+38Hey folks!
I'm looking for a way to easily determine if a software update package from Apple requires a restart. Since I always have a battle with my users to get them to restart and run updates, I'd like to start forcing updates of items that don't require a restart.
So, any ideas short of writing my own SQL query?
Thanks!
Steve
Best answer by tlarkin
quick and dirty method here.
bash-3.2# softwareupdate -l
Software Update Tool
Copyright 2002-2009 Apple
Software Update found the following new or updated software:
* iTunesXPatch-10.5.1
iTunes (10.5.1), 26904K [recommended]
* iWork0905-9.1
iWork Update 6 (9.1), 88100K [recommended]
* JavaForMacOSX10.6-6.0
Java for Mac OS X 10.6 Update 6 (6.0), 77344K [recommended]
* Safari5.1.2SnowLeopard-5.1.2
Safari (5.1.2), 48042K [recommended] [restart]So taking into account there is an update that says I need a restart I can do this:
bash-3.2# softwareupdate -l | grep restart
Safari (5.1.2), 48042K [recommended] [restart]Now if I run this command echo "$?" it will tell me if my previous command was successful or not by returning 0 for success 1 for failure.
So, a script like this could be invoked with two sets of software update policies. The first policy in the JSS will be manual trigger and force a reboot, the second policy will also be manual trigger and not enforce a reboot. So, something like this to tie it all together. Create a policy that runs this script, determines if a reboot is required then executes policy if need be.
Example code, use at own risk, make sure you test it, etc etc etc
#!/bin/bash
#check for software updates
/usr/sbin/softwareupdate -l | /usr/bin/grep -i "restart"
if [[ `/bin/echo "$?"` == 0 ]] #if it was successful
then /usr/sbin/jamf policy -trigger swureboot
else /usr/sbin/jamf policy -trigger swunoreboot
fi
exit 0You could even put this on self service and add a jamfhelper to notify the user or what not. This is just a rough idea.
+31quick and dirty method here.
bash-3.2# softwareupdate -l
Software Update Tool
Copyright 2002-2009 Apple
Software Update found the following new or updated software:
* iTunesXPatch-10.5.1
iTunes (10.5.1), 26904K [recommended]
* iWork0905-9.1
iWork Update 6 (9.1), 88100K [recommended]
* JavaForMacOSX10.6-6.0
Java for Mac OS X 10.6 Update 6 (6.0), 77344K [recommended]
* Safari5.1.2SnowLeopard-5.1.2
Safari (5.1.2), 48042K [recommended] [restart]So taking into account there is an update that says I need a restart I can do this:
bash-3.2# softwareupdate -l | grep restart
Safari (5.1.2), 48042K [recommended] [restart]Now if I run this command echo "$?" it will tell me if my previous command was successful or not by returning 0 for success 1 for failure.
So, a script like this could be invoked with two sets of software update policies. The first policy in the JSS will be manual trigger and force a reboot, the second policy will also be manual trigger and not enforce a reboot. So, something like this to tie it all together. Create a policy that runs this script, determines if a reboot is required then executes policy if need be.
Example code, use at own risk, make sure you test it, etc etc etc
#!/bin/bash
#check for software updates
/usr/sbin/softwareupdate -l | /usr/bin/grep -i "restart"
if [[ `/bin/echo "$?"` == 0 ]] #if it was successful
then /usr/sbin/jamf policy -trigger swureboot
else /usr/sbin/jamf policy -trigger swunoreboot
fi
exit 0You could even put this on self service and add a jamfhelper to notify the user or what not. This is just a rough idea.
+38You just gave me an idea of how to do this Tom. I was thinking of doing this a different way. Instead of using the code you have in the manner you have it, I could use the guts of it to create an Extension Attribute so I could trigger a Smart Group.
My original idea was to find a way to pull the data out of the jamfsoftware database in mysql. See, I already have the list of updates that a machine needs, I just wanted to break them into two groups: need reboot and does not need reboot. I can accomplish that with the script and an EA.
Thanks Tom, I was trying to make it more complicated than it need be.
+7Don't forget that if the update is installed via a policy then you have the ability to force a restart if the package requires it from an Apple Software Update. Take a look at the Reboot option within a policy. You then have the option of presenting the user with a certain amount of time before the restart occurs after clicking the "OK" button - 5minutes , 30 minutes, etc.
Scrub that Steve. Read your original post wrong. How are your currently installing Apple updates? With a simple policy installing all available updates or some other method?
+31Don't forget that if the update is installed via a policy then you have the ability to force a restart if the package requires it from an Apple Software Update. Take a look at the Reboot option within a policy. You then have the option of presenting the user with a certain amount of time before the restart occurs after clicking the "OK" button - 5minutes , 30 minutes, etc.
In my experience this can be easily interrupted by the user having things like Safari open. You can have AS or something else interact with the user or just quit all their apps. I like to apply updates to users at start up or shut down. Also, trigger via self service.
You could easily turn my script into an Extension Attribute and scope it from there.
+12Works well as an EA, just what i needed
thank you @stevewood @tlarkin
#!/bin/sh
#check for apple software updates that require a restart
/usr/sbin/softwareupdate -l | /usr/bin/grep -i "restart"
if [[ `/bin/echo "$?"` == 0 ]] #if it was successful
then
echo "<result>yes</result>"
else
echo "<result>no</result>"
fi
+18A tip if you are doing more complicated scripting and are examining each SWU individually, you can grep the "softwareupdate -l" result for a specific update with -A1 which will include the following line that contains the restart flag, and then grep that for "restart."
Example:
$ sudo softwareupdate -l | grep SecUpd2015-002Mavericks-1.0 -A1 | grep restart
Security Update 2015-002 (1.0), 60287K [recommended] [restart]We have an update script that reads in a list of updates we want to deploy, processes the list against "softwareupdate -l" to see what's available, and detects restarts so if any of the updates require a restart, we can inform the user in our dialog messages. It passes that list to "softwareupdate -d" to pre-cache the updates before informing the user, so when they do click "yes" to install, the installation starts immediately.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.