Installing Brew and then (hopefully) GCC using Brew

Randydid
Contributor II

Hello JN,

I just got an 11th hour request for TeXshop, GCC, and Brew to be installed in one of our labs (classes start today). I was able to package TeXShop just fine using Composer. As for Brew/GCC, I thought it would be as simple as creating a shell script and pushing via policy. I get the following error when I am testing. Note: GCC is what is really needed and Brew seemed to be the easiest way.

The Script:

#!/bin/sh
#Installing Brew
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Sleep 60
#Installing GCC using Brew
brew install gcc
Exit 0

The error in JSS:

[STEP 1 of 5]
Executing Policy DSH Dev Tools
[STEP 2 of 5]
Mounting MY JSS SERVER to /Volumes/Images...
Installing TeXShop.dmg...
Filling user home directories from /Volumes/DSH Developer Suite/Users/asite...
Filling user templates from /Volumes/DSH Developer Suite/Users/asite...
Closing package...
[STEP 3 of 5]
Running script HSD Dev. Suite...
Script exit code: 127
Script result: Don't run this as root!
/Library/Application Support/JAMF/tmp/HSD Dev. Suite: line 7: brew: command not found
/Library/Application Support/JAMF/tmp/HSD Dev. Suite: line 8: Exit: command not found
Error running script: return code was 127.
[STEP 4 of 5]
[STEP 5 of 5]
Unmounting file server...

It sounds to me like Brew wants LESS privs to complete. On my test machine with a user in the Admin Group, it installs just fine-what am I missing?

/randy

18 REPLIES 18

joshua
New Contributor

Try running two different scripts:

Install (script author:@jesseshipley)

#!/bin/sh
#Getting Username
user=`ls -la /dev/console | cut -d " " -f 4`

#Modifying permissions and creating directories
chmod g+rwx /usr/local
chgrp admin /usr/local
mkdir /Library/Caches/Homebrew
chmod g+rwx /Library/Caches/Homebrew
chown -R $user /Library/Caches
chmod g+rwx /usr/local/bin
chgrp admin /usr/local/bin

#Downlading and installing Homebrew
cd /usr/local
git init -q
git config remote.origin.url https://github.com/Homebrew/homebrew
git fetch origin master:refs/remotes/origin/master -n
git reset --hard origin/master
chown -R $user $(ls | grep -v bin)
chown $user /usr/local/bin/brew
chgrp admin /usr/local/bin/brew

#Creating .bash_profile with new path but checking there isn't one already
if [ ! -f /Users/$user/.bash_profile ]; then
    sudo -u $user echo "PATH=/usr/local/bin:$PATH" >> /Users/$user/.bash_profile
fi

Then the other to install gcc. You can add multiple scripts to run as one policy in Self Service.

jwojda
Valued Contributor II

thanks for this, but when I try to run it, self service just crashes and says it needs to reload :( can't find any info in the logs as to why.

Sachin_Parmar
Contributor

@jwojda - Try running the script manually and see if that gives you any indication as to what might be causing it, i'm running the exact same script just fine.

and in follow up to the GCC, brew commands must be run in context of the user so use:

#!/bin/sh
loggedInUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");'`

echo $loggedInUser

sudo -u $loggedInUser /usr/local/bin/brew install gcc

jwojda
Valued Contributor II

when I run it as a user it says they don't have Admin rights, which is why I wanted to install through self service, but brew requires admin to the local user to install.

I think I can grant admin to the user at the start of the script then remove it at the end? seems more complicated than it should be.

jwojda
Valued Contributor II

This is the script I'm trying to run to install brew

#!/bin/sh
loggedInUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");'`

echo $loggedInUser
/usr/sbin/dseditgroup -o edit -n /Local/Default -a "$loggedInUser" -t user admin
echo "User $loggedInUser is now an admin"

sudo -u $loggedInUser /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
sleep 90
/usr/sbin/dseditgroup -o edit -d $loggedInUser -t user admin

this is the result of the script through Self Service...

