Posted on 07-23-2017 08:23 PM
I'm looking for advice on getting homebrew on new employee machines automatically. We have a work flow we would like to keep to as few clicks as possible.
I am trying to get the process of pulling down XCode CLI, installing homebrew, adding cask, and then installing third party apps for new employee machines.
I have the XCode CLI component down but having problems with installing homebrew and adding cask. Curious if anyone has a working script to make this happen. I am deploying this process through self service.
Solved! Go to Solution.
Posted on 07-23-2017 09:33 PM
This may be of some help to you.
#!/bin/bash
# Script to install Homebrew on a Mac.
# Author: richard at richard - purves dot com
# Version: 1.0 - 21st May 2017
# Set up variables and functions here
consoleuser="$(python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");')"
brandid="com.application.id"
tn="/path/to/terminal-notifier.app/Contents/MacOS/terminal-notifier"
cd="/path/to/cocoaDialog.app/Contents/MacOS/cocoaDialog"
# Logging stuff starts here
LOGFOLDER="/private/var/log/"
LOG=$LOGFOLDER"Homebrew.log"
if [ ! -d "$LOGFOLDER" ];
then
mkdir $LOGFOLDER
fi
function logme()
{
# Check to see if function has been called correctly
if [ -z "$1" ]
then
echo $( date )" - logme function call error: no text passed to function! Please recheck code!"
echo $( date )" - logme function call error: no text passed to function! Please recheck code!" >> $LOG
exit 1
fi
# Log the passed details
echo -e $( date )" - $1" >> $LOG
echo -e $( date )" - $1"
}
function notify()
{
su -l "$consoleuser" -c " "'"'$tn'"'" -sender "'"'$brandid'"'" -title "'"'$title'"'" -message "'"'$1'"'" "
logme "$1"
}
# Check and start logging - done twice for local log and for JAMF
logme "Homebrew Installation"
# Let's start here by caffinating the mac so it stays awake or bad things happen.
caffeinate -d -i -m -u &
caffeinatepid=$!
logme "Caffinating the mac under process id: $caffeinatepid"
# Have the xcode command line tools been installed?
notify "Checking for Xcode Command Line Tools installation"
check=$( pkgutil --pkgs | grep com.apple.pkg.CLTools_Executables | wc -l | awk '{ print $1 }' )
if [[ "$check" != 1 ]];
then
notify "Installing Xcode Command Tools"
# This temporary file prompts the 'softwareupdate' utility to list the Command Line Tools
touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
clt=$(softwareupdate -l | grep -B 1 -E "Command Line (Developer|Tools)" | awk -F"*" '/^ +\*/ {print $2}' | sed 's/^ *//' | tail -n1)
softwareupdate -i "$clt"
rm -f /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
/usr/bin/xcode-select --switch /Library/Developer/CommandLineTools
fi
# Is homebrew already installed?
which -s brew
if [[ $? = 1 ]];
then
# Install Homebrew. This doesn't like being run as root so we must do this manually.
notify "Installing Homebrew"
# Curl down the latest tarball and install to /usr/local
curl -L https://github.com/Homebrew/brew/tarball/master | tar xz --strip 1 -C /usr/local
# Manually make all the appropriate directories and set permissions
mkdir -p /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var
chown -R $consoleuser /usr/local
chmod g+rwx /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var
chmod 755 /usr/local/share/zsh /usr/local/share/zsh/site-functions
chgrp admin /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var
# Create a system wide cache folder
mkdir -p /Library/Caches/Homebrew
chmod g+rwx /Library/Caches/Homebrew
chown $consoleuser:wheel /Library/Caches/Homebrew
# Install the MD5 checker or the recipes will fail
su -l "$consoleuser" -c "/usr/local/bin/brew install md5sha1sum"
su -l "$consoleuser" -c "echo "'"export PATH=/usr/local/opt/openssl/bin:$PATH"'" >> ~/.bash_profile"
# Remove temporary folder
rm -rf /usr/local/Homebrew
else
# Run an update and quit
notify "Updating Homebrew"
su -l "$consoleuser" -c "/usr/local/bin/brew update" 2>&1 | tee -a ${LOG}
exit 0
fi
# Make sure everything is up to date
notify "Updating Homebrew"
su -l "$consoleuser" -c "/usr/local/bin/brew update" 2>&1 | tee -a ${LOG}
# Notify user that all is completed
notify "Installation complete"
# No more caffeine please. I've a headache.
kill "$caffeinatepid"
exit 0
Posted on 03-25-2020 01:47 PM
@rmgmedia, I added the below and didn't get the error
/usr/sbin/chown -R $ConsoleUser /usr/local/*
Posted on 03-30-2020 08:53 AM
@mattsvensson Can you post the entire script here?
