Determine if update requires restart

stevewood
Honored Contributor II
Honored Contributor II

Hey folks!

I'm looking for a way to easily determine if a software update package from Apple requires a restart. Since I always have a battle with my users to get them to restart and run updates, I'd like to start forcing updates of items that don't require a restart.

So, any ideas short of writing my own SQL query?

Thanks!

Steve

1 ACCEPTED SOLUTION

tlarkin
Honored Contributor

quick and dirty method here.

bash-3.2# softwareupdate -l
Software Update Tool
Copyright 2002-2009 Apple

Software Update found the following new or updated software:
   * iTunesXPatch-10.5.1
    iTunes (10.5.1), 26904K [recommended]
   * iWork0905-9.1
    iWork Update 6 (9.1), 88100K [recommended]
   * JavaForMacOSX10.6-6.0
    Java for Mac OS X 10.6 Update 6 (6.0), 77344K [recommended]
   * Safari5.1.2SnowLeopard-5.1.2
    Safari (5.1.2), 48042K [recommended] [restart]

So taking into account there is an update that says I need a restart I can do this:

bash-3.2# softwareupdate -l | grep restart
    Safari (5.1.2), 48042K [recommended] [restart]

Now if I run this command echo "$?" it will tell me if my previous command was successful or not by returning 0 for success 1 for failure.

So, a script like this could be invoked with two sets of software update policies. The first policy in the JSS will be manual trigger and force a reboot, the second policy will also be manual trigger and not enforce a reboot. So, something like this to tie it all together. Create a policy that runs this script, determines if a reboot is required then executes policy if need be.

Example code, use at own risk, make sure you test it, etc etc etc

#!/bin/bash
#check for software updates
/usr/sbin/softwareupdate -l | /usr/bin/grep -i "restart"

if [[ `/bin/echo "$?"` == 0 ]] #if it was successful

  then /usr/sbin/jamf policy -trigger swureboot
  else /usr/sbin/jamf policy -trigger swunoreboot
fi
exit 0

You could even put this on self service and add a jamfhelper to notify the user or what not. This is just a rough idea.

View solution in original post

7 REPLIES 7

tlarkin
Honored Contributor

quick and dirty method here.

bash-3.2# softwareupdate -l
Software Update Tool
Copyright 2002-2009 Apple

Software Update found the following new or updated software:
   * iTunesXPatch-10.5.1
    iTunes (10.5.1), 26904K [recommended]
   * iWork0905-9.1
    iWork Update 6 (9.1), 88100K [recommended]
   * JavaForMacOSX10.6-6.0
    Java for Mac OS X 10.6 Update 6 (6.0), 77344K [recommended]
   * Safari5.1.2SnowLeopard-5.1.2
    Safari (5.1.2), 48042K [recommended] [restart]

So taking into account there is an update that says I need a restart I can do this:

bash-3.2# softwareupdate -l | grep restart
    Safari (5.1.2), 48042K [recommended] [restart]

Now if I run this command echo "$?" it will tell me if my previous command was successful or not by returning 0 for success 1 for failure.

So, a script like this could be invoked with two sets of software update policies. The first policy in the JSS will be manual trigger and force a reboot, the second policy will also be manual trigger and not enforce a reboot. So, something like this to tie it all together. Create a policy that runs this script, determines if a reboot is required then executes policy if need be.

Example code, use at own risk, make sure you test it, etc etc etc

#!/bin/bash
#check for software updates
/usr/sbin/softwareupdate -l | /usr/bin/grep -i "restart"

if [[ `/bin/echo "$?"` == 0 ]] #if it was successful

  then /usr/sbin/jamf policy -trigger swureboot
  else /usr/sbin/jamf policy -trigger swunoreboot
fi
exit 0

You could even put this on self service and add a jamfhelper to notify the user or what not. This is just a rough idea.

stevewood
Honored Contributor II
Honored Contributor II

You just gave me an idea of how to do this Tom. I was thinking of doing this a different way. Instead of using the code you have in the manner you have it, I could use the guts of it to create an Extension Attribute so I could trigger a Smart Group.

My original idea was to find a way to pull the data out of the jamfsoftware database in mysql. See, I already have the list of updates that a machine needs, I just wanted to break them into two groups: need reboot and does not need reboot. I can accomplish that with the script and an EA.

Thanks Tom, I was trying to make it more complicated than it need be.

lance_ogletree
Contributor
Contributor

Don't forget that if the update is installed via a policy then you have the ability to force a restart if the package requires it from an Apple Software Update. Take a look at the Reboot option within a policy. You then have the option of presenting the user with a certain amount of time before the restart occurs after clicking the "OK" button - 5minutes , 30 minutes, etc.

Scrub that Steve. Read your original post wrong. How are your currently installing Apple updates? With a simple policy installing all available updates or some other method?

tlarkin
Honored Contributor
Don't forget that if the update is installed via a policy then you have the ability to force a restart if the package requires it from an Apple Software Update. Take a look at the Reboot option within a policy. You then have the option of presenting the user with a certain amount of time before the restart occurs after clicking the "OK" button - 5minutes , 30 minutes, etc.

In my experience this can be easily interrupted by the user having things like Safari open. You can have AS or something else interact with the user or just quit all their apps. I like to apply updates to users at start up or shut down. Also, trigger via self service.

You could easily turn my script into an Extension Attribute and scope it from there.

May
Contributor III

Works well as an EA, just what i needed

thank you @stevewood @tlarkin

#!/bin/sh 
#check for apple software updates that require a restart

/usr/sbin/softwareupdate -l | /usr/bin/grep -i "restart"

if [[ `/bin/echo "$?"` == 0 ]] #if it was successful

then 

echo "<result>yes</result>"

else

echo "<result>no</result>"

fi

alexjdale
Valued Contributor III

A tip if you are doing more complicated scripting and are examining each SWU individually, you can grep the "softwareupdate -l" result for a specific update with -A1 which will include the following line that contains the restart flag, and then grep that for "restart."

Example:

$ sudo softwareupdate -l | grep SecUpd2015-002Mavericks-1.0 -A1 | grep restart
    Security Update 2015-002 (1.0), 60287K [recommended] [restart]

We have an update script that reads in a list of updates we want to deploy, processes the list against "softwareupdate -l" to see what's available, and detects restarts so if any of the updates require a restart, we can inform the user in our dialog messages. It passes that list to "softwareupdate -d" to pre-cache the updates before informing the user, so when they do click "yes" to install, the installation starts immediately.

May
Contributor III

Thanks @alexjdale

I could definitely refine the policies by using that in an EA

Cheers!