[STEP 3 of 5] Running script Brew... Script exit code: 0 Script result: test2u User test2u is now an admin ==> This script will install: /usr/local/bin/brew /usr/local/share/doc/homebrew /usr/local/share/man/man1/brew.1 /usr/local/share/zsh/site-functions/_brew /usr/local/etc/bash_completion.d/brew /usr/local/Homebrew ==> The following existing directories will be made group writable: /usr/local/bin /usr/local/sbin ==> The following existing directories will have their owner set to test2u: /usr/local/bin /usr/local/sbin ==> The following existing directories will have their group set to admin: /usr/local/bin /usr/local/sbin ==> The following new directories will be created: /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/share /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var ==> /usr/bin/sudo /bin/chmod u+rwx /usr/local/bin /usr/local/sbin sudo: no tty present and no askpass program specified Failed during: /usr/bin/sudo /bin/chmod u+rwx /usr/local/bin /usr/local/sbin

troyewebster
New Contributor III

@jwojda did you get this resolved? I'm trying to tackle this and getting that same error

sudo: no tty present and no askpass program specified
Failed during: /usr/bin/sudo /bin/chmod u+rwx /usr/local/bin /usr/local/sbin

kevinwilemon
New Contributor III

@troyewebster The Homebrew installer has a "Press return to continue or any other key to abort" verification step in its installer. The "no tty present and no askpass program specified" message is essentially saying that the install timed out waiting for Return to be pressed.

We've spent a lot of time trying to install homebrew without interaction and unattended. Eventually we switched over to this script deployed via Self Service policy which I modified from @emily 's post in this thread and it's been the most consistent experience for us. It also doesn't require the user to be an admin (which is preferred for Homebrew installs) so if your techs aren't onboarding, this is safe to run as a pre-stage or self service for users.

We have other applications that install via brew during deployment so they would also run those commands in this script which is why Homebrew has a pause while Window 1 of Terminal is active so they don't overlap each other. I removed those from below as you'll do that via Self Service.

#!/bin/bash

# Running caffeinate command so system doesn't bork the Homebrew install
caffeinate -d -i -m -u &
caffeinatepid=$!
echo "Caffeinating the mac under process id: $caffeinatepid"

# Open non-admin safe Terminal window, install Homebrew and wait until process is complete before continuing
osascript -e 'tell application "Terminal" to quit'
osascript <<'EOF'
tell application "Terminal"
    activate
    do script ("/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"") in window 1
    repeat
            delay 0.5
            if not busy of window 1 then exit repeat
        end repeat
end tell
EOF

# Insert additional brew installs here

# Ending caffeinate command
kill "$caffeinatepid"

# Close Terminal window
osascript -e 'tell application "Terminal" to quit'

exit 0

mmackay
New Contributor

Hi team,

New to JAMF, trying to get BREW installed via policy. I have cut and paste the exact script from @kevinwilemon above. I initiate the policy by running:
sudo jamf policy

In the logs I am getting the following error.

Script result: Caffeinating the mac under process id: 2007
32:40: execution error: Terminal got an error: Connection is invalid. (-609)

/Library/Application Support/JAMF/tmp/Brew Install: line 27: 2007 Terminated: 15 caffeinate -d -i -m -u

What's also interesting is on the Mac I am testing on I also get a popup "Do you want to terminate running processes in this window"

cstout
Contributor III
Contributor III

Hey @mmackay, I just threw that script as-is into a policy and let it run and it failed for me as well.

Script result: Caffeinating the mac under process id: 4877
32:40: execution error: An error of type -10810 has occurred. (-10810)
/Library/Application Support/JAMF/tmp/mackay: line 25:  4877 Terminated: 15          caffeinate -d -i -m -u

Also, when I run the script manually it doesn't advance passed the Brew Install prompt which states "Press RETURN to continue or any other key to abort" and it never advances. Have you tried @emily's self service script which this one was based off of to see if that works still?

kevinwilemon
New Contributor III

Hi, @mmackay -

The script I posted is written to be run via Self Service so it assumes there isn't a process running in Window 1 in Terminal. The popup you're getting is asking if it's safe to quit the "sudo jamf policy" process you kicked off.

I haven't updated my workflow, but this could probably be resolved by adding an "if...else" check for if Window 1 is active in the AppleScript to avoid overlapping processes in Terminal. That may be enough to get you to where you're going but if I get a chance to test, I'll update my script.

As for your "Connection is invalid", is your system on 10.14.x? If so, this may be related to PPPC if your JamfAgent is requesting to access Terminal. (https://www.jamf.com/jamf-nation/discussions/31204/pppc-issue-jamf-agent)

mmackay
New Contributor

Hey @cstout hows it going. Tried @emilies script initially and had no luck. I ended up here because it was one of the newest posts.