Posted on 03-30-2020 08:34 PM
@rmgmedia I've updated the script for Catalina and done some tidying up. It's now posted on Github at https://github.com/Honestpuck/homebrew.sh .
Posted on 03-31-2020 11:07 AM
@honestpuck thank you!
Posted on 03-31-2020 01:41 PM
@honestpuck Thank you so much.
Posted on 04-02-2020 12:01 AM
Thanks @honestpuck
Posted on 04-03-2020 09:58 AM
I've tested the script by @honestpuck, I'm getting some errors and it takes about 30 minutes to complete.
Has anyone else experienced this?
Script result: Fri Apr 3 00:27:57 PDT 2020 - Homebrew Installation
Fri Apr 3 00:27:57 PDT 2020 - Checking for Xcode Command Line Tools installation
Fri Apr 3 00:27:57 PDT 2020 - Installing Xcode Command Tools
Software Update Tool
Downloading Command Line Tools for Xcode
Error downloading Command Line Tools for Xcode: The operation couldn’t be completed. (PKDownloadError error 8.)
Done.
Error downloading updates.
xcode-select: error: invalid developer directory '/Library/Developer/CommandLineTools'
Fri Apr 3 00:28:27 PDT 2020 - Installing Homebrew
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 128 100 128 0 0 418 0 --:--:-- --:--:-- --:--:-- 416
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
100 1153k 0 1153k 0 0 509k 0 --:--:-- 0:00:02 --:--:-- 1152k
100 1745k 0 1745k 0 0 727k 0 --:--:-- 0:00:02 --:--:-- 1532k
Initialized empty Git repository in /usr/local/Homebrew/.git/
Updating Homebrew...
From https://github.com/Homebrew/brew
[new branch] dependabot/bundler/Library/Homebrew/tzinfo-1.2.7 -> origin/dependabot/bundler/Library/Homebrew/tzinfo-1.2.7
[new branch] dependabot/bundler/docs/tzinfo-1.2.7 -> origin/dependabot/bundler/docs/tzinfo-1.2.7
[new branch] master -> origin/master
[new tag] 0.1 -> 0.1
[new tag] 0.2 -> 0.2
[new tag] 0.3 -> 0.3
[new tag] 0.4 -> 0.4
[new tag] 0.5 -> 0.5
[new tag] 0.6 -> 0.6
[new tag] 0.7 -> 0.7
[new tag] 0.7.1 -> 0.7.1
[new tag] 0.8 -> 0.8
[new tag] 0.8.1 -> 0.8.1
[new tag] 0.9 -> 0.9
[new tag] 0.9.1 -> 0.9.1
[new tag] 0.9.2 -> 0.9.2
[new tag] 0.9.3 -> 0.9.3
[new tag] 0.9.4 -> 0.9.4
[new tag] 0.9.5 -> 0.9.5
[new tag] 0.9.8 -> 0.9.8
[new tag] 0.9.9 -> 0.9.9
[new tag] 1.0.0 -> 1.0.0
[new tag] 1.0.1 -> 1.0.1
[new tag] 1.0.2 -> 1.0.2
[new tag] 1.0.3 -> 1.0.3
[new tag] 1.0.4 -> 1.0.4
[new tag] 1.0.5 -> 1.0.5
[new tag] 1.0.6 -> 1.0.6
[new tag] 1.0.7 -> 1.0.7
[new tag] 1.0.8 -> 1.0.8
[new tag] 1.0.9 -> 1.0.9
[new tag] 1.1.0 -> 1.1.0
[new tag] 1.1.1 -> 1.1.1
[new tag] 1.1.10 -> 1.1.10
[new tag] 1.1.11 -> 1.1.11
[new tag] 1.1.12 -> 1.1.12
[new tag] 1.1.13 -> 1.1.13
[new tag] 1.1.2 -> 1.1.2
[new tag] 1.1.3 -> 1.1.3
[new tag] 1.1.4 -> 1.1.4
[new tag] 1.1.5 -> 1.1.5
[new tag] 1.1.6 -> 1.1.6
[new tag] 1.1.7 -> 1.1.7
[new tag] 1.1.8 -> 1.1.8
[new tag] 1.1.9 -> 1.1.9
[new tag] 1.2.0 -> 1.2.0
[new tag] 1.2.1 -> 1.2.1
[new tag] 1.2.2 -> 1.2.2
[new tag] 1.2.3 -> 1.2.3
[new tag] 1.2.4 -> 1.2.4
[new tag] 1.2.5 -> 1.2.5
[new tag] 1.2.6 -> 1.2.6
[new tag] 1.3.0 -> 1.3.0
[new tag] 1.3.1 -> 1.3.1
[new tag] 1.3.2 -> 1.3.2
[new tag] 1.3.3 -> 1.3.3
[new tag] 1.3.4 -> 1.3.4
[new tag] 1.3.5 -> 1.3.5
[new tag] 1.3.6 -> 1.3.6
[new tag] 1.3.7 -> 1.3.7
[new tag] 1.3.8 -> 1.3.8
[new tag] 1.3.9 -> 1.3.9
[new tag] 1.4.0 -> 1.4.0
[new tag] 1.4.1 -> 1.4.1
[new tag] 1.4.2 -> 1.4.2
[new tag] 1.4.3 -> 1.4.3
[new tag] 1.5.0 -> 1.5.0
[new tag] 1.5.1 -> 1.5.1
[new tag] 1.5.10 -> 1.5.10
[new tag] 1.5.11 -> 1.5.11
[new tag] 1.5.12 -> 1.5.12
[new tag] 1.5.13 -> 1.5.13
[new tag] 1.5.14 -> 1.5.14
[new tag] 1.5.2 -> 1.5.2
[new tag] 1.5.3 -> 1.5.3
[new tag] 1.5.4 -> 1.5.4
[new tag] 1.5.5 -> 1.5.5
[new tag] 1.5.6 -> 1.5.6
[new tag] 1.5.7 -> 1.5.7
[new tag] 1.5.8 -> 1.5.8
[new tag] 1.5.9 -> 1.5.9
[new tag] 1.6.0 -> 1.6.0
[new tag] 1.6.1 -> 1.6.1
[new tag] 1.6.10 -> 1.6.10
[new tag] 1.6.11 -> 1.6.11
[new tag] 1.6.12 -> 1.6.12
[new tag] 1.6.13 -> 1.6.13
[new tag] 1.6.14 -> 1.6.14
[new tag] 1.6.15 -> 1.6.15
[new tag] 1.6.16 -> 1.6.16
[new tag] 1.6.17 -> 1.6.17
[new tag] 1.6.2 -> 1.6.2
[new tag] 1.6.3 -> 1.6.3
[new tag] 1.6.4 -> 1.6.4
[new tag] 1.6.5 -> 1.6.5
[new tag] 1.6.6 -> 1.6.6
[new tag] 1.6.7 -> 1.6.7
[new tag] 1.6.8 -> 1.6.8
[new tag] 1.6.9 -> 1.6.9
[new tag] 1.7.0 -> 1.7.0
[new tag] 1.7.1 -> 1.7.1
[new tag] 1.7.2 -> 1.7.2
[new tag] 1.7.3 -> 1.7.3
[new tag] 1.7.4 -> 1.7.4
[new tag] 1.7.5 -> 1.7.5
[new tag] 1.7.6 -> 1.7.6
[new tag] 1.7.7 -> 1.7.7
[new tag] 1.8.0 -> 1.8.0
[new tag] 1.8.1 -> 1.8.1
[new tag] 1.8.2 -> 1.8.2
[new tag] 1.8.3 -> 1.8.3
[new tag] 1.8.4 -> 1.8.4
[new tag] 1.8.5 -> 1.8.5
[new tag] 1.8.6 -> 1.8.6
[new tag] 1.9.0 -> 1.9.0
[new tag] 1.9.1 -> 1.9.1
[new tag] 1.9.2 -> 1.9.2
[new tag] 1.9.3 -> 1.9.3
[new tag] 2.0.0 -> 2.0.0
[new tag] 2.0.1 -> 2.0.1
[new tag] 2.0.2 -> 2.0.2
[new tag] 2.0.3 -> 2.0.3
[new tag] 2.0.4 -> 2.0.4
[new tag] 2.0.5 -> 2.0.5
[new tag] 2.0.6 -> 2.0.6
[new tag] 2.1.0 -> 2.1.0
[new tag] 2.1.1 -> 2.1.1
[new tag] 2.1.10 -> 2.1.10
[new tag] 2.1.11 -> 2.1.11
[new tag] 2.1.12 -> 2.1.12
[new tag] 2.1.13 -> 2.1.13
[new tag] 2.1.14 -> 2.1.14
[new tag] 2.1.15 -> 2.1.15
[new tag] 2.1.16 -> 2.1.16
[new tag] 2.1.2 -> 2.1.2
[new tag] 2.1.3 -> 2.1.3
[new tag] 2.1.4 -> 2.1.4
[new tag] 2.1.5 -> 2.1.5
[new tag] 2.1.6 -> 2.1.6
[new tag] 2.1.7 -> 2.1.7
[new tag] 2.1.8 -> 2.1.8
[new tag] 2.1.9 -> 2.1.9
[new tag] 2.2.0 -> 2.2.0
[new tag] 2.2.1 -> 2.2.1
[new tag] 2.2.10 -> 2.2.10
[new tag] 2.2.11 -> 2.2.11
[new tag] 2.2.2 -> 2.2.2
[new tag] 2.2.3 -> 2.2.3
[new tag] 2.2.4 -> 2.2.4
[new tag] 2.2.5 -> 2.2.5
[new tag] 2.2.6 -> 2.2.6
[new tag] 2.2.7 -> 2.2.7
[new tag] 2.2.8 -> 2.2.8
[new tag] 2.2.9 -> 2.2.9
HEAD is now at d1f183311 Merge pull request #7256 from MikeMcQuaid/binary-urls-audit
==> Tapping homebrew/core
Cloning into '/usr/local/Homebrew/Library/Taps/homebrew/homebrew-core'...
fatal: unable to access 'https://github.com/Homebrew/homebrew-core/': LibreSSL SSL_read: SSL_ERROR_SYSCALL, errno 54
Error: Failure while executing; git clone https://github.com/Homebrew/homebrew-core /usr/local/Homebrew/Library/Taps/homebrew/homebrew-core
exited with 128.
Error: Failure while executing; /usr/local/bin/brew tap homebrew/core
exited with 1.
export PATH="/usr/local/opt/openssl/bin:$PATH"
Fri Apr 3 01:00:04 PDT 2020 - Updating Homebrew
Already up-to-date.
Fri Apr 3 01:00:10 PDT 2020 - Installation complete
OK
Posted on 04-05-2020 11:26 PM
It looks like an error accessing Github, nothing wrong with the script. Are you under a proxy? Any other networking issues that might cause you to not be able to access it?
SSL_ERROR_SYSCALL
Some I/O error occurred. The OpenSSL error queue may contain more information on the error. If the error queue is empty (i.e. ERR_get_error() returns 0), ret can be used to find out more about the error: If ret == 0, an EOF was observed that violates the protocol. If ret == -1, the underlying BIO reported an I/O error (for socket I/O on Unix systems, consult errno for details).
Posted on 04-06-2020 08:03 AM
We use Zscaler for proxy at my work so I have this at the beginning of the install script. It checks for the bash/zsh profiles and then creates them in the users home directory. This lets all the traffic through Terminal pass through the Zscaler app so if your company uses something different for proxy then you would just replace the 'localhost:9000' on my example with your proxy. Good luck!! :)
#!/bin/bash
#Create .bash_profile and .zshrc in users profile directory
log "Creating .bash_profile and .zshrc in users profile directory"
if [[ -f ~/.zshrc ]] ; then
log ".zshrc already exists"
echo "" >> ~/.zshrc
else
log "Creating .zshrc"
touch ~/.zshrc
fi
if [[ -f ~/.bash_profile ]] ; then
log ".bash_profile already exists"
echo "" >> ~/.bash_profile
else
log "Creating .bash_profile"
touch ~/.bash_profile
fi
#Adding proxy settings to files
log "Adding proxy settings for terminal profiles"
echo "#Proxy settings" >> ~/.zshrc
echo export http_proxy=http://localhost:9000 >> ~/.zshrc
echo export https_proxy=http://localhost:9000 >> ~/.zshrc
echo export no_proxy=localhost,127.0.0.1 >> ~/.zshrc
echo "#Proxy settings" >> ~/.bash_profile
echo export http_proxy=http://localhost:9000 >> ~/.bash_profile
echo export https_proxy=http://localhost:9000 >> ~/.bash_profile
echo export no_proxy=localhost,127.0.0.1 >> ~/.bash_profile
Posted on 04-06-2020 02:05 PM
We are not using a proxy of any kind of my work machines.
Posted on 04-13-2020 01:56 PM
Shameless plug for AutoBrew ;)
Posted on 04-14-2020 02:23 PM
@kenny.botelho Your autobrew script is running homebrew installation as root, that's not recommended for good reasons. You are than changing the permissions of everything in /usr/local to be owned by that user, that is not not good security hygine.
@JustGoogleIt85 Cool script however the part below is unnecessary. Touch fails if the file already exists.
if [[ -f ~/.zshrc ]] ; then
log ".zshrc already exists"
echo "" >> ~/.zshrc
else
log "Creating .zshrc"
touch ~/.zshrc
fi
if [[ -f ~/.bash_profile ]] ; then
log ".bash_profile already exists"
echo "" >> ~/.bash_profile
else
log "Creating .bash_profile"
touch ~/.bash_profile
fi
QuotedText
Posted on 04-14-2020 02:54 PM
@bobbyjohn That's actually the whole point of AutoBrew. So you CAN perform the Homebrew install as root, and it's not much different than running the original installer and interactively running through the sudo prompts. The chown
is also standard practice for Homebrew installation repairs. Could you perhaps share a bit more about good security hygiene for /usr/local/ ?
Posted on 04-14-2020 07:42 PM
/usr/local can contain binaries and other files that are owned by root and should not be writable by any other user and may cause privilege escalations or denial of service. The Jamf executable for example, can be in /usr/local and should be owned by ROOT only while others have permission to execute it. What happens when the current user is able to modify it? They can modify it, leading to priv escalation or delete it and so on. Maybe its not part of your specific threat model but say its a school where the student doesn't have root access but can get it with this? Or maybe just delete the binary because why not?
It is VERY different than the original installer because the original installer changes ownership of individual folders specific to its need.
Posted on 04-14-2020 07:47 PM
@darren.leong The script works fine, due to where. the error is happening (SSL_read function) its something to do with issues at layer 4 or lower. Maybe some caching is preventing it, some security policy, something else? Try doing wget of the repo.
Posted on 04-14-2020 08:57 PM
Fair point @bobbyjohn ,
I've updated the source to now have more precision permission changes with the Homebrew install. This would mimic the behavior of how the "original installer changes ownership of individual folders specific to its need."
Posted on 05-18-2020 12:00 PM
@honestpuck I am trying the one you posted at the URL and I'm still getting this error:
Mon May 18 14:55:08 EDT 2020 - Updating Homebrew
Error: /usr/local is not writable. You should change the
ownership and permissions of /usr/local back to your
user account:
sudo chown -R $(whoami) /usr/local
Any suggestions?
Posted on 05-18-2020 12:01 PM
@mattsvensson Where did you add this?
Change ownership to user
/usr/sbin/chown -R $ConsoleUser /usr/local/*
Posted on 05-18-2020 01:38 PM
NVM. I just tried AutoBrew by @kenny.botelho and it worked like magic. Thanks
Posted on 06-24-2020 09:20 AM
@kenny.botelho Your Autobrew script seems to be failing whenever we try to install it... looks like Xcode related...
xcode-select: note: no developer tools were found at '/Applications/Xcode.app', requesting install. Choose an option in the dialog to download the command line developer tools.
Failed during: git config --replace-all homebrew.analyticsmessage true
==> Next steps:
- Run `brew help` to get started
- Further documentation:
chown: /usr/local/bin/brew: No such file or directory
chown: /usr/local/share/doc/homebrew: No such file or directory
chown: /usr/local/share/man/man1/brew.1: No such file or directory
chown: /usr/local/share/zsh/site-functions/_brew: No such file or directory
chown: /usr/local/etc/bash_completion.d/brew: No such file or directory
bash: /usr/local/bin/brew: No such file or directory
bash: /usr/local/bin/brew: No such file or directory
bash: /usr/local/bin/brew: No such file or directory
AutoBrew Installation Failed
Posted on 06-24-2020 10:16 AM
Posted on 07-19-2021 06:09 AM
Can someone share their script to install Homebrew on M1 Macs?
Posted on 11-22-2023 09:11 AM
Can someone share their script to install Homebrew on M1 Macs? Installomator does not put correct user/path.