Skip to main content

Hello guys,



I am pro with scripts, I want add a restart pop-up if script need to restart machine.



We want to add restart pop-up with these steps;
- Check script's result if there is not security updates to install just quit
- Check script's result if there is install updates and not restart required just send pop up user's screen a message "Some security patches have been installed, not restart reqiured"
- Check script's result if there is install updates and restart required, send a pop up user screen "Some security patches have been installed, please restart computer or machine will force restart after 72 hours". And if user does not restart computer, script force restart computer after 72 hours later.



Is it possible?



Here is script that we use;



#!/bin/bash

#####################################


Apple Software Update Search



Version: 2.0



Josh Harvey | Jul 2017



josh[at]macjeezy.com



Updated: Feb 2018



GitHub - github.com/therealmacjeezy



JamfNation - therealmacjeezy



https://github.com/jamf/Jamf-Nation-Scripts/blob/master/Apple_Software_Update_Search_v2.sh



#####################################



####################### Change Log ########################


Version 2.0 Update (Feb 2018)



- Added support for multiple updates to used in the script parameters



(current limit is 4, version 1.0 only supported one item at a time)



- Rewrote the way updates are handled. Now any update that is found gets



added to an array then is downloaded to the default location (/Library/Updates/).



Once the update is finished downloading, it gets added to another array



which is then used to install each update after they all have been downloaded.



- Added a section that will check to see if the update requires a restart.



If it's required, it will set the "restartRequired" variable to yes. Once all



updates have been downloaded and installed, a if statement checks the restart



variable and will trigger a policy setup for an delayed authenticated reboot.



NOTE: A policy will have to be created with a matching trigger in order for this



feature to work. This section currently only looks for the "security" label.



- Added a manual inventory update before the restartRequired check to ensure



any installed updates are succesfully reflected in the Jamf Pro Server. (This



was written in to work around an issue where inventory updates would fail if



the update name exceeded a certain amount of characters.)



##################### USAGE / ISSUES ######################


Enter the item(s) you are trying to update in Parameters 4 through 7.



If you want an authenticated reboot to occur if required by an update



you will need to create a policy with a custom trigger (Set to Ongoing).



If you have any issues or questions please feel free to contact



using the information in the header of this script.



If an item doesn't have any available updates, it will move onto the



next item (if entered). If no updates for any of the items are found



it will exit quietly.



Also, Please give me credit and let me know if you are going to use



this script. I would love to know how it works out and if you find



it helpful.



###########################################################



Script Parameters


Parameter 4 - Update Selection (Required)



Parameter 5 - Update Selection (Optional)



Parameter 6 - Update Selection (Optional)



Parameter 7 - Update Selection (Optional)



Parameter Options


iTunes - iTunes Update



macOS - macOS Software Update (Restart Required)



RDP - Remote Desktop Client Update



Security - Security Update (Restart Required)



App Store - Mac App Store Update (Restart Required)



Safari - Safari Update



formatInput() {
# Arrays that contain multiple variations of each item to ensure it gets formatted correctly
RemoteDesktop=("rdp" "RDP" "remote desktop" "remote" "Remote" "Remote Desktop")
iTunes=("itunes" "Itunes" "iTunes")
macOS=("macos" "MacOS" "MACOS" "osx" "OSX")
appStore=("app" "appstore" "App Store" "App store" "Appstore")
security=("Security" "security" "security update" "Security Update")
safari=("safari" "Safari")

# Formats the item name
if [[ "${iTunes[@]}" =~ "$itemUpdate" ]]; then
itemUpdate="iTunes"
elif [[ "${macOS[@]}" =~ "$itemUpdate" ]]; then
itemUpdate="macOS"
elif [[ "${RemoteDesktop[@]}" =~ "$itemUpdate" ]]; then
itemUpdate="RemoteDesktop"
elif [[ "${appStore[@]}" =~ "$itemUpdate" ]]; then
itemUpdate="App Store"
elif [[ "${security[@]}" =~ "$itemUpdate" ]]; then
itemUpdate="Security"
elif [[ "${safari[@]}" =~ "$itemUpdate" ]]; then
itemUpdate="Safari"
fi
}

Creates an empty array



updateList=()

Checks for input in each of the parameters and formats the string for use in the softwareupdate command



if [[ ! -z "$4" ]]; then
itemUpdate="$4"
formatInput
updateList+=($itemUpdate)
else
echo "Parameter 4 is missing and is required."
exit 0
fi

Parameter 5 (Optional)



if [[ ! -z "$5" ]]; then
itemUpdate="$5"
formatInput
updateList+=($itemUpdate)
else
echo "Parameter 5 is empty."
fi

Parameter 6 (Optional)



if [[ ! -z "$6" ]]; then
itemUpdate="$6"
formatInput
updateList+=($itemUpdate)
else
echo "Parameter 6 is empty."
fi

Parameter 7 (Optional)



if [[ ! -z "$7" ]]; then
itemUpdate="$7"
formatInput
updateList+=($itemUpdate)
else
echo "Parameter 7 is empty."
fi

Sets the update count variable to zero then looks at the updateList array and checks to see if an update is available and if so downloads the update to /Library/Updates for each item



updateCount="0"
for i in "${updateList[@]}"; do
echo "Searching for an update for ${updateList[$updateCount]} .."
# Variable that searches for available software updates for the item
searchUpdate=$(/usr/sbin/softwareupdate -l | grep -w "" | sed 's/^[[:space:]]//' | grep -y "${updateList[$updateCount]}" | sed 's/[]//g' | sed 's/^[[:space:]]//')
# Checks to see if there is an update available, if not it will return No Update Found and continue to the next item
if [[ -z "$searchUpdate" ]]; then
echo "No update found for ${updateList[$updateCount]} .."
else
echo "Update found for ${updateList[$updateCount]} .. Starting download."
installList+=("$searchUpdate")
/usr/sbin/softwareupdate -d "$searchUpdate"
echo "Download of "${updateList[$updateCount]}" finished"
fi
let updateCount+=1
done

Sets the install count variable to zero then looks at the installList array and runs the softwareupdate command with the install flag for each item in the array



installCount="0"
for i in "${installList[@]}"; do
echo "Installing the update for "${installList[$installCount]}" ..."
/usr/sbin/softwareupdate -i "${installList[$installCount]}"
echo "Installation of "${installList[$installCount]}" is complete."
let installCount+=1
done

Updates the inventory to reflect the installed updates



sudo /usr/local/bin/jamf recon

Lists the updates that were installed



echo "The following updates have been installed:"
echo "${installList[@]}"

Checks to see if a restart is required



if [[ "${installList[@]}" =~ Security ]]; then
echo "A restart is required for this update"
restartRequired="yes"
else
restartRequired="no"
fi

Checks the restart variable to see if a restart is required and if so runs the trigger for a policy set to perform an authenticated restart



if [[ "$restartRequired" == "yes" ]]; then
echo "Restart is Required"
# Edit the line below to match the policy in the Jamf Pro server
sudo /usr/local/bin/jamf policy -event securityReboot
else
echo "No Restart Required"
fi
Be the first to reply!

Reply


Terms & ConditionsCookie settings