Tag: munki

  • Enforcing an older force_install_after_date when importing a new Munki item version

    Problem Munki has the ability to force updates to install by a certain date, using the force_install_after_date flag, but what do you do when you have an older version you want enforced, but you also want to import a newer version into the Munki repo? If you have Slack 4.29 you want force-installed in two […]

  • Managed Software Center may get stuck on “Starting Adobe installer…”

    If you import an Adobe installer into your Munki repo, you may get it stuck on the installation part where Managed Software Center (or Munki’s logs) will just say Starting Adobe installer… and get stuck on that perpetually (I waited “only” a half hour, but it could possibly stay indefinitely). I searched in the MacAdmins […]

  • Popping a Munki optional install to the top of Managed Software Center

    Most of the time, having optional installs in Managed Software Center be in alphabetical order is fine. Users can scroll through the list or search for optional installs by name. But if you have a long list of optional installs, you may want one or two items that are at the end of the alphabet […]

  • Making sharding work with Munki catalogs in mind

    Some Munki admins use sharding to roll out to various portions of their fleet. Most versions of sharding create a random-looking (but not actually random) integer either between 0 and 99 or 1 and 100 that is based on a hash of the Mac’s serial number. Where that can be tricky is when you want […]

  • Chrome mid-update versions and Munki

    Most of the time, if you want to patch Chrome using Munki, you just use add Chrome as a managed update or managed install to the relevant manifests in your Munki repo, and then have the AutoPkg Chrome.munki recipe import the new version of Chrome into your Munki repo from time to time (daily, weekly, […]

  • Using a nopkg to “nudge” in Munki for Silicon Macs

    Context This is really just a proof-of-concept, but as of this writing both Nudge and Munki use the softwareupdate binary to try to download updates to see what’s available. With the Silicon chip Macs, Apple has now made it so that softwareupdate will prompt you for a password for downloading pending updates, even if you’re […]

  • Unloading Santa’s system extension when uninstalling using Munki

    What the problem is System extensions in place of kernel extensions For macOS 10.15+, Apple has deprecated kernel extensions in favor of system extensions, but system extensions can’t be unloaded silently by script. If you try to unload Santa’s system extension using the command: systemextensionsctl uninstall EQHXZ8M8AV com.google.santa.daemon you’ll get this: At this time, this […]

  • Managing macOS Notification Center settings using a Jamf profile

    There’s a feature request called Add support for new Notification Settings payloads for Catalina, originally created 19 August, 2019 and currently marked as partially implemented in Jamf Pro 10.19.0, the details being Starting in Jamf Pro 10.19.0, admins may automatically whitelist notifications in macOS Catalina for the Jamf Management Framework and Self Service application bundle.. […]

  • Rolling back versions in Munki and using blocking applications arrays

    Downgrading software in Munki can be a bit tricky. One of the tricks you can use is to remove the higher version number from your Munki repo, and replace an .app bundle–based installs array with a binary-based one. So, after removing the higher version from your repo, replacing the lower version’s pkginfo with something like […]

  • Munki can get into a notification loop if root is using the Persian calendar

    The Problem At some point, this blog post may be obsolete, because I’m hoping this will be fixed soon, but in the meantime, I’ve filed an issue on GitHub: Using Persian calendar results in notification loop at every next Munki run If you have users who claim to see notifications multiple times a day, even […]