LOGO_PATH"
# Mark: Functions
printlog "depnotify_command function"
echo "" > $DEPNOTIFY_LOG || true
function depnotify_command(){
printlog "DEPNotify-command: $1"
echo "$1" >> $DEPNOTIFY_LOG || true
}
printlog "startDEPNotify function"
function startDEPNotify() {
currentUser="$(stat -f "%Su" /dev/console)"
currentUserID=$(id -u "$currentUser")
launchctl asuser $currentUserID open -a "/Applications/Utilities/DEPNotify.app/Contents/MacOS/DEPNotify" --args -path "$DEPNOTIFY_LOG" || true # --args -fullScreen
sleep 5
depnotify_command "Command: KillCommandFile:"
depnotify_command "Command: MainTitle: $title"
depnotify_command "Command: Image: $LOGO_PATH"
depnotify_command "Command: MainText: $message"
depnotify_command "Command: Determinate: $countLabels"
}
# Notify the user using AppleScript
printlog "displayDialog function"
function displayDialog(){
currentUser="$(stat -f "%Su" /dev/console)"
currentUserID=$(id -u "$currentUser")
if [[ "$currentUser" != "" ]]; then
launchctl asuser $currentUserID sudo -u $currentUser osascript -e "button returned of (display dialog \"$message\" buttons {\"OK\"} default button \"OK\" with icon POSIX file \"$LOGO_PATH\")" || true
fi
}
# Mark: Code
name="Installomator"
printlog "$name check for installation"
# download URL, version and Expected Team ID
# Method for GitHub pkg
gitusername="Installomator"
gitreponame="Installomator"
#printlog "$gitusername $gitreponame"
filetype="pkg"
#downloadURL="https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
downloadURL="https://github.com$(curl -sfL "$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "expanded_assets" | head -1)" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype")" == "" ]]; then
printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }")
fi
#printlog "$downloadURL"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
#printlog "$appNewVersion"
expectedTeamID="JME5BW3F3R"
destFile="/usr/local/Installomator/Installomator.sh"
currentInstalledVersion="$(${destFile} version 2>/dev/null || true)"
printlog "${destFile} version: $currentInstalledVersion"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
printlog "$name not found or version not latest."
printlog "${destFile}"
printlog "Installing version ${appNewVersion} ..."
# Create temporary working directory
tmpDir="$(mktemp -d || true)"
printlog "Created working directory '$tmpDir'"
# Download the installer package
printlog "Downloading $name package version $appNewVersion from: $downloadURL"
installationCount=0
exitCode=9
while [[ $installationCount -lt 3 && $exitCode -gt 0 ]]; do
curlDownload=$(curl -Ls "$downloadURL" -o "$tmpDir/$name.pkg" || true)
curlDownloadStatus=$(echo $?)
if [[ $curlDownloadStatus -ne 0 ]]; then
printlog "error downloading $downloadURL, with status $curlDownloadStatus"
printlog "${curlDownload}"
exitCode=1
else
printlog "Download $name succes."
# Verify the download
teamID=$(spctl -a -vv -t install "$tmpDir/$name.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()' || true)
printlog "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
printlog "$name package verified. Installing package '$tmpDir/$name.pkg'."
pkgInstall=$(installer -verbose -dumplog -pkg "$tmpDir/$name.pkg" -target "/" 2>&1)
pkgInstallStatus=$(echo $?)
if [[ $pkgInstallStatus -ne 0 ]]; then
printlog "ERROR. $name package installation failed."
printlog "${pkgInstall}"
exitCode=2
else
printlog "Installing $name package succes."
exitCode=0
fi
else
printlog "ERROR. Package verification failed for $name before package installation could start. Download link may be invalid."
exitCode=3
fi
fi
((installationCount++))
printlog "$installationCount time(s), exitCode $exitCode"
if [[ $installationCount -lt 3 ]]; then
if [[ $exitCode -gt 0 ]]; then
printlog "Sleep a bit before trying download and install again. $installationCount time(s)."
printlog "Remove $(rm -fv "$tmpDir/$name.pkg" || true)"
sleep 2
fi
else
printlog "Download and install of $name succes."
fi
done
# Remove the temporary working directory
printlog "Deleting working directory '$tmpDir' and its contents."
printlog "Remove $(rm -Rfv "${tmpDir}" || true)"
# Handle installation errors
if [[ $exitCode != 0 ]]; then
printlog "ERROR. Installation of $name failed. Aborting."
caffexit $exitCode
else
printlog "$name version $appNewVersion installed!"
fi
else
printlog "$name version $appNewVersion already found. Perfect!"
fi
# Installing DEPNotify
cmdOutput="$( ${destFile} depnotify LOGO=$LOGO NOTIFY=silent BLOCKING_PROCESS_ACTION=ignore LOGGING=WARN || true )"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
printlog "DEPNotify install result: $exitStatus"
itemName=""
errorLabels=""
((countLabels++))
((countLabels--))
printlog "$countLabels labels to install"
startDEPNotify
for item in "${items[@]}"; do
# Check if DEPNotify is running and try open it if not
if ! pgrep -xq "DEPNotify"; then
startDEPNotify
fi
itemName=$( ${destFile} ${item} RETURN_LABEL_NAME=1 LOGGING=REQ INSTALL=force | tail -1 || true )
if [[ "$itemName" != "#" ]]; then
depnotify_command "Status: $itemName installing…"
else
depnotify_command "Status: $item installing…"
fi
printlog "$item $itemName"
cmdOutput="$( ${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true )"
#cmdOutput="2022-05-19 13:20:45 : REQ : installomator : ################## End Installomator, exit code 0"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
printlog "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text "WARN" || true )"
printlog "$warnOutput"
else
printlog "Error installing ${item}. Exit code ${exitStatus}"
#printlog "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
printlog "$errorOutput"
((errorCount++))
errorLabels="$errorLabels ${item}"
fi
((countLabels--))
itemName=""
done
# Mark: Finishing
# Prevent re-run of script if conditionFile is set
if [[ ! -z "$conditionFile" ]]; then
printlog "Touching condition file so script will not run again"
touch "$conditionFile" || true
printlog "$(ls -al "$conditionFile" || true)"
fi
# Show error to user if any
printlog "Errors: $errorCount"
if [[ $errorCount -ne 0 ]]; then
errorMessage="${errorMessage} Total errors: $errorCount"
message="$errorMessage"
displayDialog &
endMessage="$message"
printlog "errorLabels: $errorLabels"
fi
depnotify_command "Command: MainText: $endMessage"
depnotify_command "Command: Quit: $endMessage"
sleep 1
printlog "Remove $(rm -fv $DEPNOTIFY_LOG || true)"
printlog "Ending"
caffexit $errorCount

307
MDM/Installomator 1st SS.sh Executable file
View File

@@ -0,0 +1,307 @@
#!/bin/sh
# Installomator 1st installation (for Self Service deployment)
instance="" # Name of used instance
LOGO="" # "appstore", "jamf", "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
items=(dialog dockutil microsoftautoupdate supportapp applenyfonts applesfpro applesfmono applesfcompact xink zohoworkdrivetruesync textmate 1password7 wwdc theunarchiver keka microsoftedge microsoftteams microsoftonedrive microsoftoffice365)
# Remember: dialog dockutil
installomatorOptions="NOTIFY=all BLOCKING_PROCESS_ACTION=prompt_user"
# Error message to user if any occur
showError="1" # Show error message if 1 (0 if it should not be shown)
errorMessage="A problem was encountered setting up this Mac. Please contact IT."
######################################################################
# Installomator 1st for Self Service
#
# Installation using Installomator
# No customization below…
######################################################################
# This script can be used to install software using Installomator, where the user activate it in Self Service.
# Script will display a dialog if any errors happens.
# Progress is shown in notifications to the user
######################################################################
# Other installomatorOptions:
# LOGGING=REQ
# LOGGING=DEBUG
# LOGGING=WARN
# BLOCKING_PROCESS_ACTION=ignore
# BLOCKING_PROCESS_ACTION=tell_user
# BLOCKING_PROCESS_ACTION=tell_user_then_quit
# BLOCKING_PROCESS_ACTION=prompt_user
# BLOCKING_PROCESS_ACTION=prompt_user_loop
# BLOCKING_PROCESS_ACTION=prompt_user_then_kill
# BLOCKING_PROCESS_ACTION=quit
# BLOCKING_PROCESS_ACTION=kill
# NOTIFY=all
# NOTIFY=success
# NOTIFY=silent
# IGNORE_APP_STORE_APPS=yes
# INSTALL=force
######################################################################
#
# This script made by Søren Theilgaard
# https://github.com/Theile
# Twitter and MacAdmins Slack: @theilgaard
#
# Some functions and code from Installomator:
# https://github.com/Installomator/Installomator
#
######################################################################
scriptVersion="9.5"
# v. 9.5 : 2022-09-21 : change of GitHub download
# v. 9.4 : 2022-09-14 : Making error message optional. downloadURL can fall back on GitHub API.
# v. 9.3 : 2022-08-29 : installomatorOptions in quotes and ignore blocking processes. Improved installation with looping if it fails, so it can try again. Improved GitHub handling. ws1 support.
# v. 9.2.2 : 2022-06-17 : installomatorOptions introduced. Check 1.1.1.1 for internet connection.
# v. 9.2.1 : 2022-05-30 : Some changes to logging
# v. 9.2 : 2022-05-19 : Built in installer for Installomator, and display dialog if error happens. Now universal script for all supported MDMs based on LOGO variable.
######################################################################
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Check before running
case $LOGO in
addigy|microsoft)
conditionFile="/var/db/.Installomator1stDone"
# Addigy and Microsoft Endpoint Manager (Intune) need a check for a touched file
if [ -e "$conditionFile" ]; then
echo "$LOGO setup detected"
echo "$conditionFile exists, so we exit."
exit 0
else
echo "$conditionFile not found, so we continue…"
fi
;;
esac
# Mark: Constants, logging and caffeinate
log_message="$instance: Installomator 1st, v$scriptVersion"
label="1st-v$scriptVersion"
log_location="/private/var/log/Installomator.log"
printlog(){
timestamp=$(date +%F\ %T)
if [[ "$(whoami)" == "root" ]]; then
echo "$timestamp :: $label : $1" | tee -a $log_location
else
echo "$timestamp :: $label : $1"
fi
}
printlog "[LOG-BEGIN] ${log_message}"
# Internet check
if [[ "$(nc -z -v -G 10 1.1.1.1 53 2>&1 | grep -io "succeeded")" != "succeeded" ]]; then
printlog "ERROR. No internet connection, we cannot continue."
caffexit 90
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid" || true
pkill caffeinate || true
printlog "[LOG-END] Status $1"
exit $1
}
# Counters
errorCount=0
countLabels=${#items[@]}
printlog "Total installations: $countLabels"
# Using LOGO variable to specify MDM and shown logo
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
printlog "LOGO: $LOGO LOGO_PATH: $LOGO_PATH"
# Mark: Functions
# Notify the user using AppleScript
function displayDialog(){
currentUser="$(stat -f "%Su" /dev/console)"
currentUserID=$(id -u "$currentUser")
if [[ "$currentUser" != "" ]]; then
launchctl asuser $currentUserID sudo -u $currentUser osascript -e "button returned of (display dialog \"$message\" buttons {\"OK\"} default button \"OK\" with icon POSIX file \"$LOGO_PATH\")" || true
fi
}
# Mark: Code
name="Installomator"
printlog "$name check for installation"
# download URL, version and Expected Team ID
# Method for GitHub pkg
gitusername="Installomator"
gitreponame="Installomator"
#printlog "$gitusername $gitreponame"
filetype="pkg"
#downloadURL="https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
downloadURL="https://github.com$(curl -sfL "$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "expanded_assets" | head -1)" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype")" == "" ]]; then
printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }")
fi
#printlog "$downloadURL"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
#printlog "$appNewVersion"
expectedTeamID="JME5BW3F3R"
destFile="/usr/local/Installomator/Installomator.sh"
currentInstalledVersion="$(${destFile} version 2>/dev/null || true)"
printlog "${destFile} version: $currentInstalledVersion"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
printlog "$name not found or version not latest."
printlog "${destFile}"
printlog "Installing version ${appNewVersion} ..."
# Create temporary working directory
tmpDir="$(mktemp -d || true)"
printlog "Created working directory '$tmpDir'"
# Download the installer package
printlog "Downloading $name package version $appNewVersion from: $downloadURL"
installationCount=0
exitCode=9
while [[ $installationCount -lt 3 && $exitCode -gt 0 ]]; do
curlDownload=$(curl -Ls "$downloadURL" -o "$tmpDir/$name.pkg" || true)
curlDownloadStatus=$(echo $?)
if [[ $curlDownloadStatus -ne 0 ]]; then
printlog "error downloading $downloadURL, with status $curlDownloadStatus"
printlog "${curlDownload}"
exitCode=1
else
printlog "Download $name succes."
# Verify the download
teamID=$(spctl -a -vv -t install "$tmpDir/$name.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()' || true)
printlog "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
printlog "$name package verified. Installing package '$tmpDir/$name.pkg'."
pkgInstall=$(installer -verbose -dumplog -pkg "$tmpDir/$name.pkg" -target "/" 2>&1)
pkgInstallStatus=$(echo $?)
if [[ $pkgInstallStatus -ne 0 ]]; then
printlog "ERROR. $name package installation failed."
printlog "${pkgInstall}"
exitCode=2
else
printlog "Installing $name package succes."
exitCode=0
fi
else
printlog "ERROR. Package verification failed for $name before package installation could start. Download link may be invalid."
exitCode=3
fi
fi
((installationCount++))
printlog "$installationCount time(s), exitCode $exitCode"
if [[ $installationCount -lt 3 ]]; then
if [[ $exitCode -gt 0 ]]; then
printlog "Sleep a bit before trying download and install again. $installationCount time(s)."
printlog "Remove $(rm -fv "$tmpDir/$name.pkg" || true)"
sleep 2
fi
else
printlog "Download and install of $name succes."
fi
done
# Remove the temporary working directory
printlog "Deleting working directory '$tmpDir' and its contents."
printlog "Remove $(rm -Rfv "${tmpDir}" || true)"
# Handle installation errors
if [[ $exitCode != 0 ]]; then
printlog "ERROR. Installation of $name failed. Aborting."
caffexit $exitCode
else
printlog "$name version $appNewVersion installed!"
fi
else
printlog "$name version $appNewVersion already found. Perfect!"
fi
errorLabels=""
((countLabels++))
((countLabels--))
printlog "$countLabels labels to install"
for item in "${items[@]}"; do
printlog "$item"
cmdOutput="$( ${destFile} ${item} LOGO=$LOGO ${installomatorOptions} || true )"
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
printlog "${item} succesfully installed."
warnOutput="$( echo "${cmdOutput}" | grep --binary-files=text "WARN" || true )"
printlog "$warnOutput"
else
printlog "Error installing ${item}. Exit code ${exitStatus}"
#printlog "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
printlog "$errorOutput"
((errorCount++))
errorLabels="$errorLabels ${item}"
fi
((countLabels--))
itemName=""
done
# Mark: Finishing
# Prevent re-run of script if conditionFile is set
if [[ ! -z "$conditionFile" ]]; then
printlog "Touching condition file so script will not run again"
touch "$conditionFile" || true
printlog "$(ls -al "$conditionFile" || true)"
fi
# Show error to user if any
printlog "Errors: $errorCount"
if [[ $errorCount -ne 0 ]]; then
printlog "ERROR: Display error dialog to user!"
errorMessage="${errorMessage} Total errors: $errorCount"
if [[ $showError -eq 1 ]]; then
message="$errorMessage"
displayDialog &
fi
printlog "errorLabels: $errorLabels"
fi
printlog "Ending"
caffexit $errorCount

13
MDM/Installomator 1st condition.sh Normal file
View File

@@ -0,0 +1,13 @@
#!/bin/sh
# Mark: Addigy Condition on condition file
# Install on success
conditionFile="/var/db/.Installomator1stDone"
if [ -e "$conditionFile" ]; then
echo "$conditionFile exists. Exiting."
exit 1
else
echo "$conditionFile not found. Continue…"
exit 0
fi

11
MDM/Installomator 1st prevention.sh Normal file
View File

@@ -0,0 +1,11 @@
#!/bin/sh
# PREVENT Installomator 1st Auto-install from running
# DESCRIPTION
# Will create the file to prevent Installomator 1st Auto-install from running.
# Only for MDM solutions (like Addigy and Microsoft) that have conditions for runnning scripts and do not offer an enrollment event for runnning the script.
# By runninng this script, the file will be created on the client, that will prevent Installomator 1st Auto-install from runnning.
# This is a great help for implementing Installomator 1st Auto-install in a running solution, where the command below have to be run on currently enrolled devices, and then Installomator 1st Auto-install can be assigned to all machines, and will run only on newly enrolled devices.
/usr/bin/touch "/var/db/.Installomator1stDone"

42
MDM/Installomator update.sh
View File

@@ -1,42 +0,0 @@
#!/bin/bash
# Updating Installomator
# Usefull to push out after deployment if earlier version was deployed in DEP profile
what="installomator" # enter the software to install
LOGO="appstore" # or "addigy", "microsoft", "mosyleb", "mosylem"
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Install software using Installomator
cmdOutput="$(${destFile} ${what} LOGO=$LOGO BLOCKING_PROCESS_ACTION=ignore NOTIFY=silent LOGGING=req || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo -e "${what} succesfully installed.\n"
else
echo -e "Error installing ${what}. Exit code ${exitStatus}\n"
#echo "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
echo "$errorOutput"
caffexit $exitStatus
fi
echo "[$(DATE)][LOG-END]"
caffexit 0

160
MDM/Jamf/00_PrepareInstall_SwiftDialog.sh Executable file
View File

@@ -0,0 +1,160 @@
#!/bin/zsh
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# MARK: Arguments/Parameters
# Parameter 4: path to the swiftDialog command file
dialog_command_file=${4:-"/var/tmp/dialog.log"}
# Parameter 5: message displayed over the progress bar
message=${5:-"Self Service Progress"}
# Parameter 6: path or URL to an icon
icon=${6:-"/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"}
# see Dan Snelson's advice on how to get a URL to an icon in Self Service
# https://rumble.com/v119x6y-harvesting-self-service-icons.html
# MARK: Constants
dialogApp="/Library/Application Support/Dialog/Dialog.app"
# MARK: Functions
dialogUpdate() {
# $1: dialog command
local dcommand="$1"
if [[ -n $dialog_command_file ]]; then
echo "$dcommand" >> "$dialog_command_file"
echo "Dialog: $dcommand"
fi
}
# MARK: sanity checks
# check minimal macOS requirement
if [[ $(sw_vers -buildVersion ) < "20A" ]]; then
echo "This script requires at least macOS 11 Big Sur."
exit 98
fi
# check we are running as root
if [[ $DEBUG -eq 0 && $(id -u) -ne 0 ]]; then
echo "This script should be run as root"
exit 97
fi
# swiftDialog installation
name="Dialog"
echo "$name check for installation"
# download URL, version and Expected Team ID
# Method for GitHub pkg w. app version check
gitusername="bartreardon"
gitreponame="swiftDialog"
#echo "$gitusername $gitreponame"
filetype="pkg"
#downloadURL="https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
downloadURL="https://github.com$(curl -sfL "$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "expanded_assets" | head -1)" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype")" == "" ]]; then
echo "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }")
fi
#echo "$downloadURL"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
#echo "$appNewVersion"
expectedTeamID="PWA5E9TQ59"
destFile="/Library/Application Support/Dialog/Dialog.app"
versionKey="CFBundleShortVersionString" #CFBundleVersion
currentInstalledVersion="$(defaults read "${destFile}/Contents/Info.plist" $versionKey || true)"
echo "${name} version: $currentInstalledVersion"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
echo "$name not found or version not latest."
echo "${destFile}"
echo "Installing version ${appNewVersion}"
# Create temporary working directory
tmpDir="$(mktemp -d || true)"
echo "Created working directory '$tmpDir'"
# Download the installer package
echo "Downloading $name package version $appNewVersion from: $downloadURL"
installationCount=0
exitCode=9
while [[ $installationCount -lt 3 && $exitCode -gt 0 ]]; do
curlDownload=$(curl -Ls "$downloadURL" -o "$tmpDir/$name.pkg" || true)
curlDownloadStatus=$(echo $?)
if [[ $curlDownloadStatus -ne 0 ]]; then
echo "error downloading $downloadURL, with status $curlDownloadStatus"
echo "${curlDownload}"
exitCode=1
else
echo "Download $name succes."
# Verify the download
teamID=$(spctl -a -vv -t install "$tmpDir/$name.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()' || true)
echo "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
echo "$name package verified. Installing package '$tmpDir/$name.pkg'."
pkgInstall=$(installer -verbose -dumplog -pkg "$tmpDir/$name.pkg" -target "/" 2>&1)
pkgInstallStatus=$(echo $?)
if [[ $pkgInstallStatus -ne 0 ]]; then
echo "ERROR. $name package installation failed."
echo "${pkgInstall}"
exitCode=2
else
echo "Installing $name package succes."
exitCode=0
fi
else
echo "ERROR. Package verification failed for $name before package installation could start. Download link may be invalid."
exitCode=3
fi
fi
((installationCount++))
echo "$installationCount time(s), exitCode $exitCode"
if [[ $installationCount -lt 3 ]]; then
if [[ $exitCode -gt 0 ]]; then
echo "Sleep a bit before trying download and install again. $installationCount time(s)."
echo "Remove $(rm -fv "$tmpDir/$name.pkg" || true)"
sleep 2
fi
else
echo "Download and install of $name succes."
fi
done
# Remove the temporary working directory
echo "Deleting working directory '$tmpDir' and its contents."
echo "Remove $(rm -Rfv "${tmpDir}" || true)"
# Handle installation errors
if [[ $exitCode != 0 ]]; then
echo "ERROR. Installation of $name failed. Aborting."
caffexit $exitCode
else
echo "$name version $appNewVersion installed!"
fi
else
echo "$name version $appNewVersion already found. Perfect!"
fi
# check for Swift Dialog
if [[ ! -d $dialogApp ]]; then
echo "Cannot find dialog at $dialogApp"
exit 95
fi
# MARK: Configure and display swiftDialog
# display first screen
open -a "$dialogApp" --args \
--title none \
--icon "$icon" \
--message "$message" \
--mini \
--progress 100 \
--position bottomright \
--movable \
--commandfile "$dialog_command_file"
# give everything a moment to catch up
sleep 0.1

6
MDM/Jamf/ReadMe.md
View File

@@ -20,7 +20,7 @@ The different scripts require a set of parameters. We will use the `googlechrome
`00_Prepare_SwiftDialog.sh`
Parameter 4: `/var/tmp/dialog` (Path to the swiftDialog command file)
Parameter 4: `/var/tmp/dialog.log` (Path to the swiftDialog command file)
Parameter 5: `Installing Google Chrome...` (text shown in the swiftDialog window above the progress bar)
@@ -30,7 +30,7 @@ Parameter 6: Path to or URL for an icon in swiftDialog. This can be a path on th
Parameter 4: `googlechromepkg` (the label to install)
Parameter 5: `DIALOG_CMD_FILE=\var\log\dialog.log` (the swiftDialog command file, this has to be the same value as parameter 4 in the previous script)
Parameter 5: `DIALOG_CMD_FILE=/var/tmp/dialog.log` (the swiftDialog command file, this has to be the same value as parameter 4 in the previous script)
Parameter 6: `NOTIFY=silent` (disable Installomator notifications, optional)
@@ -38,7 +38,7 @@ You can add more configurations to the Installomator script when needed.
`zz_Quit_SwiftDialog`
Parameter 4: `/var/log/dialog.log` (the swiftDialog command file, this has to be the same value as parameter 4 in the first script)
Parameter 4: `/var/tmp/dialog.log` (the swiftDialog command file, this has to be the same value as parameter 4 in the first script)
Then setup the remainder of the Jamf Policy to your needs. This works best with Self Service policies.

