macOS Patch Package Creation

KMerendaTFMC
New Contributor III

I want to use Jamf Patch Management to deploy macOS updates. I have the "Install macOS Catalina.app." Can anyone advise how I should use composer to create a .pkg of this file that is suitable for patch management? I've created a .pkg that cache's the installer to /Applications, but it doesn't actually launch the installer. I'm assuming that patch management needs a .pkg that actually kicks off the installer app, and I'm not sure how to do it. Any guidance would be greatly appreciated

6 REPLIES 6

sdagley
Esteemed Contributor II

@KMerendaTFMC You really don't want to try and push the full OS install as an update, or the updater for that matter as the only reliable way to get the the security and delta updates to apply these days is via System Preferences->Software Update. If you want to deploy the full OS installer for users to run via Self Service, macOSUpgrade is a popular option.

ega
Contributor III

@KMerendaTFMC have a look at https://www.jamf.com/blog/reinstall-a-clean-macos-with-one-button/
See the last code example to call the startosinstall script '/Applications/Install macOS Catalina.app/Contents/Resources/startosinstall' --agreetolicense --forcequitapps

hrhnick
New Contributor III

Patch management will only accept a package not a script. You will need to make a payload free .pkg with a postinstall.sh that calls the Installer .app with the "startosinstall" command. At its core, that's all you need.

There are several different scripts that will give you more control, like checking free space and if the device is plugged in, and some that will even download the installer for you. Check out: https://github.com/kc9wwh/macOSUpgrade

KMerendaTFMC
New Contributor III

@ega Thanks! I was familiar with that article and I have the clean install policies setup, but I was hoping to do it via patch management. I'm not sure how to get the .pkg to call the startosinstall

ega
Contributor III

@KMerendaTFMC Just use composer to create a postinstall script with that command. I attached an image of the simplest script.
32b574f2d29c46be81c3f37c0a304382

sdagley
Esteemed Contributor II

Keep in mind that startosinstall requires a logged in user