@kevinwilemon - let me tweak things and I'll try the if..else suggestion. And the Mac's are at 10.14.2 currently so let me read that post you referenced as well.

Lotusshaney
Contributor II

He is my bash script for deploying brew via Self Service

#!/bin/bash

#Brew deploy
#Tested on Homebrew 1.0.8

#v1.0 Daniel Shane 28/10/2016 - First Version
#v1.1 16/11/2016 - Typeo and fixed missing group folders
#v1.2 12/01/2017 - Opt out of brew analytics, thanks Geo for finding this

# Check to make sure we are root
if [ `id -u` != "0" ]
then
   echo "`basename "$0"` MUST run as root..."
   exit 1
fi

#Get macOS version
macosv=`sw_vers -productVersion | cut -d . -f 1,2`

#Get Current console user
useris=`ls -l /dev/console | awk '{print $3}'`

#Set varaiables
HOMEBREW_PREFIX="/usr/local"
HOMEBREW_REPOSITORY="/usr/local/Homebrew"
HOMEBREW_CACHE="/Users/$useris/Library/Caches/Homebrew"
BREW_REPO="https://github.com/Homebrew/brew"
CORE_TAP_REPO="https://github.com/Homebrew/homebrew-core"

#Download and install xcode cli tools if needed
if [ ! -d /Library/Developer ] ; then
    echo "Xcode CLI tools needed, Downloading from SUS"
    touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
    PROD=$(softwareupdate -l |
      grep "*.*Command Line" |
      grep "$macosv" |
      head -n 1 | awk -F"*" '{print $2}' |
      sed -e 's/^ *//' |
      tr -d '
')
    softwareupdate -i "$PROD"
    rm -rf /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
fi
if [ ! -d /Library/Developer ] ; then
    echo "Command Line Tools not installed"
    exit 1
fi

#Make Brew Folders
/bin/mkdir -p /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/man /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var

#Set Permissions
/bin/chmod g+rwx /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/man /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var
/bin/chmod 755 /usr/local/share/zsh /usr/local/share/zsh/site-functions

#Set owner on folders
/usr/sbin/chown $useris /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/man /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var
/usr/bin/chgrp admin /usr/local/Cellar /usr/local/Homebrew /usr/local/Frameworks /usr/local/bin /usr/local/etc /usr/local/include /usr/local/lib /usr/local/opt /usr/local/sbin /usr/local/share /usr/local/share/man /usr/local/share/zsh /usr/local/share/zsh/site-functions /usr/local/var
/bin/mkdir -p /Users/$useris/Library/Caches/Homebrew
/bin/chmod g+rwx /Users/$useris/Library/Caches/Homebrew
/usr/sbin/chown $useris /Users/$useris/Library/Caches/Homebrew

#Group Folder Permissions
/usr/sbin/chown $useris /usr/local/bin /usr/local/etc /usr/local/Frameworks /usr/local/include /usr/local/lib /usr/local/sbin /usr/local/share /usr/local/var /usr/local/etc/bash_completion.d /usr/local/lib/pkgconfig /usr/local/var/log /usr/local/share/aclocal /usr/local/share/doc /usr/local/share/info /usr/local/share/locale /usr/local/share/man /usr/local/share/man/man1 /usr/local/share/man/man2 /usr/local/share/man/man3 /usr/local/share/man/man4 /usr/local/share/man/man5 /usr/local/share/man/man6 /usr/local/share/man/man7 /usr/local/share/man/man8 &> /dev/null
/usr/bin/chgrp admin /usr/local/bin /usr/local/etc /usr/local/Frameworks /usr/local/include /usr/local/lib /usr/local/sbin /usr/local/share /usr/local/var /usr/local/etc/bash_completion.d /usr/local/lib/pkgconfig /usr/local/var/log /usr/local/share/aclocal /usr/local/share/doc /usr/local/share/info /usr/local/share/locale /usr/local/share/man /usr/local/share/man/man1 /usr/local/share/man/man2 /usr/local/share/man/man3 /usr/local/share/man/man4 /usr/local/share/man/man5 /usr/local/share/man/man6 /usr/local/share/man/man7 /usr/local/share/man/man8 &> /dev/null

#Download and install Homebrew
# we do it in four steps to avoid merge errors when reinstalling
# We also do it as the consol user to make sure perms are correct for the repo
cd $HOMEBREW_REPOSITORY
sudo -u "$useris" /usr/bin/git init -q
# "git remote add" will fail if the remote is defined in the global config
sudo -u "$useris" /usr/bin/git config remote.origin.url $BREW_REPO
sudo -u "$useris" /usr/bin/git config remote.origin.fetch +refs/heads/*:refs/remotes/origin/*
# ensure we don't munge line endings on checkout
sudo -u "$useris" /usr/bin/git config core.autocrlf false
sudo -u "$useris" /usr/bin/git fetch origin master:refs/remotes/origin/master --tags --force --depth=1
sudo -u "$useris" /usr/bin/git reset --hard origin/master
sudo -u "$useris" /bin/ln -sf $HOMEBREW_REPOSITORY/bin/brew $HOMEBREW_PREFIX/bin/brew

#Update brew as user
sudo -u "$useris" $HOMEBREW_PREFIX/bin/brew update --force

#Opt out of brew analytics
sudo -u "$useris" $HOMEBREW_PREFIX/bin/brew analytics off

exit 0

Hope this helps

Dan

cstout
Contributor III
Contributor III

@kevinwilemon I just used your script on 10.13 from Self Service and it allows the install of Homebrew but does not allow the install of any additional installs since homebrew disabled running installs as root. It looks like the script @Lotusshaney posted may do the trick by running all the brew commands as the logged in user. I'll give that a shot next.

Brew output from the SS script:

Script result: Caffeinating the mac under process id: 53876
Error: Running Homebrew as root is extremely dangerous and no longer supported.
As Homebrew does not drop privileges on installation you would be giving all
build scripts full access to your system.
/Library/Application Support/JAMF/tmp/brew-test: line 28: 53876 Terminated: 15          caffeinate -d -i -m -u

cstout
Contributor III
Contributor III

@Lotusshaney 's script worked flawlessly and did not even show the Terminal window. Great work!

I added the excerpt below to the end of the script to accommodate additional installs and verified it works without any prompting or issue. YMMV, but this is a great script to start working with @mmackay.

#additional installs
sudo -u "$useris" $HOMEBREW_PREFIX/bin/brew install node

mmackay
New Contributor

Thanks @Lotusshaney with some tweaks that worked. Same @cstout.

Now onto Vagrant and virtualBox.

merlin
New Contributor III
The Homebrew installer has a "Press return to continue or any other key to abort" verification step in its installer. The "no tty present and no askpass program specified" message is essentially saying that the install timed out waiting for Return to be pressed.

Homebrew's installer only prompts if stdin is a TTY. Just redirect stdin to /dev/null, and the prompt won't happen in the first place.

# $3 is the predefined jamf parameter for username
echo | sudo -u $3 ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" > /dev/null

Nmangal
New Contributor III

@Lotusshaney, This script is working fine for Mojave but not working on Catalina 10.15.0. I downloaded Code Command line Tools for X Code 11 Beta from Apple Developer Page and installed. After that run this script in a policy from Self Service, Policy shows completed but while brew i get the error. Below is the Policy logs.

[Script result: From https://github.com/Homebrew/brew
 * [new branch]        master     -> origin/master
 * [new tag]           2.1.9      -> 2.1.9
HEAD is now at fe954c76 Merge pull request #6364 from MikeMcQuaid/redact-empty-secrets
==> Homebrew has enabled anonymous aggregate formulae and cask analytics.
Read the analytics documentation (and how to opt-out) here:
  https://docs.brew.sh/Analytics

==> Homebrew is run entirely by unpaid volunteers. Please consider donating:
  https://github.com/Homebrew/brew#donations
==> Tapping homebrew/core
Cloning into '/usr/local/Homebrew/Library/Taps/homebrew/homebrew-core'...
Tapped 2 commands and 4827 formulae (5,082 files, 12.5MB).
Error: Permission denied @ rb_sysopen - /private/tmp/github_api_headers20190813-17682-zvb8ju
Error: Failure while executing; `/usr/local/bin/brew tap homebrew/core` exited with 1.

Though i understand Catalina is in beta, but still if you got something to be changed for this script to work in Catalina, that would be really helpful.

Thanks in Advance.

bobbyjohn
New Contributor II

How too deal with password prompt while running brew as user? IE brew cask install chrome

Additionally, use this script to install brew on Catalina. https://github.com/Honestpuck/homebrew.sh/blob/master/homebrew-3.1.sh