Posted on 05-20-2020 12:07 PM
Working on a Self-Service Homebrew option.
Trying to find a way to run brew update, upgrade, and cleanup in the install script not as sudo. See script bellow.
#!/bin/zsh
# Install Apple Xcode CLT
rm -rf /Library/Developer/CommandLineTools
xcode-select --install
# Install Homebrew
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
# Find a way to run bellow without sudo
# brew update
# brew upgrade
# brew cleanup
exit 0
Posted on 05-20-2020 02:25 PM
Check out https://github.com/kennyb-222/AutoBrew
Posted on 05-20-2020 08:50 PM
I also have a solution:
Once you install Homebrew running brew
commands doesn't require sudo or administrator rights for the user.
Posted on 07-21-2020 09:33 AM
I have been fighting this fot a day now. Your script solved all my problems. Thanks
Posted on 02-12-2021 01:45 AM
Thanks for great script, but then in install via JAMF self service and after I try to install something with brew I get this, is it expected behaviour or I'm doing something wrong:
brew install midnight-commander
Error: The following directories are not writable by your user:
/usr/local/share
/usr/local/share/man
/usr/local/share/man/man1
/usr/local/share/zsh
/usr/local/share/zsh/site-functions
You should change the ownership of these directories to your user.
sudo chown -R $(whoami) /usr/local/share /usr/local/share/man /usr/local/share/man/man1 /usr/local/share/zsh /usr/local/share/zsh/site-functions
And make sure that your user has write permission.
chmod u+w /usr/local/share /usr/local/share/man /usr/local/share/man/man1 /usr/local/share/zsh /usr/local/share/zsh/site-functions
Posted on 09-14-2021 01:46 PM
@Rokas
I'm assuming this is an Intel Mac, which OS are you running? Have you had a look at the log for when the policy ran the homebrew install script? Are you attempting the midnight-commander install from a policy or the command line?
Posted on 02-12-2021 07:08 PM
@Rokas When you're running a script from Jamf it's running as root, and I expect Homebrew installed via @honestpuck's script needs installs to be done from the logged in user's account. See this article on how you can do that: https://scriptingosx.com/2020/08/running-a-command-as-another-user/
Posted on 02-18-2021 05:11 AM
@sdagley script already contains parts to run as user and it installs brew on user level successfully, just doesn't change some directory permissions for some reason..
Posted on 02-22-2021 09:08 AM
So I'm able to install Homebrew, and can do installs, however, since the user is not an admin, when I get prompted at the end of the process to enter password to move the app to the /Applications folder, it fails. There a way around this?
Posted on 09-14-2021 01:49 PM
It's not possible to install scripts into /Applications via Homebrew if the user is not an admin. You should package the application and install it via Jamf. This is not a limitation of any script to install Homebrew but built in to the Apple security.
Posted on 09-14-2021 01:52 PM
Posted on 05-03-2022 01:33 AM
Rather than installing to the default system/Applications folder (which requires sudo credentials) a user can install brew apps to the user/Applications folder with no password like this:
brew install --cask --appdir=~/Applications {app name}
For example installing iTerm2 with brew cask to the user/Applications folder
brew install --cask --appdir=~/Applications iterm2
Posted on 07-16-2021 03:05 AM
I found a part of a script which might help you installing brew with jamf:
# Jamf will have to execute all of the directory creation functions Homebrew normally does so we can bypass the need for sudo
#Make Brew Folders
/usr/bin/logger -t "Brew: ${0##*/}" "Brew not found, preparing..."
/bin/mkdir -p /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/man /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var
#Set Permissions
/bin/chmod g+rwx /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/man /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var /usr/local/var/homebrew/linked
/bin/chmod 755 /usr/local/share/zsh /usr/local/share/zsh/site-functions
#Set owner on folders
/usr/sbin/chown $USERIS /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/man /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var /usr/local/var/homebrew/linked
/usr/bin/chgrp admin /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/man /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var /usr/local/var/homebrew/linked
/bin/mkdir -p /Users/$USERIS/Library/Caches/Homebrew
/bin/chmod g+rwx /Users/$USERIS/Library/Caches/Homebrew
/usr/sbin/chown $USERIS /Users/$USERIS/Library/Caches/Homebrew
#Group Folder Permissions
/usr/sbin/chown $USERIS /usr/local/bin /usr/local/etc /usr/local/Frameworks /usr/local/include /usr/local/lib /usr/local/sbin /usr/local/share /usr/local/var /usr/local/etc/bash_completion.d /usr/local/lib/pkgconfig /usr/local/var/log /usr/local/share/aclocal /usr/local/share/doc /usr/local/share/info /usr/local/share/locale /usr/local/share/man /usr/local/share/man/man1 /usr/local/share/man/man2 /usr/local/share/man/man3 /usr/local/share/man/man4 /usr/local/share/man/man5 /usr/local/share/man/man6 /usr/local/share/man/man7 /usr/local/share/man/man8 &> /dev/null
/usr/bin/chgrp admin /usr/local/bin /usr/local/etc /usr/local/Frameworks /usr/local/include /usr/local/lib /usr/local/sbin /usr/local/share /usr/local/var /usr/local/etc/bash_completion.d /usr/local/lib/pkgconfig /usr/local/var/log /usr/local/share/aclocal /usr/local/share/doc /usr/local/share/info /usr/local/share/locale /usr/local/share/man /usr/local/share/man/man1 /usr/local/share/man/man2 /usr/local/share/man/man3 /usr/local/share/man/man4 /usr/local/share/man/man5 /usr/local/share/man/man6 /usr/local/share/man/man7 /usr/local/share/man/man8 &> /dev/null
Posted on 07-21-2021 12:56 PM
@CreativeB, AutoBrew can take care of all of this for you 🙂
Posted on 07-29-2021 07:26 AM
@kenny_botelho thank you for this script. It saved me a bunch of time and work.
Posted on 08-02-2021 02:05 AM
I found a script from @honestpuck which helped me a lot as well:
https://github.com/Honestpuck/homebrew.sh
here you have the installation of homebrew for Intel & M1 and installation scripts for brews and casks as well. All you need is to define $4 as package you want in your policy.
Posted on 08-02-2021 02:10 AM
Glad you found it useful. Always open to bug reports and suggestions for improvement.
Posted on 10-12-2021 07:48 AM
This could be a silly question, but is there a way to have the end user fill the variable when running the brew-install-program.sh and brew-install-cask.sh scripts?
Posted on 10-12-2021 02:42 PM
The user can run `brew install <software>` or `brew cask install <software>` from the command line. `brew-install-program.sh` is for when you want to do it from a policy.
Posted on 10-12-2021 03:03 PM
The issue that our end users are experiencing is that they are prompted for admin credentials when they run `brew install <software>` or `brew cask install <software>`.
I could be overthinking the process, but I was thinking we could implement a policy containing `brew-install-program.sh` where the end user would simply input the program they want to install and it would populate the program into the script. Hopefully that makes sense.
Posted on 10-12-2021 08:02 PM
Posted on 10-14-2021 07:47 AM
Unfortunately it looks like people are still prompted to input a password via terminal and then booted out for not being in the sudoers file. From what I can tell the install process for homebrew went as expected with no errors in the policy logs.
Posted on 09-14-2021 11:16 AM
When I run the script (homebrew-3.3.sh) in Jamf and try to install, it hangs and never seems to finish. I run a script, before homebrew-3.3.sh, that installs Xcode and that does successfull complete... Terminal just gets stuck at "Running script Homebrew3.3.sh..."
Any advice on how to get passed this?
Posted on 09-14-2021 11:28 AM
Is there a active user session? Do you have mobile accounts or local users? Which kind of machine are you running this script on?
I’ll try the updated version later - If I encounter the same issue as you, we might dive deeper into the code to fix it.
as for the moment I posted in this thread, everything worked like charm for me.
Posted on 09-14-2021 11:31 AM
I am using a test mac with full admin rights to test. Local users. I am in the middle of formatting back to Catalina but I was testing this on BS 11.5 and Catalina and this issue occurred.
I am going to try install Xcode in a separate policy before running Homebrew script
Posted on 09-14-2021 11:34 AM
Could you please try to run the script locally on a machine with “sh -x ./path/to/script.sh “ ? Maybe you find something.
also it takes a while till it’s installed completely.
Posted on 09-14-2021 12:06 PM
@jlombardo, have you tired AutoBrew ?
Posted on 09-17-2021 08:23 AM
Sorry putting out backup and emergency patch fires, I will look into this and follow up.
Posted on 10-12-2021 02:44 PM
The first thing we would need to know to fix this is what does the log say? What appears in the Jamf policy log? What is in `/private/var/log/Homebrew.log`?
Posted on 10-27-2021 01:27 PM
It has been crazy lately but I hope to test this out soon.
Posted on 03-31-2022 09:30 AM
Old thread but found another thread with a working script to install Homebrew. Look for Franton's post: https://community.jamf.com/t5/jamf-pro/deploy-homebrew/td-p/202523
Posted on 03-31-2022 02:07 PM
Posted on 04-05-2022 10:26 AM
Yeah what @honestpuck said. I try not to deprive devs of admin rights anymore.
Posted on 04-26-2022 11:30 AM
@honestpuck Checking out your github right now. Some very interesting things - I like the EA and will definitely try that. I'm going to give your installer a try as well with a standard user.
Do you happen to have an uninstall script for removing Homebrew? When I setup install workflows I try to create uninstall workflows at the same time. Homebrew is a beast and isn't as easy to remove as an application like Chrome.
Posted on 04-26-2022 09:12 PM
No, I don't have an uninstall. It would be a complex task to do it and it doesn't take too much space so I just leave it.
Posted on 04-27-2022 09:46 AM
@honestpuck I tried your install script out on a VM that I have. I ran it from Self Service with a user with Admin Rights (still need to try a standard user yet). I got a couple popups.
When I clicked Install I got this:
When I checked the logs I saw this:
Any ideas on what I did wrong?
Posted on 04-27-2022 10:22 PM
Yes, before we can install Homebrew we need git. The best way at this stage to get git is to install Apple's Xcode CLI tools. That's what the normal Home-brew installer does when you just run it, it checks and if necessary downloads the tools.
You had a network problem during the download of the tools and everything failed from then.
Posted on 04-27-2022 10:27 PM
Are you running anything in the VM or on the host Mac that might stuff up the network? It's pretty easy to do with a VM - look at it wrong and the network fails to do something.
I would first snapshot, then do a "proper" install using Homebrew's ordinary method (since you have admin rights) and see if that works. If that works then roll back and try my script from an admin, if that works roll back again and try it without admin rights.
Posted on 04-28-2022 11:44 AM
@honestpuck I reached out to my Security team to rule out something was being blocked on our Firewall. I reran it again on the VM and found that this time it was actually attempting to download/install the tools even though the script finished before the install did - see below. NOTE: This was over a VPN connection.
I reran the policy, this time on a test Mac connected via VPN and with a standard user with no Admin rights - everything installed correctly without any issues or prompts. The weird thing was on my VM it appears that Homebrew was attempting to upgrade where on my test Mac it didn't have to upgrade. The log file said it was already up to date. Not sure the reason for the differences but I won't be deploying to VMs so I'll take it as a win! Going to test on a couple other physical test Macs to confirm it works. Thank you!