Skip to main content
Question

Software Update Server Updates automatically disabling


Show first post

138 replies

Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • November 4, 2015

Server 5.0.15 with OS X 10.11.1 still disabling the updates.... Sigh... Does anyone know where ASUS stores the enablement status of updates?


Forum|alt.badge.img+9
  • Author
  • Valued Contributor
  • 94 replies
  • November 5, 2015

So spoke to apple they cant reproduce the issue, but believe a combination of reformat / reinstall of the system plus having my network guys setting up a A record and PTR record in DNS might resolve the issue.

Waiting on my network team to do its part. will let you know once i get it all up and running again.


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • November 5, 2015

Yeah reformat of the system isn't going to fly. Our servers resolve both forward and reverse, and are not accessible outside of our network. They all have A records, but not PTR records.

Here is a thread over on Apple Support about this: Apple Support Discussion

Maybe time to look at Reposado more closely...


Forum|alt.badge.img+9
  • Author
  • Valued Contributor
  • 94 replies
  • November 5, 2015

Hehe i started that thread, there first got no help so opened this one up here.


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • November 5, 2015

So I did a bit more digging through the config files for ASUS and found that the enablement status <key>enable</key> in /Library/Server/Software Update/Status/com.apple.sever.swupdate.plist is not being set to true when enabling an update (10.11.1 in this case). You enable it in the GUI and look at that file, and you will see that the status is still disabled.

It seems like there is some disconnect between what you do in the GUI and the status in this file. When I enable an update I do see this file as modified, but it doesn't set the enabled update as true...

I compared the file permissions for for the config files with an older SUS server (10.8.5, server 2 based) with the newer ones, and everything seems to line up. No lock flags (system or user) on that plist...


Forum|alt.badge.img+11
  • New Contributor
  • 21 replies
  • November 6, 2015

I heard back from Apple support on this. Hopefully a fix is around the bend.

Here is the CliffsNotes version:

After researching this exhibited symptom, it is related to a similar report currently being investigated by Engineering. I have associated this report to the case and provided the logs to the report to help further the investigation. In testing, it has been reproduced on OS X 10.10.5 / OS X Server 5.0.4 as well. Once there is information to offer you, I will do so promptly.


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • November 6, 2015

Excellent. Thanks for the update. I expect to be speaking with Apple on this tomorrow as well.


Forum|alt.badge.img+12
  • Contributor
  • 529 replies
  • November 6, 2015

If you are only just setting up a SUS, then you might want to look at Reposado instead:

Reposado overview

Reposado github repo

and if you like a web interface over command line:

Margarita

It is more flexible than Apple's, with multiple branches for different machines, allows for deprecated updates if you desire and you aren't limited by the server OS version.

Intro to Reposado


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • November 6, 2015

Yep, I have used Reposado in a prior job, and it's quite nice. We are a ASUS environment here, and will continue to be for the foreseeable future.


Forum|alt.badge.img+9
  • Author
  • Valued Contributor
  • 94 replies
  • November 6, 2015

My guy is working with engineering as well, he couldn't reproduce it but they did tell me it was a know issue. ill look into those other programs as im not tied to just Apples SUS


Forum|alt.badge.img+9
  • Author
  • Valued Contributor
  • 94 replies
  • November 11, 2015

Ok so my issue is resolved. not sure why this worked but so far for 24 hours my updates have not been disabled

Keep in mind this was a test machine but here are the steps i took:

  1. Setup a fully static ip and A/ PTR record
  2. Fully reformatted and install / updated 10.11.1
  3. Downloaded Server app and setup DNS (all i did was turn it on) and software update service
  4. downloaded and enabled all updates from 2015 minus the voice packs.

And 24 hours later i still have enabled updates!


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • November 12, 2015

Interesting. Unfortunately wiping and re-installing on our DPs is not an option, as we have 30+ around the globe. Apple suggested turning off automatic downloads, but that didn't have any effect.


kishjayson
Forum|alt.badge.img+7
  • Contributor
  • 51 replies
  • November 12, 2015

Ran into this exact same issue on two separate servers today, both of which are running OS X Yosemite (10.10.5). One server is currently running Server 5.0.4 while the other is 5.0.15. I contacted AppleCare Enterprise Support today and they were able to reproduce the issue on their test system as well. Case Number is 986233263.

Thank you @dgreening for figuring out where the Enable flag is being stored. I'm going to see about scripting something to change this flag on my test server as an interim workaround.

I'll let everyone know if it's successful.


kishjayson
Forum|alt.badge.img+7
  • Contributor
  • 51 replies
  • November 13, 2015

UPDATE

I stopped services on both servers, then deleted the contents of /Library/Server/Software Update/. I then configured the Software Update Server to Manual mode, and left "Automatically download new updates" unchecked.

I then selected all of the available updates, then chose "Download and Enable". This allowed each of the updates to be downloaded successfully and then properly set the enabled flag correctly in /Library/Server/Software Update/Status/com.apple.server.swupdate.plist.

While not yet tested, I presume that stopping services, then manually updating this flag from <true/> to <false/> should effectively disable the applicable update as well.


Forum|alt.badge.img
  • New Contributor
  • 1 reply
  • November 13, 2015

Since I have upgraded to Server 5.0.15, the 'Enable, Disable, Remove' Status changes without my input. I have Enabled the updates that our environment requires and they change back to ‘Disabled’ after a day or two.


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • November 13, 2015

Yup I have seen that as well. Apple has all but admitted that Server 5.0.15/5.0.4 is borked when it comes to El Cap updates. Lets hope we see a new Server.app sooner rather than later.


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • December 10, 2015

Still having this issue. Updated one of the DP/SUS servers to 10.11.2, same deal. Crickets from Apple so far...


Forum|alt.badge.img+9
  • Author
  • Valued Contributor
  • 94 replies
  • December 10, 2015

I upgraded my system to 10.11.2 yesterday and its still working. but like i said i had to wipe the whole system


Forum|alt.badge.img+15
  • Contributor
  • 26 replies
  • January 5, 2016

Also opened a bug report 24056668, trying the build as new server on test hardware now. Don't like the idea of having to rebuild a large number of ASUS servers in our environment.


Forum|alt.badge.img+9
  • Author
  • Valued Contributor
  • 94 replies
  • January 5, 2016

Mine is now doing this again. i have about 450 updates that stay enabled but anything from December forward keeps getting disabled.

Submitted my own bug glad this thing is still in testing

Apple Bug 24056937


Forum|alt.badge.img+1
  • New Contributor
  • 6 replies
  • January 5, 2016

Did any one in this "club" find a solid solution? I applied the Apple Security updates in December and after rebooting some of the updates stay enabled and some of the older ones before the Security update install don't(I have to keep checking them and enabling them). Just wanted to see if there was any other progress.


Forum|alt.badge.img
  • New Contributor
  • 1 reply
  • January 5, 2016

And I thought I was crazy! I'm having the same issue here. I'm new to Mac servers so I thought I was just making a silly mistake. I hope Apple can give us something helpful.


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • January 5, 2016

We are still having this issue with Server 5.0.15. We have had some success rolling back to Server 4.1.3 for the time being... Still waiting to hear an update from Apple on this...


Forum|alt.badge.img+5
  • New Contributor
  • 9 replies
  • January 5, 2016

We are also still having issues. I submitted a bug report with Apple and have contacted our SE. I hope we will seen an update soon since this has been ongoing for several months in our environment.


Forum|alt.badge.img+18
  • Honored Contributor
  • 645 replies
  • January 5, 2016

You know something is screwy when they release Server 5.0.15 as an update to Server 5.0.4...


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings