Archive

Archive for the ‘Packaging’ Category

Building customized postinstall scripts for AutoPkg recipes

July 26, 2019 Leave a comment

As part of some recent work, I needed to build a deployable installer package for an application named Zscaler. This application does not use an installer package, nor can it be installed as a drag-and-drop app. Instead, it uses a third party installer application to install.

Screen Shot 2019 07 26 at 4 36 20 PM 1

This is exactly the kind of situation where I want to write an AutoPkg recipe to handle building a deployable installer package for me. As part of that, I had two bits of good news:

  1. There was a publicly available download URL for the Zscaler installer app.
  2. Zscaler has instructions for installing from the command line, so I could wrap up the installer application inside an installer application and use a postinstall script to run the installation process.

Screen Shot 2019 07 26 at 2 51 06 PM

I had one bit of bad news:

The installer process included options for adding things like the Zscaler cloud instance which the app should talk to following the installation as well as various other options which probably shouldn’t be hardcoded into an Autopkg recipe. I especially shouldn’t be hardcoding my own organization’s credentials into a recipe which I was planning to share with other folks.

Normally, sensitive information is something I want to only have in an AutoPkg recipe override. Recipe overrides are locally-stored files that allow you to change certain input variables in AutoPkg recipes. Since the recipe overrides are stored locally on the Mac which is running AutoPkg and not shared with any other resources, the sensitive information is only made available to the AutoPkg installation running on that specific Mac. I’ve used this approach previously for the following:

Sensitive URLs: https://derflounder.wordpress.com/2017/06/12/autopkg-recipes-for-apple-enterprise-connect/
Signing AutoPkg-generated installer packages: https://derflounder.wordpress.com/2017/11/10/adding-installer-package-code-signing-to-autopkg-workflows/

This time though, I didn’t see a way to pass an AutoPkg recipe override’s variables to a postinstall script. I did have one idea though, which was using AutoPkg’s FileCreator processor to create a customized postinstall script. I had previously used the FileCreator processor in other AutoPkg recipes to create postinstall scripts, but those scripts were self-contained and didn’t use variables from the AutoPkg recipe.

AutoPkg Adobe Creative Cloud recipe postinstall script

That said, you never know what AutoPkg can do until you try it and sure enough the FileCreator processor was able to pass recipe variables as part of creating a file. For more details, please see below the jump.

Read more…

Building an installer package for Privileges.app

March 20, 2019 9 comments

One of the open-source contributions by the Apple@SAP team has been Privileges.app, a tool designed to grant or take away administrator rights from accounts on macOS. The general idea behind Privileges is that it allows people to work with the account privileges of a standard user for day-to-day use, but allows them to get administrator rights when needed.

Documentation for Privileges.app can be found at the GitHub repo which hosts it, which is available via the link below:

https://github.com/SAP/macOS-enterprise-privileges

However, one item not included in that documentation is how to package it for deployment. Instead, AutoPkg recipes were written and made available to automate the packaging process:

However, not everyone is able to use AutoPkg in their environment, so manual packaging instructions are now available here. For more details, please see below the jump:

Read more…

Packaging SAP GUI for macOS with Java 11 support

December 14, 2018 5 comments

A while back, I wrote a post on building a SAP GUI installer for macOS, where SAP GUI needed to have Oracle’s Java 8 JDK as a pre-requisite. Since then Oracle has made an announcement that the use of Oracle’s Java 11 JDK is no longer free if you’re using it for production work.

One of the consequences of that decision by Oracle is that SAP GUI 7.50 rev 5 is the first version of SAP GUI to support Java 11. However, the SAP GUI developers are now recommending the use of OpenJDK 11 in place of Oracle’s Java JDK 11. More specifically, the SAP GUI folks are recommending the use of SAP’s own SapMachine Java JDK 11 release.

Screen Shot 2018 12 14 at 10 39 38 AM

Meanwhile, a Java library named JavaFX used by SAP GUI is no longer being bundled as part of Java 11. Instead, JavaFX has been split off into its own open source project called OpenJFX and is now a separate install.

Screen Shot 2018 12 14 at 4 15 11 PM

What do SapMachine JDK 11 and JavaFX have in common? Among other things, neither have a native installer for macOS. Instead, each is distributed via compressed files.

Screen Shot 2018 12 14 at 11 14 36 AM

Screen Shot 2018 12 14 at 11 14 59 AM

Installation is performed by uncompressing into the following directory on macOS:

/Library/Java/JavaVirtualMachines

Screen Shot 2018 12 14 at 4 11 14 PM

That said, SAP GUI also still works with Oracle’s Java JDK 8 as of the release of SAP GUI 7.50 rev 5. JavaFX is bundled with Java JDK 8, so installing Oracle’s Java JDK 8 handles both the Java and JavaFX requirements.

Screen Shot 2018 12 14 at 2 46 13 PM

With all the changes, how should SAP GUI now be packaged for installation? Without question, the main challenge for deployment here is going to be the Java component. In my testing, which was limited to “Launch SAP GUI and see if it runs”, I found SAP GUI 7.50 rev 5 is able to run on the following Java releases:

If using any Java 11 release, OpenJFX will need to be installed for SAP GUI to successfully run.

With this in mind, it’s possible to build a package that does the following:

  1. Detects if Java is installed
  2. Detects if JavaFX is installed
  3. If Java is not installed, install the latest release of SapMachine JDK.
  4. If JavaFX is not installed, install the latest release of OpenJFX.
  5. Verifies that both Java and JavaFX are installed.
  6. If both Java and JavaFX are installed, install SAP GUI

For more details, please see below the jump.

Read more…

Building an SAP GUI installer for macOS

October 11, 2018 4 comments

Since I’ve started working for my current employer, my colleagues and I have occasionally received the following question from various Mac admins:

“I’m using SAP in my environment. How do I deploy the Mac software for SAP?”

When we’ve followed up for more details, the “Mac software for SAP” usually means the SAP GUI software. SAP GUI comes in two flavors:

SAP GUI for Java supports the following operating systems:

  • openSUSE
  • Fedora
  • macOS
  • Microsoft Windows
  • AIX
  • Ubuntu

The SAP GUI for Java is what’s available for macOS, so how to get it and deploy it? For more details, please see below the jump.

Read more…

Creating local user accounts with pycreateuserpkg

December 24, 2017 17 comments

As part of setting up new Macs, you may want to add one or more local user accounts with a pre-determined password to those Macs. The reasons for this may include the following:

  • Setting up a local administrator account
  • Setting up a “loaner” user account for a pool of loaner laptops
  • Setting up a local user account that automatically logs at startup for a library kiosk
  • Setting up a generic “student” account for use in a school’s computer lab

Previously, it was possible to use the venerable CreateUserPkg utility to accomplish this goal, but the password scheme used by CreateUserPkg stopped working on macOS High Sierra. An alternative tool which works on macOS High Sierra is pycreateuserpkg, a Python script written by Greg Neagle which generates packages that create local user accounts when installed. For more information, see below the jump.

Read more…

First Boot Package Install Generator.app now adds product identifier tags to its packages

November 22, 2017 Leave a comment

As a follow-up to Greg Neagle’s discovery that product identifiers are now needed to ensure best results when adding additional packages to macOS High Sierra OS installers, I’ve updated First Boot Package Installer Generator.app to add product identifiers by default to the firstboot packages created by this tool.

The product identifier values will be the user-selected Package Identifier followed by the Version Identifier.

Screen Shot 2017 11 21 at 2 21 13 PM

Screen Shot 2017 11 21 at 2 21 19 PM

These values will appear in the firstboot package’s distribution file as shown below:

Screen Shot 2017 11 21 at 2 22 03 PM

For those who need this capability, an installer for First Boot Package Install Generator.app 1.7 can be downloaded via the link below:

https://github.com/rtrouton/First_Boot_Package_Install_Generator/releases/tag/1.7

Deploying a pre-configured F5 Big-IP VPN client

July 27, 2017 2 comments

As part of a discussion with a colleague, he said that he needed to build an installer for his shop’s F5 Network’s VPN service but wasn’t sure how. I hadn’t built one of these previously either, so I decided to look into it.

Fortunately, F5 Networks has made the process of creating one a fairly straightforward process, assuming that your VPN administrator can provide the needed config_tmp.f5c configuration file. Assuming that you can get that file, all that’s needed is making sure that the config_tmp.f5c file is located in the same directory as the VPN client installer.

