Skip to main content
Solved

Help with scripting: Install a package within a .dmg


mvu
Forum|alt.badge.img+20
  • Jamf Heroes
  • 874 replies

Hello,

I need help with scripting an installation. Forgive me for my lack of skills in the area.

I was given an agent to install. The package and config. file is within the .dmg file. When I try to extract the package to push (ARD or Casper) it fails. The negative package is just a preflight and postflight script.

How would you install this leveraging Jamf Pro? Could I get help with scripting this?

My thought was to:

• Copy the .dmg file to a tmp folder
• Open the .dmg
• Install the package within the .dmg
• eject the FireEye Agent installer
• delete .dmg file

I saw this link too, but still need help:
Jamf Post

Best answer by mm2270

Why not copy the pkg and the config file into a new folder in /tmp/, then drag that folder into Composer's sidebar to make a source and finally add a postinstall script that calls the installer from that location in /tmp/? It would run the install and, I would think, see the config file in the same directory and use it. If I had to guess, the installer package script is likely looking at the running path and looking in that same directory for the config file to use.
Has something like that been tried yet?

View original
Did this topic help you find an answer to your question?

22 replies

Forum|alt.badge.img+14
  • Valued Contributor
  • 375 replies
  • September 27, 2017

@mvu

You could temporarily mount a DMG and the use the following command to trigger the install:

#!/bin/sh
sudo installer -pkg /path/to/package.pkg -target /

Forum|alt.badge.img+1
  • New Contributor
  • 2 replies
  • September 27, 2017

@mvu

Could use Composer as well to do a before and after snapshot of the install. Run Compose on a machine that does not have this installed, start the before snapshot then create a folder on the system and copy the dmg into that folder, run the install as you would normally, when completed end the snapshot and create a .pkg from the changes. It should create a .pkg that has the contents of the dmg in it as well as the process you took to install it. Once the pkg is created, just do a manual test on another machine of running the .pkg before uploading into JAMF and building out a policy....just my two cents :)


mvu
Forum|alt.badge.img+20
  • Author
  • Jamf Heroes
  • 874 replies
  • September 27, 2017

@crodriguez I'll give that a shot. This would be a way to avoid my lack of scripting skills.


Forum|alt.badge.img+16
  • Legendary Contributor
  • 7880 replies
  • Answer
  • September 27, 2017

Why not copy the pkg and the config file into a new folder in /tmp/, then drag that folder into Composer's sidebar to make a source and finally add a postinstall script that calls the installer from that location in /tmp/? It would run the install and, I would think, see the config file in the same directory and use it. If I had to guess, the installer package script is likely looking at the running path and looking in that same directory for the config file to use.
Has something like that been tried yet?


mvu
Forum|alt.badge.img+20
  • Author
  • Jamf Heroes
  • 874 replies
  • September 27, 2017

@mm2270 I think you're right about the installer package script looking at the running path. I'll give this a shot. Would you use the script above as the postinstall?

!/bin/sh

sudo installer -pkg /path/to/package.pkg -target /


Forum|alt.badge.img+16
  • Legendary Contributor
  • 7880 replies
  • September 27, 2017

Yes, but drop the sudo. When the package is run by the jamf binary it's running as root, so no sudo is required. Just replace the /path/to/package/package.pkg with something like /private/tmp/FireEyeAgent/xagtSetup_25.12.0.mpkg or whatever the folder name is that you choose to place it in.

So when the custom pkg gets run, it drops the payload into /private/tmp/FireEyeAgent/ and that will have the installer + the config file in it. Then your postinstall script would run the above installer command line. Hopefully that will make it install properly and recognize the config file at run time.


mvu
Forum|alt.badge.img+20
  • Author
  • Jamf Heroes
  • 874 replies
  • September 27, 2017

Boom. I learned something today. I was able to package it, copy the files over, install the agent and remove the folder.

Thanks @mm2270 and everyone who chimed in. I know you said drop the sudo, but I'm used to leaving it in.


Forum|alt.badge.img+4
  • Contributor
  • 10 replies
  • September 28, 2017

If it helps. I also Use Whitebox Packages to help re-package apps or deploy things and run scripts. It's a good tool to have along with Composer.


Forum|alt.badge.img+1
  • New Contributor
  • 2 replies
  • October 12, 2017

Hello All, I am new to the forums, been using Casper for about a year now, just really getting into the nitty-gritty, so I need some help please.

I followed the instructions (suggestions) by mm 2270 above exactly and was able to get the package created by composer, using the post-install script above. I tested said package on 2 macs and it works great, installing the FireEye agent and I can see it in the console.

But, after I uploaded the same package to Admin and run it for deployment on a new image, it does not run. But, I can run the same exact package in my source files and it will install.

What am I missing?


Forum|alt.badge.img+1
  • New Contributor
  • 7 replies
  • May 16, 2018

Hello All,

Followed the above and it still doesn't work, says it installs successfully, but the agent really instant running?

Could we get some 2018 updates please.

Thanks


Forum|alt.badge.img+5
  • Contributor
  • 50 replies
  • June 1, 2018

@omaromar Check Activity Monitor (All Processes) and search for the process name 'xagt' and 'FireEye Notification' then you should be good. The ultimate check would be with the personnel who monitor the results.

If those processes aren't running, then check that your postinstall script has:

/usr/bin/sudo launchctl load -w "/Library/LaunchAgents/com.fireeye.xagtnotif.plist"
/usr/bin/sudo launchctl load -w "/Library/LaunchDaemons/com.fireeye.xagt.plist"

mvu
Forum|alt.badge.img+20
  • Author
  • Jamf Heroes
  • 874 replies
  • August 21, 2018


I guess I'm unsubscribed to this. Did @asedelmeyer @omaromar get it working?

We are moving to version 26.21.10. I repackaged the agent config file and xagtSetup package, updated the script, and all is working. I see "FireEye Notification" just like @bainter says.


Forum|alt.badge.img+3
  • New Contributor
  • 27 replies
  • February 5, 2019

Hello,
How is the update script looks alike, I try the script above and Composer package and the agent do not install it . just create the Folder in /Library/ FireEye with two files, and I did not see any notifications or file in the Application folder.


Forum|alt.badge.img+3
  • New Contributor
  • 8 replies
  • January 2, 2020

Hi,

I try this few times. Installation is successful but don't see agent running under ps aux | grep xagt.

Also, I added below to post install script but no luck

**If those processes aren't running, then check that your postinstall script has:

/usr/bin/sudo launchctl load -w "/Library/LaunchAgents/com.fireeye.xagtnotif.plist"
/usr/bin/sudo launchctl load -w "/Library/LaunchDaemons/com.fireeye.xagt.plist"**

fyi..I am using this installer package ver xagtSetup_31.28.0.pkg.


mvu
Forum|alt.badge.img+20
  • Author
  • Jamf Heroes
  • 874 replies
  • June 3, 2020

Thanks @omaromar for those postinstall script. We are installing version 32.30.0. It's a little different.

If you don't run those two lines in your post install script, the Macs need a restart. For Macs 10.12, you need to restart regardless.

Also, for some reason FireEye is asking for Kext approval from "Bitdender" on Macs 10.13 and up. Looks like you'll need to approve that or have Jamf send a Config profile.

Team ID: GUNFMW623Y|com.Bitdefender.iokit.av|1|Bitdefender SRL|1


Forum|alt.badge.img
  • New Contributor
  • 1 reply
  • June 15, 2020

Hi @mvu
Did you get any script working where you are also adding Kext approval for the for the Bitdefender part? I am currently trying to get it working with xagtSetup_32.30.0 on a macOS version 10.15.5.
In case you figured it out would you be willing to share it here?
Thank you very much!


mvu
Forum|alt.badge.img+20
  • Author
  • Jamf Heroes
  • 874 replies
  • June 15, 2020

@ddeth I pushed a configuration profile with Approved Kernel Extension ...


Forum|alt.badge.img+12
  • Valued Contributor
  • 100 replies
  • June 15, 2020

How do you mount the DMG initially? I follow that you'd copy it to /tmp but then you'd need to mount the DMG and that's the part I'm stuck on


mvu
Forum|alt.badge.img+20
  • Author
  • Jamf Heroes
  • 874 replies
  • June 15, 2020

So, we're skipping that part by re-packaging the contents inside the DMG. This way, we skip having to mount any DMG.

You'll need to re-package two pieces: the agent config file and xagt setup package, which goes into the tmp folder. If you go back to my 8/21/2018 post above, you'll see the insides of my package. After that, you run a postscript which you can bake into the package using Composer, or use Jamf to run it after.


Forum|alt.badge.img+12
  • Valued Contributor
  • 100 replies
  • June 15, 2020

@mvu Thanks for replying so fast -- I guess my question is unrelated at this point - is there a reference on how to mount a DMG you can point me to? Struggling to find one.


Forum|alt.badge.img+18
  • Contributor
  • 475 replies
  • June 16, 2020

@k3vmo Here is an example of attaching to a dmg and installing a package inside:

#!/bin/bash

# Variables
dmgPath="/path/to/file.dmg"
packageName="PackageName.pkg"

# Mount the DMG, and save its device
device=$(/usr/bin/hdiutil attach -nobrowse "$dmgPath" | /usr/bin/grep "/Volumes" | /usr/bin/awk '{ print $1 }')

# Using the device, determine the mount point
mountPoint=$(/usr/bin/hdiutil info | /usr/bin/grep "^$device" | /usr/bin/cut -f 3)

# Find the package inside
foundPackage=$(/usr/bin/find "$mountPoint" -type d -iname "*$packageName" -maxdepth 1 | /usr/bin/grep -v "^$mountPoint$")

# Install the package
/usr/sbin/installer -pkg "$foundPackage" -target /

exit 0

Forum|alt.badge.img+3
  • New Contributor
  • 7 replies
  • May 31, 2022
k3vmo wrote:

@mvu Thanks for replying so fast -- I guess my question is unrelated at this point - is there a reference on how to mount a DMG you can point me to? Struggling to find one.


I haven't found much documentation in the Jamf manual for this but, something else to consider; when you deploy a dmg as the package in a Jamf Policy, Jamf will mount the diskimage and join it to the Mac's root directory by default. i.e. If there is a directory tree on the disk image such as Library/Application Support/My_Payload, it will be joined to the root directory and there will be a new "My_Payload" folder found under /Library/Application Support/ if there wasn't one there already. It will stay mounted until it is unmounted or a reboot. You would definitely want to mimic any file ownership and privileges to your diskimage for directories normally found on the Mac and disable "Ingore ownership on this volume" for that diskimage.

This method works out well for those PKGs that need to be executed with a configuration plist in the same directory or installers that need to be passed specific arguments or flags like FireEye and VMware Fusion. No need to package the dmg within a pkg, instead you just have a dmg as your package and have a script in the policy to call the execution after the dmg is mounted. When the installation has completed, call the unmount command ( hdiutil detach Library/Application Support/My_Payload ).


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings