Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'A script to install all required Software Updates' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A script to install all required Software Updates
Authored by: picoscope on Jun 29, '10 02:04:39PM
Greetings, all. I've been working on honing this script to make it even more friendly and useful. I'm not nearly the script jockey many of you are, so please forgive me if I'm posting stuff here that can be done more easily and cleanly using other methods. In fact, if there are other methods for doing this better, please let me know!

I manage a small business network - about 30 clients. My goal was to have all clients grab their updates automatically from my local server at set times every night. Since many of our clients are frequently being used late at night, I also wanted to give users at least a little warning before hand.

Note that I did not, as phillymjs suggests, create an affordance for deferring - because I don't know how ;-)

Since many folks on this thread have asked for very basic instructions, I'm going to post as much information as I can to help as broad of an audience as I can. I'm still pretty much a self-taught newbie too, so I'll post in a way that would have helped me when I was first trying to figure this out.

First I'll give an overall description of how it all works, Then I'll give step by step instructions for how to implement this yourself. Finally, I'll post the actual code I used at the bottom of this post.

Here's how it all works.

The whole process is run by launchd - the launch daemon that is *the* core process of the Apple OS. Launchd is the process that loads first after the firmware process are done, and it launches all other aspects of the OS and everything else after that.

Launchd gets its marching orders via .plist files. These are located in several key locations in the directories created by Apple, and different locations are used to house specific types of .plist files. Generally, user-created .plist files are located at /Library/LaunchDaemons or /Library/LaunchAgents. Since we are loading applications that run once then disappear, the .plist files for these scripts will reside in LaunchAgents.

The .plist files I've created tell launchd to run two different programs at two different times, and to run them as root. One program launches a dialog box that warns users of the impending shutdown, the other runs the software update script itself.

For creating and editing .plist files, I use Property List Editor (an app that's available by installing the "Developer Tools" package found on the OS X Server Install DVD. I believe it's also available for free download from Apple). If you look at the code for these .plist files below, you'll see various options for times to load (set using a 24 hour clock), user, file path, etc. For example, I've set these plist files so that the software update shell script runs at 3AM and the warning dialog runs at 2:57AM. To change the times that these scripts run, open the file in Property List Editor and edit the values for the keys at "StartCalendarInterval/Item0/Hour and /Minute.

The .plist file "run.shutdown.warning.threeminute.plist" tells launchd to load a program called "shutdown.warning.threeminute.app" which it's expecting to find at /Library/Management.

The .plist file "run.auto.software.update.script.plist" tells launchd to load a program called "run.initswupdater.shell.app" which it's also expecting to find at /Library/Management.

The application "shutdown.warning.threeminute.app" was created using AppleScript and saved as a run-only application.If you paste the apple scripts below into a new script in AppleScript Utility and hit the "compile" button, you'll be able to see how it's put together. All this app does is open up a dialog box that says "This computer will shutdown automatically in 3 minutes for software updates. Please save any open files and log out now. The process should complete within a few minutes. Sorry for any inconvenience" - it also displays a warning icon and a single button to click labeled "Drat!". Clicking the button closes the window, but doesn't do anything else. You'll want to save this script in two formats: as an editable .scrpt file and as a run-only .app file (using Apple Script Utility/File/Save As).

The application "run.initswupdater.shell.app" loads the shell script initswupdater.sh, which it's expecting to find at /Library/Management. As with the other script, you'll want to save this script in two formats: as an editable .scrpt file and as a run-only .app file (using Apple Script Utility/File/Save As). I'll bet there's probably a way to run this shell script directly from launchd, but every method I've tried to accomplish this has failed, so I just put it together in the way I know works. If anyone can tell me how to do this directly from launched, I'd love to hear it!

The shell script initswupdater.sh can be edited using Xcode (also available as an optional install as above - and also I believe loaded into IS/Install Packages) - or with DashCode - which is available as a free download. This code and instructions for installing it on a client machine are described in detail in an earlier post to this thread.

To set up a client so that it automatically downloads the proper updates every night, do the following:

Before beginning, you will need a label maker, the root access password for the client, and a computer that has the Property List Editor program loaded.

1.First we need to tell the client where to look for updates. If you plan to continue getting updates directly from Apple, then you can skip this step. We'll use one of two different commands to accomplish this. One is for clients running OS 10.5.X and the other for clients running 10.6.X (for earlier OS check out this Apple Support Article: http://support.apple.com/kb/HT4069.

First login as root to the client. If you're not logged in as root, then preface the commands below with "sudo" - which runs these commands as root. You'll be prompted for the root password.

The command for Snow Leopard (10.6.x) clients will be:

defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://FQDN.of.your.swupd.server:8088/index-leopard-snowleopard.merged-1.sucatalog

The command for Leopard (10.5.x) clients will be:

defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://FQDN.of.your.swupd.server:8088/index-leopard.merged-1.sucatalog

Note that FQDN means "Fully Qualified Domain Name" - i.e. - the complete address of your server, e.g.: foo.example.com. Using that example, the code for a 10.6.X client would be

defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://foo.example.com:8088/index-leopard-snowleopard.merged-1.sucatalog

You could use the IP address instead of the FQDN if you like, though Apple prefers admins to use the FQDN.

2. Create the following files in a directory of your choice somewhere where you can access them and copy them to all of your clients:

"run.auto.software.update.script.plist" - use Property List editor, and paste the code for that .plist described below.

"run.shutdown.warning.threeminute.plist" - use Property List editor, and paste the code for that .plist described below.

"run.initswupdater.shell.scrpt - Use AppleScript Editor (found in /Applications/Utilities, paste the code for that script described below and save it as a run-only app. You might also want to save it as an editable script so you have a version you can customize.

"shutdown.warning.threeminute.scrpt" - Use AppleScript Editor (found in /Applications/Utilities, paste the code for that script described below and save it as a run-only app. You might also want to save it as an editable script so you have a version you can customize.

"initswupdater.sh" - follow the instructions from earlier in this thread to create this shell script. Note that I use DashCode (available as a free download) or XCode (available as an optional install on the Apple OS X Install DVD), which IMHO is a little easier and clearer than trying to edit these in a text editor. You can also save them as executables so you don't have to go mucking about with chmod (though many of us enjoy that kind of thing). ;-)

3. Choose a time for the client to run updates. Likely sometime between 2AM and 4AM (if you have more than a few clients, you'll likely want to stagger these so you don't have a bunch of clients hitting your server at once). Edit StartCalendarInterval keys in "run.auto.software.update.script.plist" and "run.shutdown.warning.threeminute.plist" such that the shutdown script runs at the chosen time and the warning script runs three minutes earlier.

4. Login as root to the client you wish to set up and copy those two .plist files to /Library/LaunchAgents. (or use the sudo mv command if you prefer the CLI)

5. On the client computer, create a folder in /Library called "Management".

6. "Copy "initswupdater.sh", "run.initswupdater.shell.app" and "shutdown.warning.threeminute.app" to the Management file you just created. Make sure you're copying the app files and not the editable scripts.

7. Restart the client OR open terminal (logged in as root) and run:


launchctl load /Library/LaunchAgents/run.shutdown.warning.threeminute.plist

and

launchctl load /Library/LaunchAgents/run.auto.software.update.script.plist

7. Using the label maker, make a label for the computer that says "Warning: This Computer will shut down automatically at [chosen:time] for software updates. You will get a three minute warning notice before this happens". Place this label in a prominent location - e.g. along the top of the case right above the screen (but don't cover over the iSight camera).

8. Login to the client at your chosen time to verify that all scripts are running as expected. What I did when testing these was to edit the .plist files to create times just a few minutes in the future, then watched as they ran, then reset them with the proper times.

Here's the code for the various files mentioned above:

run.auto.software.update.plist:


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>UserName</key>
	<string>root</string>
	<key>Label</key>
	<string>run.auto.softwareupdate.script</string>
	<key>ProgramArguments</key>
	<array>
		<string>open</string>
		<string>/Library/Management/run.initswupdater.shell.app</string>
	</array>
	<key>RunAtLoad</key>
	<false/>
	<key>StartCalendarInterval</key>
	<array>
		<dict>
			<key>Hour</key>
			<integer>3</integer>
			<key>Minute</key>
			<integer>0</integer>
		</dict>
	</array>
</dict>
</plist>

run.shutdown.warning.plist:


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>run.shutdown.threeminute.script</string>
	<key>ProgramArguments</key>
	<array>
		<string>open</string>
		<string>/Library/Management/shutdown.warning.threeminute.app</string>
	</array>
	<key>RunAtLoad</key>
	<false/>
	<key>StartCalendarInterval</key>
	<array>
		<dict>
			<key>Hour</key>
			<integer>2</integer>
			<key>Minute</key>
			<integer>57</integer>
		</dict>
	</array>
</dict>
</plist>

run.initswupdater.shell.scrpt:


do shell script "/Library/Management/initswupdater.sh"

shutdown.warning.threeminute.scrpt


display dialog "This computer will shutdown automatically in 3 minutes for software updates. Please save any open files and log out now. The process should complete within a few minutes. Sorry for any inconvenience" buttons {"Drat!"} default button 1 with icon stop

I hope folks find this helpful!

Cheers,

Picoscope

[ Reply to This | # ]