Screen Shot 2017 07 26 at 8 27 48 PM

The reason for this is that the postinstall scripts of the F5 VPN client installer are set to look for that file in that location, and will automatically import the configuration file’s contents if the file is found.

Screen Shot 2017 07 26 at 8 16 13 PM

Once I had both the config_tmp.f5c config file and a copy of the F5 VPN client installer, I was able to create an installer using this method that handled both the installation and the automated configuration of the F5 VPN client. For more details, see below the jump.

Read more…

Slides from the “Payload-free Packages: Bundle vs Flat” QuickTalk at MacDevOpsYVR 2017

June 6, 2017 Leave a comment

For those who wanted a copy of my payload-free package QuickTalk at the MacDevOpsYVR 2017 conference, here are links to the slides in PDF and Keynote format.

PDF – https://tinyurl.com/MacDevOpsPkgPDF

Keynote – https://tinyurl.com/MacDevOpsPkgKey

Preparing EndNote X8 for deployment using AutoPkg

November 15, 2016 3 comments

As previously discussed here, one of the software packages used in my shop is Clarivate Analytics’ EndNote bibliography software.

Recently, EndNote X8 was released. When the new version’s installer was downloaded, it was discovered to be an installer application, which can pose problems for deployment.

Screen Shot 2016 11 14 at 9 09 31 PM

Screen Shot 2016 11 14 at 9 09 27 PM

Screen Shot 2016 11 14 at 9 24 58 PM

By itself, the change to an installer application may not have been a huge problem as long as it had options for running the installation process from the command line. However, when I checked with EndNote support about the new installer, I was told that there was no option for installing EndNote X8 on a Mac using the command line.

Since the EndNote X8 installer does not have the option of command line installation, the only real option I thought I had was to install EndNote X8, then re-package it as either a drag-and-drop install or an installer package. However, when I dug deeper into the installer, I discovered a .zip file buried inside the installer.

Screen Shot 2016 11 14 at 9 10 04 PM

When expanded, this .zip file proved to be a complete install of EndNote X8.

Screen Shot 2016 11 14 at 9 11 41 PM

When I ran the EndNote X8 installer, it appeared to be performing the following functions:

1. Checking for Endnote updates
2. Extracting the .zip file into a new EndNote X8 folder

Screen Shot 2016 11 14 at 9 26 38 PM

3. Moving the new EndNote X8 folder into /Applications

Screen Shot 2016 11 14 at 9 26 40 PM

4. Launching the EndNote X8 application, which automatically loads the EndNote X8 Customizer screen if EndNote hasn’t been configured.

Screen Shot 2016 11 14 at 9 26 01 PM

For more details, see below the jump.

Read more…

Apple Setup Assistant and First Boot Package Install Generator.app

June 22, 2016 3 comments

A while back, I built an Automator application named First Boot Package Install Generator.app. It’s designed to generate installer packages, where the generated packages in turn serve as a delivery mechanism to enable other installer packages to be installed when a Mac boots up.

As part of the process of installing the other installer packages, an application named LoginLog is supposed to open over the login window and display a log of what actions are taking place, what is being installed and whether that particular installation succeeded or not.

Screen shot 2014 10 19 at 2 39 21 pm

For the most part, this process of launching LoginLog and displaying the log works as designed but it was brought to my attention that there was one scenario where LoginLog did not appear as expected. When a firstboot package created by First Boot Package Install Generator.app was installed onto a new installation of OS X El Capitan, LoginLog did not appear over the Setup Assistant.

Screen Shot 2016 06 21 at 8 11 00 PM

The reason it didn’t appear is because the LaunchAgent for LoginLog is triggered by the Mac being at the login window.

Screen Shot 2016 06 21 at 8 04 30 PM

However, Apple’s Setup Assistant on El Capitan no longer runs over in the context of the login window. Instead, it runs in the context of an account named Setup User.

Screen Shot 2016 06 21 at 8 07 23 PM

In order to have LoginLog appear again in this scenario, I needed to develop a method which could accomplish two tasks:

  1. Suppress Apple’s Setup Assistant during the time when I wanted the LoginLog application to appear.
  2. Avoid interfering with an otherwise desired launch of the Apple Setup Assistant.

For more details, see below the jump.

Read more…

%d bloggers like this: