Archive for the ‘Packaging’ Category

Building an installer package for

March 20, 2019 8 comments

One of the open-source contributions by the Apple@SAP team has been, a tool designed to grant or take away administrator rights from accounts on macOS. The general idea behind Privileges is that it allows people to work with the account privileges of a standard user for day-to-day use, but allows them to get administrator rights when needed.

Documentation for can be found at the GitHub repo which hosts it, which is available via the link below:

However, one item not included in that documentation is how to package it for deployment. Instead, AutoPkg recipes were written and made available to automate the packaging process:

However, not everyone is able to use AutoPkg in their environment, so manual packaging instructions are now available here. For more details, please see below the jump:

Read more…

Packaging SAP GUI for macOS with Java 11 support

December 14, 2018 3 comments

A while back, I wrote a post on building a SAP GUI installer for macOS, where SAP GUI needed to have Oracle’s Java 8 JDK as a pre-requisite. Since then Oracle has made an announcement that the use of Oracle’s Java 11 JDK is no longer free if you’re using it for production work.

One of the consequences of that decision by Oracle is that SAP GUI 7.50 rev 5 is the first version of SAP GUI to support Java 11. However, the SAP GUI developers are now recommending the use of OpenJDK 11 in place of Oracle’s Java JDK 11. More specifically, the SAP GUI folks are recommending the use of SAP’s own SapMachine Java JDK 11 release.

Screen Shot 2018 12 14 at 10 39 38 AM

Meanwhile, a Java library named JavaFX used by SAP GUI is no longer being bundled as part of Java 11. Instead, JavaFX has been split off into its own open source project called OpenJFX and is now a separate install.

Screen Shot 2018 12 14 at 4 15 11 PM

What do SapMachine JDK 11 and JavaFX have in common? Among other things, neither have a native installer for macOS. Instead, each is distributed via compressed files.

Screen Shot 2018 12 14 at 11 14 36 AM

Screen Shot 2018 12 14 at 11 14 59 AM

Installation is performed by uncompressing into the following directory on macOS:


Screen Shot 2018 12 14 at 4 11 14 PM

That said, SAP GUI also still works with Oracle’s Java JDK 8 as of the release of SAP GUI 7.50 rev 5. JavaFX is bundled with Java JDK 8, so installing Oracle’s Java JDK 8 handles both the Java and JavaFX requirements.

Screen Shot 2018 12 14 at 2 46 13 PM

With all the changes, how should SAP GUI now be packaged for installation? Without question, the main challenge for deployment here is going to be the Java component. In my testing, which was limited to “Launch SAP GUI and see if it runs”, I found SAP GUI 7.50 rev 5 is able to run on the following Java releases:

If using any Java 11 release, OpenJFX will need to be installed for SAP GUI to successfully run.

With this in mind, it’s possible to build a package that does the following:

  1. Detects if Java is installed
  2. Detects if JavaFX is installed
  3. If Java is not installed, install the latest release of SapMachine JDK.
  4. If JavaFX is not installed, install the latest release of OpenJFX.
  5. Verifies that both Java and JavaFX are installed.
  6. If both Java and JavaFX are installed, install SAP GUI

For more details, please see below the jump.

Read more…

Building an SAP GUI installer for macOS

October 11, 2018 3 comments

Since I’ve started working for my current employer, my colleagues and I have occasionally received the following question from various Mac admins:

“I’m using SAP in my environment. How do I deploy the Mac software for SAP?”

When we’ve followed up for more details, the “Mac software for SAP” usually means the SAP GUI software. SAP GUI comes in two flavors:

SAP GUI for Java supports the following operating systems:

  • openSUSE
  • Fedora
  • macOS
  • Microsoft Windows
  • AIX
  • Ubuntu

The SAP GUI for Java is what’s available for macOS, so how to get it and deploy it? For more details, please see below the jump.

Read more…

Creating local user accounts with pycreateuserpkg

December 24, 2017 15 comments

As part of setting up new Macs, you may want to add one or more local user accounts with a pre-determined password to those Macs. The reasons for this may include the following:

  • Setting up a local administrator account
  • Setting up a “loaner” user account for a pool of loaner laptops
  • Setting up a local user account that automatically logs at startup for a library kiosk
  • Setting up a generic “student” account for use in a school’s computer lab

Previously, it was possible to use the venerable CreateUserPkg utility to accomplish this goal, but the password scheme used by CreateUserPkg stopped working on macOS High Sierra. An alternative tool which works on macOS High Sierra is pycreateuserpkg, a Python script written by Greg Neagle which generates packages that create local user accounts when installed. For more information, see below the jump.

Read more…

First Boot Package Install now adds product identifier tags to its packages

November 22, 2017 Leave a comment

As a follow-up to Greg Neagle’s discovery that product identifiers are now needed to ensure best results when adding additional packages to macOS High Sierra OS installers, I’ve updated First Boot Package Installer to add product identifiers by default to the firstboot packages created by this tool.

The product identifier values will be the user-selected Package Identifier followed by the Version Identifier.

Screen Shot 2017 11 21 at 2 21 13 PM

Screen Shot 2017 11 21 at 2 21 19 PM

These values will appear in the firstboot package’s distribution file as shown below:

Screen Shot 2017 11 21 at 2 22 03 PM

For those who need this capability, an installer for First Boot Package Install 1.7 can be downloaded via the link below:

Deploying a pre-configured F5 Big-IP VPN client

July 27, 2017 2 comments

As part of a discussion with a colleague, he said that he needed to build an installer for his shop’s F5 Network’s VPN service but wasn’t sure how. I hadn’t built one of these previously either, so I decided to look into it.

Fortunately, F5 Networks has made the process of creating one a fairly straightforward process, assuming that your VPN administrator can provide the needed config_tmp.f5c configuration file. Assuming that you can get that file, all that’s needed is making sure that the config_tmp.f5c file is located in the same directory as the VPN client installer.

Screen Shot 2017 07 26 at 8 27 48 PM

The reason for this is that the postinstall scripts of the F5 VPN client installer are set to look for that file in that location, and will automatically import the configuration file’s contents if the file is found.

Screen Shot 2017 07 26 at 8 16 13 PM

Once I had both the config_tmp.f5c config file and a copy of the F5 VPN client installer, I was able to create an installer using this method that handled both the installation and the automated configuration of the F5 VPN client. For more details, see below the jump.

Read more…

Slides from the “Payload-free Packages: Bundle vs Flat” QuickTalk at MacDevOpsYVR 2017

June 6, 2017 Leave a comment

For those who wanted a copy of my payload-free package QuickTalk at the MacDevOpsYVR 2017 conference, here are links to the slides in PDF and Keynote format.


Keynote –

%d bloggers like this: