Mozilla Firefox ESR update script

deej
New Contributor III

Another thing I worked on today as a little personal project.
Again, stolen adapted from Joe Farage's Firefox update script, this does the same thing but for the ESR (Extended Support Release) edition, as we're more of an ESR shop.
Unfortunately, ESR is not handled by Patch Reporting, so requires manually managing version conditions (Smart Group) when updating existing installs.

#!/bin/sh
#####################################################################################################
#
# ABOUT THIS PROGRAM
#
# NAME
#   FirefoxESRInstall.sh -- Installs or updates Firefox ESR
#
# SYNOPSIS
#   sudo FirefoxESRInstall.sh
#
####################################################################################################
#
# HISTORY
#
#   Version: 1.1
#
#   - v.1.0 Joe Farage, 18.03.2015
#   - v.1.1 Deej, 10.11.2017: forked for Mozilla Firefox ESR
#
####################################################################################################
# Script to download and install Firefox ESR.
# Only works on Intel systems.
#
# choose language (en-US, fr, de)
lang=""
# CHECK TO SEE IF A VALUE WAS PASSED IN PARAMETER 1 AND, IF SO, ASSIGN TO "lang"
if [ "$4" != "" ] && [ "$lang" == "" ]; then
    lang=$4
else 
    lang="en-US"
fi

dmgfile="FF.dmg"
logfile="/Library/Logs/FirefoxESRInstallScript.log"

# Are we running on Intel?
if [ '`/usr/bin/uname -p`'="i386" -o '`/usr/bin/uname -p`'="x86_64" ]; then
    ## Get OS version and adjust for use with the URL string
    OSvers_URL=$( sw_vers -productVersion | sed 's/[.]/_/g' )

    ## Set the User Agent string for use with curl
    userAgent="Mozilla/5.0 (Macintosh; Intel Mac OS X ${OSvers_URL}) AppleWebKit/535.6.2 (KHTML, like Gecko) Version/5.2 Safari/535.6.2"

    # Get the latest version of Firefox ESR available from Firefox page.
    latestver=`/usr/bin/curl -s -A "$userAgent" https://www.mozilla.org/${lang}/firefox/new/ | grep 'data-esr-versions' | sed -e 's/.* data-esr-versions="(.*)".*/1/' -e 's/"//' | /usr/bin/awk '{print $1}'`
    echo "Latest Version is: $latestver"

    # Get the version number of the currently-installed FF, if any.
    if [ -e "/Applications/Firefox.app" ]; then
        currentinstalledver=`/usr/bin/defaults read /Applications/Firefox.app/Contents/Info CFBundleShortVersionString`
        echo "Current installed version is: $currentinstalledver"
        if [ ${latestver} = ${currentinstalledver} ]; then
            echo "Firefox ESR is current. Exiting"
            exit 0
        fi
    else
        currentinstalledver="none"
        echo "Firefox ESR is not installed"
    fi

    url="https://download-installer.cdn.mozilla.net/pub/firefox/releases/${latestver}esr/mac/${lang}/Firefox%20${latestver}esr.dmg"

    echo "Latest version of the URL is: $url"
    echo "`date`: Download URL: $url" >> ${logfile}

    # Compare the two versions, if they are different or Firefox is not present then download and install the new version.
    if [ "${currentinstalledver}" != "${latestver}" ]; then
        /bin/echo "`date`: Current Firefox ESR version: ${currentinstalledver}" >> ${logfile}
        /bin/echo "`date`: Available Firefox ESR version: ${latestver}" >> ${logfile}
        /bin/echo "`date`: Downloading newer version." >> ${logfile}
        /usr/bin/curl -s -o /tmp/${dmgfile} ${url}
        /bin/echo "`date`: Mounting installer disk image." >> ${logfile}
        /usr/bin/hdiutil attach /tmp/${dmgfile} -nobrowse -quiet
        /bin/echo "`date`: Installing..." >> ${logfile}
        ditto -rsrc "/Volumes/Firefox/Firefox.app" "/Applications/Firefox.app"

        /bin/sleep 10
        /bin/echo "`date`: Unmounting installer disk image." >> ${logfile}
        /usr/bin/hdiutil detach $(/bin/df | /usr/bin/grep Firefox | awk '{print $1}') -quiet
        /bin/sleep 10
        /bin/echo "`date`: Deleting disk image." >> ${logfile}
        /bin/rm /tmp/${dmgfile}

