Skip to main content
Solved

Software update log out script


Forum|alt.badge.img+8

https://github.com/darklordbrock/scripts/blob/master/UW-Milwaukee/mySWUcheck.sh

I want to share this workflow I have setup. I have a smart group that will add machines that need a software update. The smart group gets a policy that runs this script at log out. I will ask the user during logout if they would like to install updates. The user can click NO three times. On the four log out the system will just install the updates.

The script will tell if the updates need to reboot the system or just install. If the updates need to reboot, the script will have the system shutdown when they are done installing.

With this being a log out script I thought it would be best to have the machine shutdown on a reboot needed. This way if the person is going to shut their machine down at the end of the day they can let this run and just go home, knowing the machine will shutdown with it is done.

I have started to notice since I have been using this that most people do not log out or shutdown very often. I'm going to try to think of a good way to notify a user that they have updates while the system is up.

Best answer by gregneagle

This might be an option:

http://code.google.com/p/munki/wiki/AppleSoftwareUpdatesWithMunki#Using_the_munki_tools_only_to_install_Apple_Software_Updates

Munki can be used to only install Apple updates. It will notify the user of available updates, allow the user to install them, and require a logout or restart if needed.

View original
Did this topic help you find an answer to your question?

5 replies

stevewood
Forum|alt.badge.img+35
  • Employee
  • 1797 replies
  • March 21, 2013

I use a script to check the uptime of a machine and display a dialog using growlnotify. It's something I threw together three years ago, but it worked great. It would alert users when they had not restarted for more than 5 days. After 10 days it would alert them via Growl and also send an email to them from the system.

You could have a script that checked machine uptime and if greater than 5 days, checked for software updates and alerted the user that they had been up for more than 5 days. If there are also updates, you can alert them that there are updates that need to be applied. Two birds, one stone.

I need to re-write my script to use cocoaDialog now instead of Growl, but here is the original script using Growl and growlnotify:

#!/bin/sh

# Name: uptoolong.sh
# Date:  3 March 2010 (revised 17 March 2010)
# Author: Steve Wood (swood@integer.com)
# Purpose: this script will check how long a machine has been up and display a notification
# using Growl and Growl Notify.
# updated:  22 March 2010 - moved email address grab inside of if then loop

# set some variables and grab the time
days=`uptime | awk '{ print $4 }' | sed 's/,//g'`
num=`uptime | awk '{ print $3 }'`

# we want the computer name
computername=$2

# set the nasty message we are going to send
message1="Your computer has now been up for $num days.  It is important for you to restart"
message2="your machine regularly to help it run efficiently and to apply any updates or changes"
message3="that have been pushed in the background.  Please restart your machine ASAP.  Thank you."

# now check how long they've been awake
if [ $days = "days" ];

then
    if [ $num -gt 5 ];
        # we have a narcaleptic Machine
        then
            # this is serious
            if [ $num -gt 9 ];

                then

                    # grab the current user and use that to query OD for the email address
                    CurrentUser=`ls -l /dev/console | awk '{ print $3 }'`
                    email=`dscl /LDAPv3/your.ldapserver.com -read /Users/$CurrentUser | grep EMailAddress | awk '{ print $2 }'`
                    touch /Library/Application Support/JAMF/Receipts/UpTooLong.pkg
                    /usr/sbin/jamf displayMessage -message "Your computer has now been up for $num days.  Please restart ASAP.  Thank you"
                    echo -e "$message1
$message2
$message3" | mail -s "Machine Up Too Long" $email

                else

                    touch /Library/Application Support/JAMF/Receipts/UpTooLong.pkg
                    /usr/local/bin/growlnotify -a "Finder" -t "Restart Required" -m "Your computer has been up for $num days.  Please restart as soon as possible." -s
            fi  
    else

        if [ -e "/Library/Application Support/JAMF/Receipts/UpTooLong.pkg" ]
        then
            rm /Library/Application Support/JAMF/Receipts/UpTooLong.pkg
        fi

    fi
fi

#now run a recon to make sure we add to the smart groups and clear if need been
/usr/sbin/jamf recon

exit 0

Hope that helps give you some ideas. I turned this off last year but need to re-enable it.


Forum|alt.badge.img+10
  • New Contributor
  • 343 replies
  • Answer
  • March 21, 2013

This might be an option:

http://code.google.com/p/munki/wiki/AppleSoftwareUpdatesWithMunki#Using_the_munki_tools_only_to_install_Apple_Software_Updates

Munki can be used to only install Apple updates. It will notify the user of available updates, allow the user to install them, and require a logout or restart if needed.


Forum|alt.badge.img+8
  • Author
  • New Contributor
  • 8 replies
  • March 26, 2013

Steve,

Thank you for sharing that script.

Greg,

After testing just the updates with Munki, that looks like the easiest path. I'm looking forward to the extra features for updates in 0.8.4 when it is not a preview released.


ImAMacGuy
Forum|alt.badge.img+23
  • Esteemed Contributor
  • 1310 replies
  • March 26, 2013

@Brockma9 this is pretty slick - thank you! My concern from testing is the delay @ shutdown. WHen I shutdown the machine, it goes to a grey screen and sits there for about 60-70 seconds - then prompts.

My thought process would be - we already know from JAMF that the system needs updates (hence it's in the Software Update Smart Group). So why do another search? Would it be possible to take the search out and just skip straight to the - user prompt, and then yes/no to install or not?

Maybe it can't be done that way...

@stevewood - I'd be interested in that too if you get time.

EDIT: actually timed how long it took from hitting shutdown to the time the script prompted.


Forum|alt.badge.img+10
  • New Contributor
  • 343 replies
  • March 26, 2013

brockma9:

You can use Munki to install Apple Software Updates without having to set up a Munki server. But if you want to take advantage of the new features in 0.8.4 that allow you to cause some Apple updates to be installed in the background without bothering the user, or to "force install" some updates after a certain date, you do need a Munki server to store the additional data needed to support those operations.

-Greg


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings