Block Java updates

You can rebuild the java installer to have sparkle disabled so it won't get updates from Oracle.

I've created a unified installer that 1) Installs the latest version of Java, 2) Installs a custom package with Java deployments preferences, and 3) Unloads and removes the Java Auto-Updater plist.

This is my preferred method as it follows Oracle's guidelines for deployment preferences, has a failsafe, and produces an easy-to-use installer at the end.

I just tossed up a repo on github if you want to use it https://github.com/bmwarren/oracle-java-deployment - you'll need to bring your own Java installer though. Instructions in the README.

Don't forget the script from AS posted here a few months ago to disable Java Updates. No that it answers your question, but it might be another tool to get you there.

#!/bin/bash #################################################################################################### # Creates pref file for Java 7 that has setting which turns off the auto update check feature # Created by AS (3-2-13) #################################################################################################### #################################################################################################### /bin/echo "Beginning running disable_java_updates script" #################################################################################################### # Get number variable needed to set suppression of update reminder #################################################################################################### NUMBER=/bin/cat /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Enabled.plist |grep ';deploy=' |cut -d"=" -f2 |cut -d"<" -f1 echo The number for suppression of this version of Java is "$NUMBER" # Verify that it received a numeric value case "$NUMBER" in [0-9]) echo "Entry is a numeric value. Continuing..." ;; ) echo "Error: This entry is not a number. Will fail to properly suppress update pop up." ;; esac #################################################################################################### # Remove Updater Launch Agent Sym Link that gets created during updates #################################################################################################### /bin/echo "Checking to see if Launch Agent sym link exists..." if [ -f /Library/LaunchAgents/com.oracle.java.Java-Updater.plist ]; then /bin/echo "Launch Agent exists. Removing." /bin/rm /Library/LaunchAgents/com.oracle.java.Java-Updater.plist /bin/echo "Removed Update Launch Agent Sym Link" else /bin/echo "Launch Agent does not exist." fi #################################################################################################### # Remove Updater Launch Daemon Sym Link that gets created during updates #################################################################################################### /bin/echo "Checking to see if Launch Daemon sym link exists..." if [ -f /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist ]; then /bin/echo "Launch Daemon exists. Removing." /bin/rm /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist /bin/echo "Removed Update Launch Daemon Sym Link" else /bin/echo "Launch Daemon does not exist." fi #################################################################################################### #################################################################################################### # Check to see if Java Plugin exists if [ -d /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home ]; then echo "Java Plugin is installed, continuing..." if [ ! -f /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties ]; then /bin/echo "The deployment.properties file does not yet exist. Will create..." # Create deployment.properties file /usr/bin/touch /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Created deployment.properties file" # Change ownership on this new file /usr/sbin/chown root:wheel /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Changed ownership on deployment.properties file" # Change permissions on this file /bin/chmod 755 /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Changed permissions on deployment.properties file" # Write contents of this file /bin/echo '#deployment.properties' > /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.macosx.check.update.locked >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.macosx.check.update=false >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.expiration.decision.suppression."$NUMBER".locked >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.expiration.decision.suppression."$NUMBER"=true >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.expiration.decision."$NUMBER".locked >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.expiration.decision."$NUMBER"=later >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Wrote content to deployment.properties file. Have a wonderful day." else /bin/echo "deployment.properties file already exists. Removing and building new version..." # Delete existing version of the file /bin/rm -f /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Deleted previous deployment.properties file" # Create deployment.properties file /usr/bin/touch /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Created deployment.properties file" # Change ownership on this new file /usr/sbin/chown root:wheel /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Changed ownership on deployment.properties file" # Change permissions on this file /bin/chmod 755 /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Changed permissions on deployment.properties file" # Write contents of this file /bin/echo '#deployment.properties' > /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.macosx.check.update.locked >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.macosx.check.update=false >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.expiration.decision.suppression."$NUMBER".locked >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.expiration.decision.suppression."$NUMBER"=true >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.expiration.decision."$NUMBER".locked >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo deployment.expiration.decision."$NUMBER"=later >> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deployment.properties /bin/echo "Wrote content to deployment.properties file. Have a wonderful day." fi else echo "Error: Failure to find Java Plugin path. Either Java is not installed, or the path within the plugin has changed. Exiting" fi /bin/echo "Finished running disable_java_updates script" #################################################################################################### ####################################################################################################

This is interesting and something we have been discussing, but looking at what your script does, i have a question when it comes to the deployment.properties file you are checking to see if it doesn't exist and creating it and if it does exist you rm and then create it.

Since you are using echo and your first echo has > and not >> would it not be a bit cleaner to just write the file whether it exists or not so that it has the proper stuff? And FYI, the touch is not needed either echo will create the new file if needed.

I just want to make sure that you are not doing something different other than the rm they look pretty much the same to me.

Honestly, it's a script that I borrowed from AS (Don't remember the full user name but it's in the comments)... and since it works very very well in testing I haven't really dug into it.

That script came from this thread - https://jamfnation.jamfsoftware.com/discussion.html?id=6489
and was posted by @andrew_stenehjem][/url

Good cite, thanks!

Thanks for the replies people...

I will give the options a go.

Colin