- Jamf Nation Community
- Products
- Jamf Pro
- Unattended installation with password passthrough
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-02-2016 02:41 PM
I built a pkg using Platypus that is designed to run an unattended install using the following script:
#!/bin/sh
sudo installer -allowUntrusted -verboseR -pkg "/path-to-pkg" -target /I added the following line to present the users with a notification when the installation was complete:
#!/bin/sh
osascript -e 'tell app "System Events" to display dialog "All Done!"'When I tested, I kept getting mixed results. Sometimes the installation would complete successfully. But, most of my tests were unsuccessful. The application appeared to "install" in a matter of seconds. When I looked in the system log, I kept seeing the following error "sudo: no tty present and no askpass program specified"
The users on these particular machines are admins and should be sudoers. Is there a way to prompt them for their password and pass that through a script?
I tried something like this:
#!/bin/sh
CURPASSWORD="$(osascript -e 'tell application "System Events" to display dialog "Please enter your CURRENT password:" with hidden answer default answer ""' -e 'text returned of result' 2>/dev/null)"
if [ $? -ne 0 ]; then
# Pressed cancel
exit 0
elif [ -z "$CURPASSWORD" ]; then
# Left blank
osascript -e 'tell application "System Events" to display alert "Password can not be left blank." as warning'
else break
fi
echo "$CURPASSWORD" | sudo -S installer —allowUntrusted —VerboseR -pkg "path-to-pkg" -target /But, that was also not successful.
Any help would be appreciated. Not sure what else to try.
Thanks in advance,
Marcos
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-02-2016 04:14 PM
@mmunoz2 I have no idea why you're making an installer like that. Why not build this in Composer? Regular installer packages built in Composer or Packages.app can tap into the Apple security framework natively. No need to code anything special for this.
If you look at the documentation provided by the developer for Platypus, he strongly recommends not trying to do any sudo commands in a Platypus built app, because that just isn't what its designed for. In other words, you're using the wrong tool for this. Regular pkg installers handle prompting the user who double clicked it for a password already and escalate its privileges to root to do the install. Since the users are already admins, this whole thing should take a matter of minutes to build. As @bpavlov already said, why are you reinventing this?
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-02-2016 02:54 PM
Why not just let the person install the pkg if they already have admin access? Why re-create the wheel? Also, if you're on this forum I assume you have access to the Casper Suite which means you can make use of Self Service to do this as well if you really don't want to distribute pkgs.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-02-2016 03:08 PM
I was given that requirement and I had the same argument. But, lost that fight. The the package is being hosted outside of our servers and I don't have the option to use Self Service in this instance. I would definitely avoid all of this headache and use the tools available to me, if I could. Thanks.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-02-2016 03:10 PM
That's a sad state of affairs for you then. Sucks when common sense does not prevail.
I don't think PKGs will install reliability off a network share so that might be part of the problem. At least for me I always get an error if I try to run a pkg from a mounted server share. I think the package would need to be copied to the client first before it's run.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-02-2016 03:38 PM
It really is. Puts me in a bind. The package is being hosted on a web server and the users are being given a link to download the package locally before installing it. So, it helps. But, not much.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-02-2016 04:14 PM
@mmunoz2 I have no idea why you're making an installer like that. Why not build this in Composer? Regular installer packages built in Composer or Packages.app can tap into the Apple security framework natively. No need to code anything special for this.
If you look at the documentation provided by the developer for Platypus, he strongly recommends not trying to do any sudo commands in a Platypus built app, because that just isn't what its designed for. In other words, you're using the wrong tool for this. Regular pkg installers handle prompting the user who double clicked it for a password already and escalate its privileges to root to do the install. Since the users are already admins, this whole thing should take a matter of minutes to build. As @bpavlov already said, why are you reinventing this?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-07-2016 09:48 PM
Thank you @mm2270 & @bpavlov for stopping me dead in my tracks. I had become so focused on just trying to accomplish the task that I hadn't taken a step back to see the big picture.
I was definitely using the wrong approach/tool for this. After switching gears and using Packages.app, I was able to complete this build, as you said @mm2270 in "... a matter of minutes".
Thanks again guys.
