Help

So how do I stop installing any updates after 10.14.2?

gabrielmickartz
New Contributor

Posted on ‎01-02-2019 12:19 PM

I need to stop our computers from installing the next patch after 10.14.2, apparently some of our homebrew apps that our internal software dev has created will stop working with the next wave of updates to Mojave. Just wondering what the best practice for doing this would be.

In the past I've just put in a software restriction for a full version of MacOS like so: "Install macOS Mojave.app" That just halts upgrades from one OS version to the next but we already have a ton of machines running 10.14.2

Can I do roughly the same thing for the updates? Just put a software restriction in for "macOSUpd10.14.3.dmg"

I assume I'll also have to do a restriction for the combo update that will accompany 10.14.3.

Software restrictions like this should do the trick? I guess I'd also do blocks for 10.14.4 and 10.14.5: "macOSUpd10.14.3.dmg"
"macOSupd10.14.3Supplemental.dmg"
"macOSUpdCombo10.14.3.dmg"

Any help would be greatly appreciated, getting a bit lost in this.

-Gabe

0 Kudos
4 REPLIES 4

sdagley
Esteemed Contributor II

Posted on ‎01-02-2019 12:29 PM

@gabrielmickartz If you can't set up your own Software Update Server (see Reposado or NetSUS) to control what updates are available you could point your machines to a non-existent SUS. That is not a good long term solution but could work as something temporary until you know exactly what you need to block via a softwareupdate --ignore

0 Kudos

gabrielmickartz
New Contributor

Posted on ‎01-02-2019 02:44 PM

Hmm, was really hoping to not have to set up an updates server and just be able to block updates.

0 Kudos

sdagley
Esteemed Contributor II

Posted on ‎01-03-2019 01:33 PM

@gabrielmickartz Pointing your Macs at a non-existent update server would block updates, but that's the block everything approach. Setting up your own SUS is pretty straightforward (especially with a NetSUS - just make sure to have 1TB of storage available as 500GB is not enough) and gives you the ability to control individual updates.

0 Kudos

wesleya
Contributor

Posted on ‎01-03-2019 02:00 PM

Using a Restrictions profile you could delay the ability to update to 10.14.3 for up to 90 days. A software update server buys you more time, but ultimately your dev team will need to develop a plan to handle these updates.