Help

Packaging iTunes 12.3.1

Go to solution
rmhughes
New Contributor

Posted on ‎10-25-2015 03:50 PM

Hi Guys,

New CCT here, forgive my noobiness.

Just trying to package iTunes 12.3.1

On blank 10.11 OS.

Tried dragging the package from the iTunes12.3.1.dmg into Composer and building a package. The installer worked but then was hit with an error on test machines (screen shot attached). Test machines were both 10.10 and 10.11.

Then under normal snap shot. I captured the installation and my only edit to the files was deleting users. The result was very similar, I'll get a screen shot after I re-image and test.

Can anyone tell me how they've done it?

Thanks a lot!

EDIT - Attached error of normal snapshot.6282b5d52f2548b68b1e5ce3d5d0a68b

"This copy ofdb886511662e46ccab46c4d6e7ef574d

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Aziz
Valued Contributor

Posted on ‎10-25-2015 05:55 PM

@rmhughes

On OS X 10.11 iTunes.app is SIP protected. That means you cannot write to it, only Apple can.

Take the "Install iTunes.pkg" and don't use Composer.

https://support.apple.com/en-us/HT204899

https://derflounder.wordpress.com/2015/10/01/system-integrity-protection-adding-another-layer-to-apples-security-model/

View solution in original post

0 Kudos
12 REPLIES 12

Go to solution
chriscollins
Valued Contributor

Posted on ‎10-25-2015 05:14 PM

@rmhughes Why are you trying to repackage iTunes? The installer package from the website is a perfectly fine install package. Just drag it into Casper admin and use it.

I know in the CCT classes you may here different opinions on when you should repackage things or not (DMG files with dragging the app into Applications is a perfect example of when you would repackage). But, if the installer works fine on its own, you really shouldn't repackage it as you are gaining nothing.

0 Kudos

Go to solution
Aziz
Valued Contributor

Posted on ‎10-25-2015 05:32 PM

iTunes.app has System Integrity Protected (SIP) enabled. It simply won't work without SIP disabled.

Download iTunes from here and deploy the .pkg https://www.apple.com/itunes/download

0 Kudos

Go to solution
rmhughes
New Contributor

Posted on ‎10-25-2015 05:46 PM

We generally re-package because we prevent students from having write access from the package contents of an App.

Workflow
Drag install Install iTunes.pkg to Composer
Convert to Source
Create package Run package - Hit with “Installation failed” error

Or are you suggesting, just use the “Install iTunes.pkg” as the file and not use composer at all?

Thanks a lot

0 Kudos

Go to solution
Aziz
Valued Contributor

Posted on ‎10-25-2015 05:55 PM

@rmhughes

On OS X 10.11 iTunes.app is SIP protected. That means you cannot write to it, only Apple can.

Take the "Install iTunes.pkg" and don't use Composer.

https://support.apple.com/en-us/HT204899

https://derflounder.wordpress.com/2015/10/01/system-integrity-protection-adding-another-layer-to-apples-security-model/

0 Kudos

Go to solution
calumhunter
Valued Contributor

Posted on ‎10-25-2015 06:03 PM

Yes, there is no need to repackage. Use Install iTunes.pkg

What do you mean when you say "prevent students from having write access from the package contents of an App."

In general, try to avoid repackaging at all costs. Use vendor provided packages.

0 Kudos

Go to solution
mpermann
Valued Contributor II

Posted on ‎10-25-2015 06:09 PM

@rmhughes the workflow for iTunes would be to simply drag the Install iTunes.pkg file into the Casper Admin window to upload the package and deploy the package as it is. You should not repackage the iTunes application using Composer. If you have a .pkg file, you're better off trying to use it simply as it is rather than repackage it. Test it and if it doesn't work then maybe you might have to repackage it. Try it with iTunes and see how it works for you.

0 Kudos

Go to solution
calumhunter
Valued Contributor

Posted on ‎10-25-2015 07:34 PM

In general, try to avoid repackaging at all costs. Use vendor provided packages.

0 Kudos

Go to solution
rmhughes
New Contributor

Posted on ‎10-25-2015 08:04 PM

Hi Guys,

Thank you for the responses. It's cleared it all up for me. We generally re-packing so we can restrict write access, but as you guys say, it's fine in this case.

Cheers
R

0 Kudos

Go to solution
calumhunter
Valued Contributor

Posted on ‎10-25-2015 08:23 PM

Still not sure what you mean by restrict write access though....

0 Kudos

Go to solution
rmhughes
New Contributor

Posted on ‎10-25-2015 08:27 PM

Just preventing clients from having write access anywhere in ~/Applications :)

0 Kudos

Go to solution
SQR
New Contributor

Posted on ‎10-25-2015 10:10 PM

Preventing clients having write access in Applications? I simply don't get it. One thing I've learned from casper training and i have been managing apple devices for a long long time before integrating Casper, the process of overthinking things and making things more complex then they need to be, is easy to get caught up on when managing systems.

So you have to find a point where, this is the big picture and end goal. does this whole "prevent clients from having write access anywhere in Applications" fit in to how your managing your devices overall. whats the big picture management structure.

0 Kudos

Go to solution
donmontalvo
Esteemed Contributor III

Posted on ‎10-25-2015 11:54 PM

@rmhughes wrote:

Just preventing clients from having write access anywhere in ~/Applications :)

M'yea, not sure why you would ever want to micromanage your users' home directories, did you mean /Applications? A lot depends on the minimum/baseline security requirements laid out by the business.

Don

--
https://donmontalvo.com
0 Kudos