Tag: munki
-
Unloading Santa’s system extension when uninstalling using Munki
What the problem is System extensions in place of kernel extensions For macOS 10.15+, Apple has deprecated kernel extensions in favor of system extensions, but system extensions can’t be unloaded silently by script. If you try to unload Santa’s system extension using the command: systemextensionsctl uninstall EQHXZ8M8AV com.google.santa.daemon you’ll get this: At this time, this…
-
Managing macOS Notification Center settings using a Jamf profile
There’s a feature request called Add support for new Notification Settings payloads for Catalina, originally created 19 August, 2019 and currently marked as partially implemented in Jamf Pro 10.19.0, the details being Starting in Jamf Pro 10.19.0, admins may automatically whitelist notifications in macOS Catalina for the Jamf Management Framework and Self Service application bundle..…
-
Rolling back versions in Munki and using blocking applications arrays
Downgrading software in Munki can be a bit tricky. One of the tricks you can use is to remove the higher version number from your Munki repo, and replace an .app bundle–based installs array with a binary-based one. So, after removing the higher version from your repo, replacing the lower version’s pkginfo with something like…
-
Munki can get into a notification loop if root is using the Persian calendar
The Problem At some point, this blog post may be obsolete, because I’m hoping this will be fixed soon, but in the meantime, I’ve filed an issue on GitHub: Using Persian calendar results in notification loop at every next Munki run If you have users who claim to see notifications multiple times a day, even…
-
Fix for VirtualBox Extension Pack postinstall script hanging in Munki
The problem If you’ve been running the VirtualBoxExtPack.munki.recipe AutoPkg recipe, and you’ve noticed the VirtualBox Extension Pack postinstall script in Munki hanging indefinitely (30 minutes and beyond), it’s because the license hash has changed. The fix According to @jessepeterson (the maintainer of that AutoPkg recipe), the license hash doesn’t change very often, but it did…
-
How to deploy a .pkg via Munki if a config file has to be in the same directory
Vendors package software in funny ways sometimes. Every now and then, you might come across a vendor .pkg that comes with some kind of .xml or .cfg or .txt that has to be in the same directory as the .pkg. It’s likely because there’s some postinstall script in the .pkg itself that references that text…
-
Some basics of DEPNotify and a sample script
If you’ve been doing Munki admin’ing for a short while, you’ve probably heard people talk about DEPNotify, whose README says is “a small light weight notification app that was designed to let your users know what’s going on during a DEP enrollment.” Aforementioned DEPNotify README is fairly comprehensive in terms of going over all the…
-
Python script to list software available in a Munki repo
I created a small project (for fun) to list out software available in a Munki repo. It’s called MunkiItemsList. On a basic level, it looks for all the items that are listed in any optional installs manifest, and then lists out the display name, description, and highest version available. There are some additional options described…
-
Python 3 script to add optional installs to the SelfServeManifest
Two years ago, I wrote a bash script that adds a bunch of optional installs to the SelfServeManifest using /usr/libexec/PlistBuddy, which is a fine tool, but it can get bit messy sometimes. I did play around with using /usr/local/munki/manifestutil, but it got a bit convoluted, and I figured “Hey, why not just write it in…
-
Script to make Jamf Self Service policy install a Munki optional install
There is a huge project called jamJAR that seeks to integrate Munki and Jamf in a seamless way. I’ve written a script that does something a bit less ambitious, but it may still be helpful to your organization if you are “using” Jamf Self-Service, really want to be using Managed Software Center, and still want…
-
Using a full macOS installer with Munki to patch macOS
Note about Silicon Macs This will not work with Apple Silicon Macs, as Apple now requires you to enter the password of a secure token user account in order to run startosinstall. Shoutout Shoutout to Rod Christiansen on the MacAdmins Slack for putting this strange (but still working for now) method of patching on my…
-
Force-stopping the MunkiStatus progress bar at the login window
Sometimes, the MunkiStatus progress bar over the login window can get stuck, and pressing the Stop button can take a while to halt the progress bar completely. To kill it immediately, press Cmd-Option-Shift-Escape (this is a slight modification of the usual force-quite key combination, which is Cmd-Option-Escape). Full credit to Yehuda Bialik and Greg Neagle…
-
Using a Munki nopkg to disable Chrome 80’s ScrollToTextFragment feature
Update, 14 July 2020 With Chrome 84, Google has now removed the ability to disable the ScrollToTextFragment feature, so this whole write-up is now obsolete What is ScrollToTextFragment With Chrome 80, Google has introduced a new ScrollToTextFragment feature that allows you to reference an anchor link by any phrase that’s in a webpage, even if…
-
Upping the logging level in Munki
As noted in the Troubleshooting section of the Munki wiki, you can increase the logging level for Munki clients. The default logging level is 1, which looks like this: Dec 12 2019 20:04:20 -0800 GoogleChrome version 79.0.3945.79 (or newer) is already installed. If you increase the logging level to 4, it will look like this:…
-
Yes, Munki’s makecatalogs runs on Linux
You can’t run all of Munki‘s admin tools on Linux, because some of the things the tools use involve Mac-specific tools, which is why even Munki admins who host their Munki servers on a Linux server will use a Mac for things like munkiimport. You can, however, run makecatalogs on Linux, though. Here’s just a…