115
MDM/MDMAddigy CustomSoftware.sh
View File

@@ -1,115 +0,0 @@
#!/bin/zsh
# Specific settings in Addigy to configure Custom Software for installomator.
# Addigy has 3 parts to fill out for this, Installation script, Condition, and Removal steps (see RemoveInstallomator.sh).
# Mark: Installation script
# Just click “Add” to autogenerate the installer script line by clicking the “Add”-button next to the Installer PKG, replace with first line below
/usr/sbin/installer -pkg "/Library/Addigy/ansible/packages/Installomator (9.1.0)/Installomator-9.1.pkg" -target /
# Installation using Installomator
whatList="supportapp xink textmate microsoftedge wwdc keka vlc " # enter the software to installed separated with spaces
# To be used as a script sent out from a MDM.
# Fill the variable "whatList" above with labels separated by space " ".
# Script will loop through these labels and exit with number of errors.
######################################################################
# Parameters for reinstall/initial install (owner root:wheel):
# "BLOCKING_PROCESS_ACTION=quit_kill INSTALL=force IGNORE_APP_STORE_APPS=yes SYSTEMOWNER=1"
# Parameters for Self Service installed app:
# "BLOCKING_PROCESS_ACTION=prompt_user NOTIFY=all"
# Parameters for security important apps, like browsers (run automaticaly every day):
# "BLOCKING_PROCESS_ACTION=tell_user_then_kill"
# Update of service apps (run automatically):
# "BLOCKING_PROCESS_ACTION=quit_kill NOTIFY=silent"
parameters="BLOCKING_PROCESS_ACTION=quit_kill INSTALL=force IGNORE_APP_STORE_APPS=yes"
######################################################################
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Count errors
errorCount=0
for what in $whatList; do
#echo $what
# Install software using Installomator
cmdOutput="$(${destFile} ${what} LOGO=addigy $parameters || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -ne 0 ]] ; then
echo -e "Error installing ${what}. Exit code ${exitStatus}"
#echo "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
echo "$errorOutput"
let errorCount++
fi
done
echo
echo "Errors: $errorCount"
echo "[$(DATE)][LOG-END]"
caffexit $errorCount
# Mark: Conditions
# Install on success
# Remember to fill out the correct “TARGET_VERSION” and “PKG_ID”, and click "Install on succes".
PKG_ID="com.scriptingosx.Installomator"
TARGET_VERSION="9.1"
vercomp () {
if [[ $1 == $2 ]]; then
return 0
fi
local IFS=.
local i ver1=($1) ver2=($2)
# fill empty fields in ver1 with zeros
for ((i=${#ver1[@]}; i<${#ver2[@]}; i++)); do
ver1[i]=0
done
for ((i=0; i<${#ver1[@]}; i++)); do
if [[ -z ${ver2[i]} ]]; then
# fill empty fields in ver2 with zeros
ver2[i]=0
fi
if ((10#${ver1[i]} > 10#${ver2[i]})); then
return 1
fi
if ((10#${ver1[i]} < 10#${ver2[i]})); then
return 2
fi
done
return 0
}
INSTALLED_VERSION="$(pkgutil --pkg-info $PKG_ID | grep -i "^version" | awk '{print $2}')"
echo "Current Version: ${INSTALLED_VERSION}"
vercomp ${TARGET_VERSION} ${INSTALLED_VERSION}
COMP=$? # 0 means the same, 1 means TARGET is newer, 2 means INSTALLED is newer
echo "COMPARISON: ${COMP}"
if [ "${COMP}" -eq 1 ]; then
echo "Installed version is older than ${TARGET_VERSION}."
exit 0
else
echo "Installed version is the same or newer than ${TARGET_VERSION}."
exit 1
fi

79
MDM/MDMMosyle install.sh
View File

@@ -1,79 +0,0 @@
PKG_ID="com.scriptingosx.Installomator"
TARGET_VERSION="9.1"
URLDOWNLOAD="%MosyleCDNFile:blah-blah-blah%"
######################################################################
# Installation using Installomator (enter the software to install separated with spaces in the "whatList"-variable)
whatList="handbrake theunarchiver microsoftoffice365"
# Covered by Mosyle Catalog: "brave firefox googlechrome microsoftedge microsoftteams signal sublimetext vlc webex zoom" among others
LOGO="mosyleb" # or "mosylem"
######################################################################
## Mark: Code here
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Mark: Condition for Installomator installation
INSTALLED_VERSION="$(pkgutil --pkg-info $PKG_ID 2>/dev/null | grep -i "^version" | awk '{print $2}')"
echo "Current Version: ${INSTALLED_VERSION}"
if [[ "$TARGET_VERSION" != "$INSTALLED_VERSION" ]]; then
TMPDIR=$(mktemp -d )
if ! cd "$TMPDIR"; then
echo "error changing directory $TMPDIR"
caffexit 98
fi
NAME=$TMPDIR/$(date +%s).pkg
if ! curl -fsL "$URLDOWNLOAD" -o "$NAME"; then
echo "error downloading $URLDOWNLOAD to $NAME."
caffexit 97
fi
installer -pkg "$NAME" -target /
rm -rf "$TMPDIR"
else
echo "Installomator version $INSTALLED_VERSION already installed!"
fi
# Mark: Start Installomator label(s) installation
# Count errors
errorCount=0
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
caffexit 99
fi
for what in $whatList; do
#echo $item
# Install software using Installomator
cmdOutput="$(${destFile} ${what} LOGO=$LOGO NOTIFY=all BLOCKING_PROCESS_ACTION=tell_user || true)" # NOTIFY=silent BLOCKING_PROCESS_ACTION=quit_kill INSTALL=force
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -ne 0 ]] ; then
echo "Error installing ${what}. Exit code ${exitStatus}"
#echo "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
echo "$errorOutput"
let errorCount++
fi
done
echo
echo "Errors: $errorCount"
echo "[$(DATE)][LOG-END]"
caffexit $errorCount

56
MDM/Manual valuesfromarguments.sh
View File

@@ -1,56 +0,0 @@
#!/bin/bash
# Software
# Installation using Installomator
# Example of installing software using valuesfromarguments to install a custom software
LOGO="appstore" # or "addigy", "microsoft", "mosyleb", "mosylem"
###############################################
# Verify that Installomator has been installed
destFile="/usr/local/Installomator/Installomator.sh"
if [ ! -e "${destFile}" ]; then
echo "Installomator not found here:"
echo "${destFile}"
echo "Exiting."
exit 99
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid"
pkill caffeinate
exit $1
}
# Variables to calculate
downloadURL="https://craft-assets.invisionapp.com/CraftManager/production/CraftManager.zip"
appNewVersion=$(curl -fs https://craft-assets.invisionapp.com/CraftManager/production/appcast.xml | xpath -e '//rss/channel/item[1]/enclosure/@sparkle:shortVersionString' 2>/dev/null | cut -d '"' -f2)
# Install software using Installomator
cmdOutput="$(${destFile} valuesfromarguments LOGO=$LOGO \
name=CraftManager \
type=zip \
downloadURL=$downloadURL \
appNewVersion=$appNewVersion \
expectedTeamID=VRXQSNCL5W \
BLOCKING_PROCESS_ACTION=prompt_user \
LOGGING=REQ \
NOTIFY=all || true)"
# Check result
exitStatus="$( echo "${cmdOutput}" | grep --binary-files=text -i "exit" | tail -1 | sed -E 's/.*exit code ([0-9]).*/\1/g' || true )"
if [[ ${exitStatus} -eq 0 ]] ; then
echo -e "${what} succesfully installed.\n"
else
echo -e "Error installing ${what}. Exit code ${exitStatus}\n"
#printlog "$cmdOutput"
errorOutput="$( echo "${cmdOutput}" | grep --binary-files=text -i "error" || true )"
echo "$errorOutput"
caffexit $exitStatus
fi
echo "[$(DATE)][LOG-END]"
caffexit 0

13
MDM/Progress 1st swiftDialog condition.sh Normal file
View File

@@ -0,0 +1,13 @@
#!/bin/sh
# Mark: Addigy Condition on condition file
# Install on success
conditionFile="/var/db/.Progress1stDone"
if [ -e "$conditionFile" ]; then
echo "$conditionFile exists. Exiting."
exit 1
else
echo "$conditionFile not found. Continue…"
exit 0
fi

11
MDM/Progress 1st swiftDialog prevention.sh Normal file
View File

@@ -0,0 +1,11 @@
#!/bin/sh
# PREVENT Progress 1st swiftDialog from running
# DESCRIPTION
# Will create the file to prevent Progress 1st swiftDialog from running.
# Only for MDM solutions (like Addigy and Microsoft) that have conditions for runnning scripts and do not offer an enrollment event for runnning the script.
# By runninng this script, the file will be created on the client, that will prevent Progress 1st swiftDialog from runnning.
# This is a great help for implementing Progress 1st swiftDialog in a running solution, where the command below have to be run on currently enrolled devices, and then Progress 1st swiftDialog can be assigned to all machines, and will run only on newly enrolled devices.
/usr/bin/touch "/var/db/.Progress1stDone"

397
MDM/Progress 1st swiftDialog.sh Executable file
View File

@@ -0,0 +1,397 @@
#!/bin/sh
# Progress 1st with swiftDialog (auto installation at enrollment)
instance="" # Name of used instance
LOGO="" # "appstore", "jamf", "mosyleb", "mosylem", "addigy", "microsoft", "ws1"
apps=(
"swiftDialog,/usr/local/bin/dialog"
"dockutil,/usr/local/bin/dockutil"
"desktoppr,/usr/local/bin/desktoppr"
"SupportApp,/Applications/Support.app"
"Xink,/Applications/Xink.app"
"Apple NewYork Font,/Library/Fonts/NewYork.ttf"
"Apple SF Pro Font,/Library/Fonts/SF-Pro.ttf"
"Apple SF Mono Font,/Library/Fonts/SF-Mono-Bold.otf"
"Apple SF Compact Font,/Library/Fonts/SF-Compact.ttf"
"Zoho WorkDrive TrueSync,/Applications/Zoho WorkDrive TrueSync.app"
"TextMate,/Applications/TextMate.app"
"Sublime Text,/Applications/Sublime Text.app"
"1Password,/Applications/1Password 7.app"
"Mactracker,/Applications/Mactracker.app"
"WWDC,/Applications/WWDC.app"
"The Unarchiver,/Applications/The Unarchiver.app"
"Keka,/Applications/Keka.app"
"Brave,/Applications/Brave Browser.app"
"Firefox,/Applications/Firefox.app"
"Microsoft AutoUpdate,/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app"
"Microsoft Edge,/Applications/Microsoft Edge.app"
"Microsoft Teams,/Applications/Microsoft Teams.app"
"Microsoft Excel,/Applications/Microsoft Excel.app"
"Microsoft OneNote,/Applications/Microsoft OneNote.app"
"Microsoft Outlook,/Applications/Microsoft Outlook.app"
"Microsoft PowerPoint,/Applications/Microsoft PowerPoint.app"
"Microsoft Word,/Applications/Microsoft Word.app"
"Microsoft OneDrive,/Applications/OneDrive.app"
)
# Dialog display settings, change as desired
title="Installing Apps and other software"
message="Please wait while we download and install the needed software."
endMessage="Installation complete! Please reboot to activate FileVault."
displayEndMessageDialog=1 # Should endMessage be shown as a dialog? (0|1)
errorMessage="A problem was encountered setting up this Mac. Please contact IT."
######################################################################
# Progress 1st Dialog
#
# Showing installation progress using swiftDialog
# No customization below…
######################################################################
# Complete script meant for running via MDM on device enrollment. This will download
# and install Dialog on the fly before opening Dialog.
#
# Log: /private/var/log/InstallationProgress.log
# This file prevents script from running again on Addigy and Microsoft Endpoint (Intune):
# "/var/db/.Progress1stDone"
#
# Display a Dialog with a list of applications and indicate when theyve been installed
# Useful when apps are deployed at random, perhaps without local logging.
# Applies to Mosyle App Catalog installs, VPP app installs, Installomator installs etc.
# The script watches the existence of files in the file system, so that is used to show progress.
#
# Requires Dialog v1.9.1 or later (will be installed) https://github.com/bartreardon/swiftDialog
#
######################################################################
#
# This script made by Søren Theilgaard
# https://github.com/Theile
# Twitter and MacAdmins Slack: @theilgaard
#
# Based on the work by Adam Codega:
# https://github.com/acodega/dialog-scripts
#
# Some functions and code from Installomator:
# https://github.com/Installomator/Installomator
#
######################################################################
# List of apps/installs to process in “apps” array.
# Provide the display name as you prefer and the path to the app/file. ex:
# "Google Chrome,/Applications/Google Chrome.app"
# A comma separates the display name from the path. Do not use commas in your display name text.
#
# Tip: Check for something like print drivers using the pkg receipt, like:
# "Konica-Minolta drivers,/var/db/receipts/jp.konicaminolta.print.package.C759.plist"
# Or fonts, like:
# "Apple SF Pro Font,/Library/Fonts/SF-Pro.ttf"
######################################################################
scriptVersion="9.5"
# v. 9.5 : 2022-09-21 : change of GitHub download
# v. 9.4 : 2022-09-14 : downloadURL can fall back on GitHub API
# v. 9.3 : 2022-08-29 : Logging changed for current version. Improved installation with looping if it fails, so it can try again. Improved GitHub handling.
# v. 9.2.2 : 2022-06-17 : Improved Dialog installation. Check 1.1.1.1 for internet connection.
# v. 9.2 : 2022-05-19 : Not using GitHub api for download of Dialog, show a dialog when finished to make message more important. Now universal script for all supported MDMs based on LOGO variable.
# v. 9.0 : 2022-05-16 : Based on acodegas work, I have added progress bar, changed logging and use another log-location, a bit more error handling for Dialog download, added some "|| true"-endings to some lines to not make them fail in Addigy, and some more.
######################################################################
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Check before running
case $LOGO in
addigy|microsoft)
conditionFile="/var/db/.Progress1stDone"
# Addigy and Microsoft Endpoint Manager (Intune) need a check for a touched file
if [ -e "$conditionFile" ]; then
echo "$LOGO setup detected"
echo "$conditionFile exists, so we exit."
exit 0
else
echo "$conditionFile not found, so we continue…"
fi
;;
esac
# Mark: Constants and logging
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
log_message="$instance: Progress 1st with Dialog, v$scriptVersion"
label="P1st-v$scriptVersion"
log_location="/private/var/log/Installomator.log"
function printlog(){
timestamp=$(date +%F\ %T)
if [[ "$(whoami)" == "root" ]]; then
echo "$timestamp :: $label : $1" | tee -a $log_location
else
echo "$timestamp :: $label : $1"
fi
}
printlog "[LOG-BEGIN] ${log_message}"
# Internet check
if [[ "$(nc -z -v -G 10 1.1.1.1 53 2>&1 | grep -io "succeeded")" != "succeeded" ]]; then
printlog "ERROR. No internet connection, we cannot continue."
exit 90
fi
# Location of dialog and dialog command file
dialogApp="/usr/local/bin/dialog"
dialog_command_file="/var/tmp/dialog.log"
counterFile="/var/tmp/Progress1st.plist"
# Counters
progress_index=0
step_progress=0
defaults write $counterFile step -int 0
progress_total=${#apps[@]}
printlog "Total watched installations: $progress_total"
# Using LOGO variable to specify MDM and shown logo
case $LOGO in
appstore)
# Apple App Store on Mac
if [[ $(sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
;;
jamf)
# Jamf Pro
LOGO_PATH="/Library/Application Support/JAMF/Jamf.app/Contents/Resources/AppIcon.icns"
;;
mosyleb)
# Mosyle Business
LOGO_PATH="/Applications/Self-Service.app/Contents/Resources/AppIcon.icns"
;;
mosylem)
# Mosyle Manager (education)
LOGO_PATH="/Applications/Manager.app/Contents/Resources/AppIcon.icns"
;;
addigy)
# Addigy
LOGO_PATH="/Library/Addigy/macmanage/MacManage.app/Contents/Resources/atom.icns"
;;
microsoft)
# Microsoft Endpoint Manager (Intune)
LOGO_PATH="/Library/Intune/Microsoft Intune Agent.app/Contents/Resources/AppIcon.icns"
;;
ws1)
# Workspace ONE (AirWatch)
LOGO="/Applications/Workspace ONE Intelligent Hub.app/Contents/Resources/AppIcon.icns"
;;
esac
if [[ ! -a "${LOGO_PATH}" ]]; then
printlog "ERROR in LOGO_PATH '${LOGO_PATH}', setting Mac App Store."
if [[ $(/usr/bin/sw_vers -buildVersion) > "19" ]]; then
LOGO_PATH="/System/Applications/App Store.app/Contents/Resources/AppIcon.icns"
else
LOGO_PATH="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
fi
fi
printlog "LOGO: $LOGO LOGO_PATH: $LOGO_PATH"
# Mark: Functions
# execute a dialog command
echo "" > $dialog_command_file || true
function dialog_command(){
printlog "Dialog-command: $1"
echo "$1" >> $dialog_command_file || true
}
function appCheck(){
dialog_command "listitem: $(echo "$app" | cut -d ',' -f1): wait"
while [ ! -e "$(echo "$app" | cut -d ',' -f2)" ]; do
sleep 2
done
dialog_command "progresstext: Install of “$(echo "$app" | cut -d ',' -f1)” complete"
dialog_command "listitem: $(echo "$app" | cut -d ',' -f1): ✅"
progress_index=$(defaults read $counterFile step)
progress_index=$(( progress_index + 1 ))
defaults write $counterFile step -int $progress_index
dialog_command "progress: $progress_index"
printlog "at item number $progress_index"
}
# Notify the user using AppleScript
function displayDialog(){
if [[ "$currentUser" != "" ]]; then
launchctl asuser $currentUserID sudo -u $currentUser osascript -e "button returned of (display dialog \"$message\" buttons {\"OK\"} default button \"OK\" with icon POSIX file \"$LOGO_PATH\")" || true
fi
}
# Mark: Code
name="Dialog"
printlog "$name check for installation"
# download URL, version and Expected Team ID
# Method for GitHub pkg w. app version check
gitusername="bartreardon"
gitreponame="swiftDialog"
#printlog "$gitusername $gitreponame"
filetype="pkg"
#downloadURL="https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
downloadURL="https://github.com$(curl -sfL "$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "expanded_assets" | head -1)" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype")" == "" ]]; then
printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }")
fi
#printlog "$downloadURL"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
#printlog "$appNewVersion"
expectedTeamID="PWA5E9TQ59"
destFile="/Library/Application Support/Dialog/Dialog.app"
versionKey="CFBundleShortVersionString" #CFBundleVersion
currentInstalledVersion="$(defaults read "${destFile}/Contents/Info.plist" $versionKey || true)"
printlog "${name} version: $currentInstalledVersion"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
printlog "$name not found or version not latest."
printlog "${destFile}"
printlog "Installing version ${appNewVersion}"
# Create temporary working directory
tmpDir="$(mktemp -d || true)"
printlog "Created working directory '$tmpDir'"
# Download the installer package
printlog "Downloading $name package version $appNewVersion from: $downloadURL"
installationCount=0
exitCode=9
while [[ $installationCount -lt 3 && $exitCode -gt 0 ]]; do
curlDownload=$(curl -Ls "$downloadURL" -o "$tmpDir/$name.pkg" || true)
curlDownloadStatus=$(echo $?)
if [[ $curlDownloadStatus -ne 0 ]]; then
printlog "error downloading $downloadURL, with status $curlDownloadStatus"
printlog "${curlDownload}"
exitCode=1
else
printlog "Download $name succes."
# Verify the download
teamID=$(spctl -a -vv -t install "$tmpDir/$name.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()' || true)
printlog "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
printlog "$name package verified. Installing package '$tmpDir/$name.pkg'."
pkgInstall=$(installer -verbose -dumplog -pkg "$tmpDir/$name.pkg" -target "/" 2>&1)
pkgInstallStatus=$(echo $?)
if [[ $pkgInstallStatus -ne 0 ]]; then
printlog "ERROR. $name package installation failed."
printlog "${pkgInstall}"
exitCode=2
else
printlog "Installing $name package succes."
exitCode=0
fi
else
printlog "ERROR. Package verification failed for $name before package installation could start. Download link may be invalid."
exitCode=3
fi
fi
((installationCount++))
printlog "$installationCount time(s), exitCode $exitCode"
if [[ $installationCount -lt 3 ]]; then
if [[ $exitCode -gt 0 ]]; then
printlog "Sleep a bit before trying download and install again. $installationCount time(s)."
printlog "Remove $(rm -fv "$tmpDir/$name.pkg" || true)"
sleep 2
fi
else
printlog "Download and install of $name succes."
fi
done
# Remove the temporary working directory
printlog "Deleting working directory '$tmpDir' and its contents."
printlog "Remove $(rm -Rfv "${tmpDir}" || true)"
# Handle installation errors
if [[ $exitCode != 0 ]]; then
printlog "ERROR. Installation of $name failed. Aborting."
caffexit $exitCode
else
printlog "$name version $appNewVersion installed!"
fi
else
printlog "$name version $appNewVersion already found. Perfect!"
fi
while [ "$(pgrep -l "Setup Assistant")" != "" ]; do
printlog "Setup Assistant Still Running. PID $setupAssistantProcess."
sleep 1
done
printlog "Out of Setup Assistant."
while [ "$(pgrep -l "Finder")" = "" ]; do
printlog "Finder process not found. Assuming device is at login screen. PID $finderProcess"
sleep 1
done
printlog "Finder is running…"
currentUser=$(stat -f "%Su" /dev/console)
currentUserID=$(id -u "$currentUser")
printlog "Logged in user is $currentUser with ID $currentUserID"
# set icon based on whether computer is a desktop or laptop
#hwType=$(system_profiler SPHardwareDataType | grep "Model Identifier" | grep "Book" || true)
#if [ "$hwType" != "" ]; then
# LOGO_PATH="SF=laptopcomputer.and.arrow.down,weight=thin,colour1=#51a3ef,colour2=#5154ef"
#else
# LOGO_PATH="SF=desktopcomputer.and.arrow.down,weight=thin,colour1=#51a3ef,colour2=#5154ef"
#fi
dialogCMD="$dialogApp -p --title \"$title\" \
--message \"$message\" \
--icon \"$LOGO_PATH\" \
--progress $progress_total \
--button1text \"Please Wait\" \
--button1disabled"
# create the list of apps
listitems=""
for app in "${apps[@]}"; do
listitems="$listitems --listitem '$(echo "$app" | cut -d ',' -f1)'"
done
# final command to execute
dialogCMD="$dialogCMD $listitems"
printlog "$dialogCMD"
# Launch dialog and run it in the background sleep for a second to let thing initialise
printlog "About to launch Dialog."
eval "$dialogCMD" &
sleep 2
(for app in "${apps[@]}"; do
#step_progress=$(( 1 + progress_index ))
#dialog_command "progress: $step_progress"
sleep 0.5
appCheck &
done
wait)
# Mark: Finishing
# Prevent re-run of script if conditionFile is set
if [[ ! -z "$conditionFile" ]]; then
printlog "Touching condition file so script will not run again"
touch "$conditionFile" || true
printlog "$(ls -al "$conditionFile" || true)"
fi
# all done. close off processing and enable the "Done" button
printlog "Finalizing."
dialog_command "progresstext: $endMessage"
dialog_command "progress: complete"
dialog_command "button1text: Done"
dialog_command "button1: enable"
if [[ $displayEndMessageDialog -eq 1 ]]; then
message="$endMessage"
displayDialog &
fi
sleep 1
printlog $(rm -fv $dialog_command_file || true)
printlog $(rm -fv $counterFile || true)
printlog "Ending"

