Working on a Self-Service Homebrew option.
Trying to find a way to run brew update, upgrade, and cleanup in the install script not as sudo. See script bellow.
#!/bin/zsh
# Install Apple Xcode CLT
rm -rf /Library/Developer/CommandLineTools
xcode-select --install
# Install Homebrew
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
# Find a way to run bellow without sudo
# brew update
# brew upgrade
# brew cleanup
exit 0The issue that our end users are experiencing is that they are prompted for admin credentials when they run `brew install <software>` or `brew cask install <software>`.
I could be overthinking the process, but I was thinking we could implement a policy containing `brew-install-program.sh` where the end user would simply input the program they want to install and it would populate the program into the script. Hopefully that makes sense.
Unfortunately it looks like people are still prompted to input a password via terminal and then booted out for not being in the sudoers file. From what I can tell the install process for homebrew went as expected with no errors in the policy logs.
The first thing we would need to know to fix this is what does the log say? What appears in the Jamf policy log? What is in `/private/var/log/Homebrew.log`?
It has been crazy lately but I hope to test this out soon.
Old thread but found another thread with a working script to install Homebrew. Look for Franton's post: https://community.jamf.com/t5/jamf-pro/deploy-homebrew/td-p/202523
Old thread but found another thread with a working script to install Homebrew. Look for Franton's post: https://community.jamf.com/t5/jamf-pro/deploy-homebrew/td-p/202523
Old thread but found another thread with a working script to install Homebrew. Look for Franton's post: https://community.jamf.com/t5/jamf-pro/deploy-homebrew/td-p/202523
Yeah what @honestpuck said. I try not to deprive devs of admin rights anymore.
@honestpuck Checking out your github right now. Some very interesting things - I like the EA and will definitely try that. I'm going to give your installer a try as well with a standard user.
Do you happen to have an uninstall script for removing Homebrew? When I setup install workflows I try to create uninstall workflows at the same time. Homebrew is a beast and isn't as easy to remove as an application like Chrome.
@honestpuck Checking out your github right now. Some very interesting things - I like the EA and will definitely try that. I'm going to give your installer a try as well with a standard user.
Do you happen to have an uninstall script for removing Homebrew? When I setup install workflows I try to create uninstall workflows at the same time. Homebrew is a beast and isn't as easy to remove as an application like Chrome.
No, I don't have an uninstall. It would be a complex task to do it and it doesn't take too much space so I just leave it.
No, I don't have an uninstall. It would be a complex task to do it and it doesn't take too much space so I just leave it.
@honestpuck I tried your install script out on a VM that I have. I ran it from Self Service with a user with Admin Rights (still need to try a standard user yet). I got a couple popups. 
When I clicked Install I got this:
When I checked the logs I saw this:
Any ideas on what I did wrong?
Yes, before we can install Homebrew we need git. The best way at this stage to get git is to install Apple's Xcode CLI tools. That's what the normal Home-brew installer does when you just run it, it checks and if necessary downloads the tools.
You had a network problem during the download of the tools and everything failed from then.
Yes, before we can install Homebrew we need git. The best way at this stage to get git is to install Apple's Xcode CLI tools. That's what the normal Home-brew installer does when you just run it, it checks and if necessary downloads the tools.
You had a network problem during the download of the tools and everything failed from then.
Are you running anything in the VM or on the host Mac that might stuff up the network? It's pretty easy to do with a VM - look at it wrong and the network fails to do something.
I would first snapshot, then do a "proper" install using Homebrew's ordinary method (since you have admin rights) and see if that works. If that works then roll back and try my script from an admin, if that works roll back again and try it without admin rights.
Are you running anything in the VM or on the host Mac that might stuff up the network? It's pretty easy to do with a VM - look at it wrong and the network fails to do something.
I would first snapshot, then do a "proper" install using Homebrew's ordinary method (since you have admin rights) and see if that works. If that works then roll back and try my script from an admin, if that works roll back again and try it without admin rights.
@honestpuck I reached out to my Security team to rule out something was being blocked on our Firewall. I reran it again on the VM and found that this time it was actually attempting to download/install the tools even though the script finished before the install did - see below. NOTE: This was over a VPN connection.
I reran the policy, this time on a test Mac connected via VPN and with a standard user with no Admin rights - everything installed correctly without any issues or prompts. The weird thing was on my VM it appears that Homebrew was attempting to upgrade where on my test Mac it didn't have to upgrade. The log file said it was already up to date. Not sure the reason for the differences but I won't be deploying to VMs so I'll take it as a win! Going to test on a couple other physical test Macs to confirm it works. Thank you!
So I'm able to install Homebrew, and can do installs, however, since the user is not an admin, when I get prompted at the end of the process to enter password to move the app to the /Applications folder, it fails. There a way around this?
Rather than installing to the default system/Applications folder (which requires sudo credentials) a user can install brew apps to the user/Applications folder with no password like this:
brew install --cask --appdir=~/Applications {app name}For example installing iTerm2 with brew cask to the user/Applications folder
brew install --cask --appdir=~/Applications iterm2
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.