        #double check to see if the new version got updated
        newlyinstalledver=`/usr/bin/defaults read /Applications/Firefox.app/Contents/Info CFBundleShortVersionString`
        if [ "${latestver}" = "${newlyinstalledver}" ]; then
            /bin/echo "`date`: SUCCESS: Firefox ESR has been updated to version ${newlyinstalledver}" >> ${logfile}
       # /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType hud -title "Firefox Installed" -description "Firefox has been updated." &
        else
            /bin/echo "`date`: ERROR: Firefox ESR update unsuccessful, version remains at ${currentinstalledver}." >> ${logfile}
            /bin/echo "--" >> ${logfile}
            exit 1
        fi

    # If Firefox is up to date already, just log it and exit.       
    else
        /bin/echo "`date`: Firefox ESR is already up to date, running ${currentinstalledver}." >> ${logfile}
        /bin/echo "--" >> ${logfile}
    fi  
else
    /bin/echo "`date`: ERROR: This script is for Intel Macs only." >> ${logfile}
fi

exit 0
9 REPLIES 9

gskibum
Contributor III

Is it possible to work in a way of blocking update notifications, such as what I am doing now with CCK2?

I suppose the CCK2 payload could be applied after the above policy-script is run.

JasonAtCSUMB
Contributor

donmontalvo
Esteemed Contributor III

Nice, that URL was broken for some time.

--
https://donmontalvo.com

brain_epsilon
New Contributor II

When running this script, I'm getting the following error...

ditto: can't get real path for source '/Volumes/Firefox/Firefox.app' Error running script: return code was 1.

I've updated the URL that @jfilice_at_csumb pointed out... What am I missing?

brunerd
Contributor

@brain.epsilon Well that is the path, perhaps it's failing somewhere else?
Put this at the top of the script to enable xtrace logging

set -x

Maybe you'll find out where things go south.
While you're at it maybe get rid of the Intel if/else check
I mean... the original script was from 2015 but even then who the heck was using PPC?!

brain_epsilon
New Contributor II

@brunerd, did the "set -x" at the top of the script. Didn't change anything...

It seems to be failing at the Ditto command. Also, it's giving me one version of ESR, vs the 2 that are listed in the meta data.

If I take the curl command and run it separately, this is what I get.

macbookpro:~ boanes$ /usr/bin/curl -s -A "$userAgent" https://www.mozilla.org/en-US/firefox/new/ | grep 'data-esr-versions' | sed -e 's/. data-esr-versions="(.)".*/1/' -e 's/"//' 60.9.0 68.1.0 data-gtm-container-id="GTM-MW3R8V" data-stub-attribution-rate="1.0

Notice how "60.9.0 68.1.0" is listed there?

The script removes everything and leaves the 60.9.0 in place.

It may be good to know that I am running 10.14.6 supplemental update 2

brain_epsilon
New Contributor II

Bump?

mbatchelder
New Contributor II

I went through the code and made adjustments to the URLs that were broken. I tested this in our production environment today and was able to successfully install from scratch and upgrade from previous versions in JAMF.

#!/bin/sh
#####################################################################################################
#
# ABOUT THIS PROGRAM
#
# NAME
#   FirefoxInstall.sh -- Installs or updates Firefox
#
# SYNOPSIS
#   sudo FirefoxInstall.sh
#
####################################################################################################
#
# HISTORY
#
#   Version: 1.2
#
#
#   - v.1.0 Joe Farage, 18.03.2015
#   - v.1.1 Deej, 10.11.2017: forked for Mozilla Firefox ESR
#   - v.1.2 mbatchelder, 28.01.2020: Fixed URLs
#
####################################################################################################
# Script to download and install Firefox.
# Only works on Intel systems.
#
# choose language (en-US, fr, de)
lang="en-US"
# CHECK TO SEE IF A VALUE WAS PASSED IN PARAMETER 1 AND, IF SO, ASSIGN TO "lang"
if [ "$4" != "" ] && [ "$lang" == "" ]; then
    lang=$4
else 
    lang="en-US"
fi

dmgfile="FF.dmg"
logfile="/Library/Logs/FirefoxInstallScript.log"

# Are we running on Intel?
if [ '`/usr/bin/uname -p`'="i386" -o '`/usr/bin/uname -p`'="x86_64" ]; then
    ## Get OS version and adjust for use with the URL string
    OSvers_URL=$( sw_vers -productVersion | sed 's/[.]/_/g' )

    ## Set the User Agent string for use with curl
    userAgent="Mozilla/5.0 (Macintosh; Intel Mac OS X ${OSvers_URL}) AppleWebKit/535.6.2 (KHTML, like Gecko) Version/5.2 Safari/535.6.2"

    # Get the latest version of Reader available from Firefox page.
    latestver=`/usr/bin/curl -s -A "$userAgent" https://www.mozilla.org/${lang}/firefox/enterprise/ | grep 'data-esr-versions' | sed -e 's/.* data-esr-versions="(.*)".*/1/' -e 's/"//' | /usr/bin/awk '{print $1}'`
    echo "Latest Version is: $latestver"

    # Get the version number of the currently-installed FF, if any.
    if [ -e "/Applications/Firefox.app" ]; then
        currentinstalledver=`/usr/bin/defaults read /Applications/Firefox.app/Contents/Info CFBundleShortVersionString`
        echo "Current installed version is: $currentinstalledver"
        if [ ${latestver} = ${currentinstalledver} ]; then
            echo "Firefox is current. Exiting"
            exit 0
        fi
    else
        currentinstalledver="none"
        echo "Firefox is not installed"
    fi

    url="https://download-installer.cdn.mozilla.net/pub/firefox/releases/${latestver}esr/mac/${lang}/Firefox%20${latestver}esr.dmg"

    echo "Latest version of the URL is: $url"
    echo "`date`: Download URL: $url" >> ${logfile}

    # Compare the two versions, if they are different or Firefox is not present then download and install the new version.
    if [ "${currentinstalledver}" != "${latestver}" ]; then
        /bin/echo "`date`: Current Firefox version: ${currentinstalledver}" >> ${logfile}
        /bin/echo "`date`: Available Firefox version: ${latestver}" >> ${logfile}
        /bin/echo "`date`: Downloading newer version." >> ${logfile}
        /usr/bin/curl -s -o /tmp/${dmgfile} ${url}
        /bin/echo "`date`: Mounting installer disk image." >> ${logfile}
        /usr/bin/hdiutil attach /tmp/${dmgfile} -nobrowse -quiet
        /bin/echo "`date`: Installing..." >> ${logfile}
        ditto -rsrc "/Volumes/Firefox/Firefox.app" "/Applications/Firefox.app"

        /bin/sleep 10
        /bin/echo "`date`: Unmounting installer disk image." >> ${logfile}
        /usr/bin/hdiutil detach $(/bin/df | /usr/bin/grep Firefox | awk '{print $1}') -quiet
        /bin/sleep 10
        /bin/echo "`date`: Deleting disk image." >> ${logfile}
        /bin/rm /tmp/${dmgfile}

        #double check to see if the new version got updated
        newlyinstalledver=`/usr/bin/defaults read /Applications/Firefox.app/Contents/Info CFBundleShortVersionString`
        if [ "${latestver}" = "${newlyinstalledver}" ]; then
            /bin/echo "`date`: SUCCESS: Firefox has been updated to version ${newlyinstalledver}" >> ${logfile}
       # /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType hud -title "Firefox Installed" -description "Firefox has been updated." &
        else
            /bin/echo "`date`: ERROR: Firefox update unsuccessful, version remains at ${currentinstalledver}." >> ${logfile}
            /bin/echo "--" >> ${logfile}
            exit 1
        fi

    # If Firefox is up to date already, just log it and exit.       
    else
        /bin/echo "`date`: Firefox is already up to date, running ${currentinstalledver}." >> ${logfile}
        /bin/echo "--" >> ${logfile}
    fi  
else
    /bin/echo "`date`: ERROR: This script is for Intel Macs only." >> ${logfile}
fi

exit 0

mohamed_safras
New Contributor

Hi Guys, 

I have modified this as  working script

#!/bin/sh
#####################################################################################################
#
# ABOUT THIS PROGRAM
#
# NAME
# FirefoxInstall.sh -- Installs or updates Firefox
#
# SYNOPSIS
# sudo FirefoxInstall.sh
#
####################################################################################################
#
# HISTORY
#
# Version: 1.3
#
#
# - v.1.0 Joe Farage, 18.03.2015
# - v.1.1 Deej, 10.11.2017: forked for Mozilla Firefox ESR
# - v.1.2 mbatchelder, 28.01.2020: Fixed URLs
# - v.1.3 Mohamed Safras, 27.01.2022 Fixed URL and Line 55 and Line 74 updated
####################################################################################################
# Script to download and install Firefox.
# Only works on Intel systems.
#
# choose language (en-US, fr, de)
lang="en-US"
# CHECK TO SEE IF A VALUE WAS PASSED IN PARAMETER 1 AND, IF SO, ASSIGN TO "lang"
if [ "$4" != "" ] && [ "$lang" == "" ]; then
lang=$4
else
lang="en-US"
fi

dmgfile="FF.dmg"
logfile="/Library/Logs/FirefoxInstallScript.log"

