Has anyone been able to successfully accomplish this? I have tried several scripts ive found on these discussions as well as AutoBrew.
The end result is the same, and its always a lack of permissions.Error: /usr/local is not writable. You should change the
ownership and permissions of /usr/local back to your
user account:
sudo chown -R $(whoami) /usr/local
So, is it possible to install this for a Standard user and allow them to update and install via brew, or does this require Admin?
#!/bin/bash
# Script to install Homebrew on a Mac.
# Author: richard at richard - purves dot com
# Version: 1.0 - 21st May 2017
# Heavily hacked by Tony Williams (honestpuck@gmail.com)
# Latest version at https://github.com/Honestpuck/homebrew.sh
# v2.0 - 19th Sept 2019
# v2.0.1 Fixed global cache error
# v2.0.2 Fixed brew location error
# v2.0.3 Added more directories to handle
# v3.0 Catalina version 2020-02-17
# v3.1 | 2020-03-24 | Fix permissions for /private/tmp
# v3.2 2020-07-18 Added Caskroom to directories created and added check for binary
# update if it exists then exit
# Set up variables and functions here
consoleuser="$(/usr/bin/python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");')"
if [[ -e /usr/local/bin/brew ]]; then
su -l "$consoleuser" -c "/usr/local/bin/brew update"
exit 0
fi
# are we in the right group
check_grp=$(groups ${consoleuser} | grep -c '_developer')
if [[ $check_grp != 1 ]]; then
/usr/sbin/dseditgroup -o edit -a "${consoleuser}" -t user _developer
fi
# Logging stuff starts here
LOGFOLDER="/private/var/log/"
LOG="${LOGFOLDER}Homebrew.log"
if [ ! -d "$LOGFOLDER" ]; then
mkdir $LOGFOLDER
fi
function logme()
{
# Check to see if function has been called correctly
if [ -z "$1" ] ; then
echo "$(date) - logme function call error: no text passed to function! Please recheck code!"
echo "$(date) - logme function call error: no text passed to function! Please recheck code!" >> $LOG
exit 1
fi
# Log the passed details
echo -e "$(date) - $1" >> $LOG
echo -e "$(date) - $1"
}
# Check and start logging
logme "Homebrew Installation"
# Have the xcode command line tools been installed?
logme "Checking for Xcode Command Line Tools installation"
check=$( pkgutil --pkgs | grep -c "CLTools_Executables" )
if [[ "$check" != 1 ]]; then
logme "Installing Xcode Command Tools"
# This temporary file prompts the 'softwareupdate' utility to list the Command Line Tools
touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
clt=$(softwareupdate -l | grep -B 1 -E "Command Line (Developer|Tools)" | awk -F"*" '/^ +\\*/ {print $2}' | sed 's/^ *//' | tail -n1)
# the above don't work in Catalina so ...
if [[ -z $clt ]]; then
clt=$(softwareupdate -l | grep "Label: Command" | tail -1 | sed 's#* Label: (.*)#1#')
fi
softwareupdate -i "$clt"
rm -f /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
/usr/bin/xcode-select --switch /Library/Developer/CommandLineTools
fi
# Is homebrew already installed?
if [[ ! -e /usr/local/bin/brew ]]; then
# Install Homebrew. This doesn't like being run as root so we must do this manually.
logme "Installing Homebrew"
mkdir -p /usr/local/Homebrew
# Curl down the latest tarball and install to /usr/local
curl -L https://github.com/Homebrew/brew/tarball/master | tar xz --strip 1 -C /usr/local/Homebrew
# Manually make all the appropriate directories and set permissions
mkdir -p /usr/local/Cellar /usr/local/Homebrew mkdir /usr/local/Caskroom /usr/local/Frameworks /usr/local/bin
mkdir -p /usr/local/include /usr/local/lib /usr/local/opt /usr/local/etc /usr/local/sbin
mkdir -p /usr/local/share/zsh/site-functions /usr/local/var
mkdir -p /usr/local/share/doc /usr/local/man/man1 /usr/local/share/man/man1
chown -R "${consoleuser}":_developer /usr/local/*
chmod -R g+rwx /usr/local/*
chmod 755 /usr/local/share/zsh /usr/local/share/zsh/site-functions
# Create a system wide cache folder
mkdir -p /Library/Caches/Homebrew
chmod g+rwx /Library/Caches/Homebrew
chown "${consoleuser}:_developer" /Library/Caches/Homebrew
# put brew where we can find it
ln -s /usr/local/Homebrew/bin/brew /usr/local/bin/brew
# Install the MD5 checker or the recipes will fail
su -l "$consoleuser" -c "/usr/local/bin/brew install md5sha1sum"
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' |
tee -a /Users/${consoleuser}/.bash_profile /Users/${consoleuser}/.zshrc
chown ${consoleuser} /Users/${consoleuser}/.bash_profile /Users/${consoleuser}/.zshrc
# clean some directory stuff for Catalina
chown -R root:wheel /private/tmp
chmod 777 /private/tmp
chmod +t /private/tmp
fi
# Make sure everything is up to date
logme "Updating Homebrew"
su -l "$consoleuser" -c "/usr/local/bin/brew update" 2>&1 | tee -a ${LOG}
# logme user that all is completed
logme "Installation complete"
exit 0I've tried that exact script, but still have the same results. Unable to install anything (brew install **) or update (brew update).
For my own sanity, I have copied and pasted the code above into a script in Jamf and deployed via Policy. Something else im missing here?
I believe there's an error in that script posted above. If you copy/paste that script into Jamf and look at line 90, it reads:
chown -R "${consoleuser}":_developer /usr/local/*It should instead read:
chown -R "${consoleuser}:_developer" /usr/local/*The quotation mark is off.
Hey @CodyC , you need to install Xcode command line tools before running this script. It works just fine when running in self service for me. Just figure out a workflow to get Xcode CLI installed before running this. Hope this helps.
Other than taking 7 minutes to install, it looks great. Thanks for the quotation mark find, my standard user can now use this without issue.
The only problem that I'm running into with standard users installing apps via Homebrew is a prompt for admin name/password to move an application to the /Applications folder.
@CodyC and everyone else. this script is working ok for me. I tweaked it a bit and those changes are now in the script. It works on both Intel and ARM. I used it on Intel 10.15.7 and ARM Big Sur
Hi all. I tried the updated script @Mark_Lamont posted and our users are still getting the error asking to be assigned permissions to the /usr/local folder. Happens on Catalina 10.15.7 and Big Sur. Even trying to run the commands manually it gives a ton of Operation Not Permitted errors. Doesn't seem to matter if the user is an admin or not.
➜ data git:(terraform) source venv/bin/activate
(venv) ➜ data git:(terraform) brew install hashicorp/tap/terraform
Error: The following directories are not writable by your user:
/usr/local/binYou should change the ownership of these directories to your user.
sudo chown -R $(whoami) /usr/local/binAnd make sure that your user has write permission.
chmod u+w /usr/local/bin
(venv) ➜ data git:(terraform)
@bwoods, this script really helped us out for Intel MacBooks. Is there another variant for M1 Silicon MacBooks that you are aware of?
I'm currently noticing an issue with ARM MacBooks where - if the above script is run on a machine with a pending update, somehow it will change ownership via the /private/tmp/ folder and propagate through the entire system - requiring a full machine rebuild to fix.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.