101
MDM/README.md Normal file
View File

@@ -0,0 +1,101 @@
# MDM scripts
This is a long list of various scripts for certain use in the various MDM solutions that we have used Installomator with.
There are two categories of MDMs. Either like Jamf Pro, that can contain the full script, and call that as a software installation (called policy in Jamf Pro). If the MDM cannot do that, it have to be able to run a script on the clients. That script can call Installomator on the client, and should therefore be locally installed.
## “Jamf”-folder
Here you have scripts for using swiftDialog as part of the Installomator installation. Showing progress in a small window. Separate [ReadMe-file](Jamf/ReadMe.md) in this folder.
## Script capable MDM-solutions
So for Mosyle, Addigy, and Microsoft Endpoint Manager (Intune), we have tested these scripts. If these works in other MDMs, let us know.
Especially for Addigy, and maybe also for other MDMs, `condition`-scripts has been added if software installation will run on certain conditions. Also `prevention`-scripts has been added, if you manually need to eliminate the runnning of a script, this can be needed if you want to use the enrollment script, but dont want it to run on the currently managed Macs Then you should sent out the `prevention`-script to make sure the file it creates is present on the Macs so the ordinary script will not do anything (it will detect this file and stop if found).
_The scripts utilizing __swiftDialog__ requires version 10 of __Installomator__, but will work with version 9. If runnning on version 9 it will set `NOTIFY=all` and use __Installomator__ notifications for showing progress, where as on version 10 it will be `NOTIFY=silent` as __swiftDialog__ is used instead._
### Shortenings
- SS — Self Service — scripts designed for use through a Self Service catalog
- VFA — valuesfromarguments — a custom label call to Installomator
# To be installed on all the Macs
In order for our MDM scripts to work, we need Installomator locally installed using the pkg we provide in our release.
So I suggest to install these on enrollment.
To utilize swiftDialog, we also need that installed.
If you need dockutil, that should be maintained as well, but if missing the MDM scripts will install it.
## Maintenance of Installomator, swiftDialog, and dockutil
I suggest to check weekly, and maybe at each boot, it newer versions have been released of these tools.
The verious MDMs have various ways of running scheduled, but it is possible.
### Scripts to use for installing these components
These do not require anything to be installed on macOS:
- `install Installomator direct.sh` — can be run at enrollment and as maintenance at any time to install __Installomator__.
- `install swiftDialog direct.sh` — can be used at enrollment and as maintenance at any time to install __swiftDialog__.
Once Installomator has been installed, __dockutil__ can be installed using Installomator (as a service), using this script:
- `App-install/App service Auto-install.sh` — This script uses pre-installed installomator to install dockutil.
# Enrollment scripts
For enrollment purposes, som 1st-scripts has been created. One is not showing anything to the end-user while running and another is using __DEPNotify__ to show progress (so hopefully the user will wait for the installation to finish):
- `Installomator 1st Auto-install DEPNotify.sh` — will install __DEPNotify__ first, start that up, and change progress on the installation bar at each installed label. Very good for Addigy.
- `Installomator 1st Auto-install.sh` — runnning silently installing Installomator labels in the given order. Can be used in combination with the Progress-script.
- `Progress 1st swiftDialog.sh` — It will install __swiftDialog__ and start that up with a list of software it will look for. It will look for an installed file/folder in the file system for each item. This is great for Mosyle that can install software using various methods, and then this script can show when it has been installed.
There are also Self Service scripts for this, if its somehow needed to have users running the installation manually.
# _App-install_ folders
Two different kinds of App-installation scripts have been made. Some that is very similar to the old provided scripts that are only using __Installomator__ for notifications (if any). And others that can use __swiftDialog__ for installation progress, and can also add the app to the Dock using __dockutil__.
## “App-install”-folder
- App browser-security Auto-install.sh
- App browser-security SS.sh
- App normal Auto-install.sh
- App normal SS.sh
- App service Auto-install.sh
- App VFA.sh
Here you can use scripts for Self Service (SS) or for Auto-install. THere will be a difference in how many notifications will be used and maybe handling of blocking processes.
What is also differentiated is what kind of app it is. Is it of the kind of browser, that can often have critical security fixes, then we dont want the user to postpone the installation, wheras a normal app can wait. A service app do not have to ask before installing, and should be able to install regardsliess if the app is currently running.
## “App-install SS with swiftDialog and dockutil”-folder
- App browser-security SS.sh
- App normal SS multi-app.sh
- App normal SS.sh
- App service SS.sh
- App VFA SS github.sh
- App VFA SS.sh
All of the notes for the above scripts are the same for these.
But these scripts utilize __swiftDialog__ to show a more live progress for the installation, and they also have a setting to use __dockutil__ to add the software to the Dock of the user.
# App-update
These script verifies if the app is already installed, before runnning Installomator.
- App browser-security Auto-install.sh
- App normal Auto-install.sh
These scripts only use Installomator, like “App-install”, but will check for the app to be installed first. Very usefull for Addigy and Microsoft.

0
MDM/RemoveInstallomator.sh → MDM/Remove Installomator.sh
View File

17
MDM/install Installomator direct condition.sh Executable file
View File

@@ -0,0 +1,17 @@
#!/bin/sh
# Mark: Addigy Condition
# Install on success
gitusername="Installomator"
gitreponame="Installomator"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
destFile="/usr/local/Installomator/Installomator.sh"
if [[ ! -e "${destFile}" || "$(${destFile} version)" != "$appNewVersion" ]]; then
#echo "Let's install…"
exit 0
else
#echo "No need!"
exit 1
fi

149
MDM/install Installomator direct.sh Executable file
View File

@@ -0,0 +1,149 @@
#!/bin/sh
######################################################################
# Installation of Installomator
#
# No customization below…
######################################################################
# This script can be used to install Installomator directly from GitHub.
######################################################################
#
# This script made by Søren Theilgaard
# https://github.com/Theile
# Twitter and MacAdmins Slack: @theilgaard
#
# Some functions and code from Installomator:
# https://github.com/Installomator/Installomator
#
######################################################################
scriptVersion="9.5"
# v. 9.5 : 2022-09-21 : change of GitHub download
# v. 9.4 : 2022-09-14 : downloadURL can fall back on GitHub API
# v. 9.3 : 2022-08-29 : Logging changed for current version. Improved installation with looping if it fails, so it can try again. Improved GitHub handling.
# v. 9.2.2 : 2022-06-17 : Check 1.1.1.1 for internet connection.
# v. 9.2 : 2022-05-19 : Built in installer for Installlomator. Universal script.
######################################################################
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Mark: Constants, logging and caffeinate
log_message="Installomator install, v$scriptVersion"
label="Inst-v$scriptVersion"
log_location="/private/var/log/Installomator.log"
printlog(){
timestamp=$(date +%F\ %T)
if [[ "$(whoami)" == "root" ]]; then
echo "$timestamp :: $label : $1" | tee -a $log_location
else
echo "$timestamp :: $label : $1"
fi
}
printlog "[LOG-BEGIN] ${log_message}"
# Internet check
if [[ "$(nc -z -v -G 10 1.1.1.1 53 2>&1 | grep -io "succeeded")" != "succeeded" ]]; then
printlog "ERROR. No internet connection, we cannot continue."
exit 90
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid" || true
pkill caffeinate || true
printlog "[LOG-END] Status $1"
exit $1
}
name="Installomator"
printlog "$name check for installation"
# download URL, version and Expected Team ID
# Method for GitHub pkg with destFile
gitusername="Installomator"
gitreponame="Installomator"
#printlog "$gitusername $gitreponame"
filetype="pkg"
#downloadURL="https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
downloadURL="https://github.com$(curl -sfL "$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "expanded_assets" | head -1)" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype")" == "" ]]; then
printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }")
fi
#printlog "$downloadURL"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
#printlog "$appNewVersion"
expectedTeamID="JME5BW3F3R"
destFile="/usr/local/Installomator/Installomator.sh"
currentInstalledVersion="$(${destFile} version 2>/dev/null || true)"
printlog "${destFile} version: $currentInstalledVersion"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
printlog "$name not found or version not latest."
printlog "${destFile}"
printlog "Installing version ${appNewVersion} ..."
# Create temporary working directory
tmpDir="$(mktemp -d || true)"
printlog "Created working directory '$tmpDir'"
# Download the installer package
printlog "Downloading $name package version $appNewVersion from: $downloadURL"
installationCount=0
exitCode=9
while [[ $installationCount -lt 3 && $exitCode -gt 0 ]]; do
curlDownload=$(curl -Ls "$downloadURL" -o "$tmpDir/$name.pkg" || true)
curlDownloadStatus=$(echo $?)
if [[ $curlDownloadStatus -ne 0 ]]; then
printlog "error downloading $downloadURL, with status $curlDownloadStatus"
printlog "${curlDownload}"
exitCode=1
else
printlog "Download $name succes."
# Verify the download
teamID=$(spctl -a -vv -t install "$tmpDir/$name.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()' || true)
printlog "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
printlog "$name package verified. Installing package '$tmpDir/$name.pkg'."
pkgInstall=$(installer -verbose -dumplog -pkg "$tmpDir/$name.pkg" -target "/" 2>&1)
pkgInstallStatus=$(echo $?)
if [[ $pkgInstallStatus -ne 0 ]]; then
printlog "ERROR. $name package installation failed."
printlog "${pkgInstall}"
exitCode=2
else
printlog "Installing $name package succes."
exitCode=0
fi
else
printlog "ERROR. Package verification failed for $name before package installation could start. Download link may be invalid."
exitCode=3
fi
fi
((installationCount++))
printlog "$installationCount time(s), exitCode $exitCode"
if [[ $installationCount -lt 3 ]]; then
if [[ $exitCode -gt 0 ]]; then
printlog "Sleep a bit before trying download and install again. $installationCount time(s)."
printlog "Remove $(rm -fv "$tmpDir/$name.pkg" || true)"
sleep 2
fi
else
printlog "Download and install of $name succes."
fi
done
# Remove the temporary working directory
printlog "Deleting working directory '$tmpDir' and its contents."
printlog "Remove $(rm -Rfv "${tmpDir}" || true)"
# Handle installation errors
if [[ $exitCode != 0 ]]; then
printlog "ERROR. Installation of $name failed. Aborting."
caffexit $exitCode
else
printlog "$name version $appNewVersion installed!"
fi
else
printlog "$name version $appNewVersion already found. Perfect!"
fi
caffexit 0

20
MDM/install swiftDialog direct condition.sh Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
# Mark: Addigy Condition
# Install on success
gitusername="bartreardon"
gitreponame="swiftDialog"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
destFile="/Library/Application Support/Dialog/Dialog.app"
versionKey="CFBundleShortVersionString" #CFBundleVersion
currentInstalledVersion="$(defaults read "${destFile}/Contents/Info.plist" $versionKey || true)"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
#echo "Let's install…"
exit 0
else
#echo "No need!"
exit 1
fi

150
MDM/install swiftDialog direct.sh Executable file
View File

@@ -0,0 +1,150 @@
#!/bin/sh
######################################################################
# Installation of swiftDialog
#
# No customization below…
######################################################################
# This script can be used to install swiftDialog directly from GitHub.
######################################################################
#
# This script made by Søren Theilgaard
# https://github.com/Theile
# Twitter and MacAdmins Slack: @theilgaard
#
# Some functions and code from Installomator:
# https://github.com/Installomator/Installomator
#
######################################################################
scriptVersion="9.5"
# v. 9.5 : 2022-09-21 : change of GitHub download
# v. 9.4 : 2022-09-14 : downloadURL can fall back on GitHub API.
# v. 9.3 : 2022-08-29 : Logging changed for current version. Improved installation with looping if it fails, so it can try again. Improved GitHub handling.
# v. 9.2.2 : 2022-06-17 : Check 1.1.1.1 for internet connection.
# v. 9.2 : 2022-05-19 : Built in installer for Installlomator. Universal script.
######################################################################
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# Mark: Constants, logging and caffeinate
log_message="Dialog install, v$scriptVersion"
label="Dialog-v$scriptVersion"
log_location="/private/var/log/Installomator.log"
printlog(){
timestamp=$(date +%F\ %T)
if [[ "$(whoami)" == "root" ]]; then
echo "$timestamp :: $label : $1" | tee -a $log_location
else
echo "$timestamp :: $label : $1"
fi
}
printlog "[LOG-BEGIN] ${log_message}"
# Internet check
if [[ "$(nc -z -v -G 10 1.1.1.1 53 2>&1 | grep -io "succeeded")" != "succeeded" ]]; then
printlog "ERROR. No internet connection, we cannot continue."
exit 90
fi
# No sleeping
/usr/bin/caffeinate -d -i -m -u &
caffeinatepid=$!
caffexit () {
kill "$caffeinatepid" || true
pkill caffeinate || true
printlog "[LOG-END] Status $1"
exit $1
}
name="Dialog"
printlog "$name check for installation"
# download URL, version and Expected Team ID
# Method for GitHub pkg w. app version check
gitusername="bartreardon"
gitreponame="swiftDialog"
#printlog "$gitusername $gitreponame"
filetype="pkg"
#downloadURL="https://github.com$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
downloadURL="https://github.com$(curl -sfL "$(curl -sfL "https://github.com/$gitusername/$gitreponame/releases/latest" | tr '"' "\n" | grep -i "expanded_assets" | head -1)" | tr '"' "\n" | grep -i "^/.*\/releases\/download\/.*\.$filetype" | head -1)"
if [[ "$(echo $downloadURL | grep -ioE "https.*.$filetype")" == "" ]]; then
printlog "Trying GitHub API for download URL."
downloadURL=$(curl -sfL "https://api.github.com/repos/$gitusername/$gitreponame/releases/latest" | awk -F '"' "/browser_download_url/ && /$filetype\"/ { print \$4; exit }")
fi
#printlog "$downloadURL"
appNewVersion=$(curl -sLI "https://github.com/$gitusername/$gitreponame/releases/latest" | grep -i "^location" | tr "/" "\n" | tail -1 | sed 's/[^0-9\.]//g')
#printlog "$appNewVersion"
expectedTeamID="PWA5E9TQ59"
destFile="/Library/Application Support/Dialog/Dialog.app"
versionKey="CFBundleShortVersionString" #CFBundleVersion
currentInstalledVersion="$(defaults read "${destFile}/Contents/Info.plist" $versionKey || true)"
printlog "${name} version: $currentInstalledVersion"
if [[ ! -e "${destFile}" || "$currentInstalledVersion" != "$appNewVersion" ]]; then
printlog "$name not found or version not latest."
printlog "${destFile}"
printlog "Installing version ${appNewVersion}"
# Create temporary working directory
tmpDir="$(mktemp -d || true)"
printlog "Created working directory '$tmpDir'"
# Download the installer package
printlog "Downloading $name package version $appNewVersion from: $downloadURL"
installationCount=0
exitCode=9
while [[ $installationCount -lt 3 && $exitCode -gt 0 ]]; do
curlDownload=$(curl -Ls "$downloadURL" -o "$tmpDir/$name.pkg" || true)
curlDownloadStatus=$(echo $?)
if [[ $curlDownloadStatus -ne 0 ]]; then
printlog "error downloading $downloadURL, with status $curlDownloadStatus"
printlog "${curlDownload}"
exitCode=1
else
printlog "Download $name succes."
# Verify the download
teamID=$(spctl -a -vv -t install "$tmpDir/$name.pkg" 2>&1 | awk '/origin=/ {print $NF }' | tr -d '()' || true)
printlog "Team ID for downloaded package: $teamID"
# Install the package if Team ID validates
if [ "$expectedTeamID" = "$teamID" ] || [ "$expectedTeamID" = "" ]; then
printlog "$name package verified. Installing package '$tmpDir/$name.pkg'."
pkgInstall=$(installer -verbose -dumplog -pkg "$tmpDir/$name.pkg" -target "/" 2>&1)
pkgInstallStatus=$(echo $?)
if [[ $pkgInstallStatus -ne 0 ]]; then
printlog "ERROR. $name package installation failed."
printlog "${pkgInstall}"
exitCode=2
else
printlog "Installing $name package succes."
exitCode=0
fi
else
printlog "ERROR. Package verification failed for $name before package installation could start. Download link may be invalid."
exitCode=3
fi
fi
((installationCount++))
printlog "$installationCount time(s), exitCode $exitCode"
if [[ $installationCount -lt 3 ]]; then
if [[ $exitCode -gt 0 ]]; then
printlog "Sleep a bit before trying download and install again. $installationCount time(s)."
printlog "Remove $(rm -fv "$tmpDir/$name.pkg" || true)"
sleep 2
fi
else
printlog "Download and install of $name succes."
fi
done
# Remove the temporary working directory
printlog "Deleting working directory '$tmpDir' and its contents."
printlog "Remove $(rm -Rfv "${tmpDir}" || true)"
# Handle installation errors
if [[ $exitCode != 0 ]]; then
printlog "ERROR. Installation of $name failed. Aborting."
caffexit $exitCode
else
printlog "$name version $appNewVersion installed!"
fi
else
printlog "$name version $appNewVersion already found. Perfect!"
fi
caffexit 0