Installing Rosetta 2 on M1 Apple Silicon Macs (why checks matter)

Actual guides This isn’t really a guide to how to install Rosetta 2. There are already much better guides for those: Rich Trouton’s Installing Rosetta 2 on Apple Silicon Macs Graham Gilbert’s Installing Rosetta 2 on Apple Silicon Macs Rich Trouton’s blog post has some checks to make sure the Mac is running at least… Continue reading Installing Rosetta 2 on M1 Apple Silicon Macs (why checks matter)

How to check the Carbon Black version installed

Update Thanks to Clay Haynes for pointing out you can get the version more easily by running /Applications/VMware\ Carbon\ Black\ EDR.app/Contents/MacOS/CbOsxSensorService -v Back story In Carbon Black 6.3.0 and 7.0.1, it isn’t super obvious how to check for the version installed. For example, if you run defaults read /Applications/VMware\ Carbon\ Black\ EDR.app/Contents/Info.plist, you’ll see CFBundleInfoDictionaryVersion… Continue reading How to check the Carbon Black version installed

Scripting changing user icons: dsimport prompts for password in zsh

2 June, 2021 Update Special shoutout to Armin Briegel for pointing out that the zsh version runs just fine if you use a different variable name from USERNAME. I’ve tried it with USERACCOUNT instead, and I’ve confirmed it works fine with zsh. Original Post Apple is moving toward making zsh the default shell instead of… Continue reading Scripting changing user icons: dsimport prompts for password in zsh

Using installinstallmacos.py to get beta installers

Usually, if you use installinstallmacos.py, you’ll get the already-released installers: # ProductID Version Build Post Date Title 1 001-15219 10.15.5 19F2200 2020-06-15 macOS Catalina 2 001-04366 10.15.4 19E2269 2020-05-04 macOS Catalina 3 061-86291 10.15.3 19D2064 2020-03-23 macOS Catalina 4 041-91758 10.13.6 17G66 2019-10-19 macOS High Sierra 5 001-57224 10.15.7 19H4 2020-10-27 macOS Catalina 6 061-26589… Continue reading Using installinstallmacos.py to get beta installers

Updates to the AutoPkgReviewAndRun.py script

3.5 years ago, I created a script to automate running AutoPkg recipes while also verifying trust info and prompting the user to approve or deny any changes. With some prompting from some folks on the #autopkg channel of the MacAdmins Slack, I made a few changes to the script: You can now run the script… Continue reading Updates to the AutoPkgReviewAndRun.py script

Fix for VirtualBox Extension Pack postinstall script hanging in Munki

The problem If you’ve been running the VirtualBoxExtPack.munki.recipe AutoPkg recipe, and you’ve noticed the VirtualBox Extension Pack postinstall script in Munki hanging indefinitely (30 minutes and beyond), it’s because the license hash has changed. The fix According to @jessepeterson (the maintainer of that AutoPkg recipe), the license hash doesn’t change very often, but it did… Continue reading Fix for VirtualBox Extension Pack postinstall script hanging in Munki

Allowing Outset-run scripts to have access to user folders

Because of TCC/PPPC, which Apple introduced in macOS 10.14, scripts and applications have to ask for permissions to do certain things, especially things like reading user home directory files. If you have an Outset login script that tries to access something in the home directory, you may find in the ~/Library/Logs/outset.log that you get a… Continue reading Allowing Outset-run scripts to have access to user folders

If Jamf recon is launching a du process that causes a CPU spike

If Jamf inventory (jamf recon) causes an extended CPU spike specifically related to the du command, you can fix that by going, in the Jamf settings, to Computer Management > Computer Management – Management Framework > Inventory Collection, and then uncheck the Include home directory sizes checkbox. That is a system-wide setting, but especially if… Continue reading If Jamf recon is launching a du process that causes a CPU spike

Terminal command to tell if a macOS directory is SIP-protected

Starting with El Capitan (OS X 10.11), Apple started using System Integrity Protection (SIP) in macOS, so that certain directories would be not writable, even by root. Here’s a quick reference for a couple of commands you can use to see if a directory or file is SIP-protected, as that may change from macOS version… Continue reading Terminal command to tell if a macOS directory is SIP-protected

Scripting SSH off/on without needing a PPPC/TCC profile

You used to be able to use /usr/sbin/systemsetup -f -setremotelogin off or /usr/sbin/systemsetup -f -setremotelogin on to script disabling or enabling SSH on macOS. Now that macOS has Privacy Preferences Policy Control, which needs a profile delivered by a user-approved MDM, you may get this error: setremotelogin: Turning Remote Login on or off requires Full… Continue reading Scripting SSH off/on without needing a PPPC/TCC profile