# Are we running on Intel?
if [ '`/usr/bin/uname -p`'="i386" -o '`/usr/bin/uname -p`'="x86_64" ]; then
## Get OS version and adjust for use with the URL string
OSvers_URL=$( sw_vers -productVersion | sed 's/[.]/_/g' )

## Set the User Agent string for use with curl
userAgent="Mozilla/5.0 (Macintosh; Intel Mac OS X ${OSvers_URL}) AppleWebKit/535.6.2 (KHTML, like Gecko) Version/5.2 Safari/535.6.2"

# Get the latest version of Reader available from Firefox page.
latestver=`/usr/bin/curl -s -A "$userAgent" https://www.mozilla.org/${lang}/firefox/enterprise/ | grep 'data-esr-versions' | sed -e 's/.* data-esr-versions="(.*)".*/1/' -e 's/"//' | /usr/bin/awk '{print $1}'`
echo "Latest Version is: $latestver"

# Get the version number of the currently-installed FF, if any.
if [ -e "/Applications/Firefox.app" ]; then
currentinstalledver=`/usr/bin/defaults read /Applications/Firefox.app/Contents/Info CFBundleShortVersionString`
echo "Current installed version is: $currentinstalledver"
if [ "${latestver}" = "${currentinstalledver}" ]; then
echo "Firefox is current. Exiting"
exit 0
fi
else
currentinstalledver="none"
echo "Firefox is not installed"
fi

url="https://download.mozilla.org/?product=firefox-latest-ssl&os=osx&lang=en-US"

echo "Latest version of the URL is: $url"
echo "`date`: Download URL: $url" >> ${logfile}

# Compare the two versions, if they are different or Firefox is not present then download and install the new version.
if [ "${currentinstalledver}" != "${latestver}" ]; then
/bin/echo "`date`: Current Firefox version: ${currentinstalledver}" >> ${logfile}
/bin/echo "`date`: Available Firefox version: ${latestver}" >> ${logfile}
/bin/echo "`date`: Downloading newer version." >> ${logfile}
/usr/bin/curl -L -s -o /tmp/${dmgfile} ${url}
/bin/echo "`date`: Mounting installer disk image." >> ${logfile}
/usr/bin/hdiutil attach /tmp/${dmgfile} -nobrowse -quiet
/bin/echo "`date`: Installing..." >> ${logfile}
ditto -rsrc "/Volumes/Firefox/Firefox.app" "/Applications/Firefox.app"

/bin/sleep 10
/bin/echo "`date`: Unmounting installer disk image." >> ${logfile}
/usr/bin/hdiutil detach $(/bin/df | /usr/bin/grep Firefox | awk '{print $1}') -quiet
/bin/sleep 10
/bin/echo "`date`: Deleting disk image." >> ${logfile}
/bin/rm /tmp/${dmgfile}

#double check to see if the new version got updated
newlyinstalledver=`/usr/bin/defaults read /Applications/Firefox.app/Contents/Info CFBundleShortVersionString`
if [ "${latestver}" = "${newlyinstalledver}" ]; then
/bin/echo "`date`: SUCCESS: Firefox has been updated to version ${newlyinstalledver}" >> ${logfile}
# /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType hud -title "Firefox Installed" -description "Firefox has been updated." &
else
/bin/echo "`date`: ERROR: Firefox update unsuccessful, version remains at ${currentinstalledver}." >> ${logfile}
/bin/echo "--" >> ${logfile}
exit 1
fi

# If Firefox is up to date already, just log it and exit.
else
/bin/echo "`date`: Firefox is already up to date, running ${currentinstalledver}." >> ${logfile}
/bin/echo "--" >> ${logfile}
fi
else
/bin/echo "`date`: ERROR: This script is for Intel Macs only." >> ${logfile}
fi

exit 0