Packaging Software

jared_f
Valued Contributor

All of our software requires administrator privileges to install (which is fine). I need one package to live on a server share and allow any user to install it from this share. In Composer I can change the package so it does not need root authorization. Will this impact how the software is installed (this is for chrome).

Thanks!

5 REPLIES 5

mm2270
Legendary Contributor III

Yes it will impact it, because if anything within the installer needs to add files into normally admin protected locations, or make any admin/root level changes, the package will fail. The point of installing packages with root or admin, is that it allows the installation to do what it needs to and add files/folders and other payload data into the places they need to go.

Just curious, but why not use Self Service for this? Is there a reason it must live on a share for users to access manually? If it's something you can put in Self Service, the app takes care of self elevating it's own privileges to install items that require root. That is one of the exact purposes of Self Service in fact.

jared_f
Valued Contributor

@mm2270 Currently nor running Jamf Pro (Jamf Now currently).

mm2270
Legendary Contributor III

Ah, well, ok then. So no Self Service. Hmm. That makes things complicated. I'm guessing from your question that users are not local admins.
Do you have any other tools to deploy software, like Apple Remote Desktop?

Look
Valued Contributor III

I wonder if instead of having the package install the software you could have the package do something so the machine fell into scope for the software (write a to file somewhere that populates an EA) and it would be installed next time the mchine inventoried and check in. Obviously some delay to this approach.

pkerobinson
New Contributor II

Before I had JAMF I had success deploying packages in a dmg along with an applescript (saved as a run-only app) along these lines:

do shell script "installer -pkg /Volumes/SomeInstaller/SomePackage.pkg -target /Volumes/Macintosh HD" user name "admin" password "PaSsWoRD" with administrator privileges

Saved that way there's no way for a student to reverse engineer it to get the admin password out. This assumes the HD is still named Macintosh HD.