If you use

hdiutil attach /tmp/$VendorDMG -nobrowse

it will keep the volume from popping up in Finder.

Does this have the downside that the user's machine will continuously re-download the DMG whenever a user logs in, or when the machine checks in with JAMF?

Not criticizing, just trying to understand.

@nojorge no, it should not. If you look at the scope for Policy #1, @caine.horr is scoping to the SmartGroup he created that looks to see if Chrome is installed. If Chrome IS installed, the machine does not fall into the SmartGroup and thus will not fall into scope for Policy #1.

Great script. This will be very useful and time saving.

Been using something similar for lots of clients for over a year and works really well (except when proxy's get in the way).

Might be worth adding a few checks to the script though e.g: https://github.com/gavinpardoe/Scripts/blob/master/installChrome.sh

Just went live with it and have already seen the number of machines running the current version increase.
Wonderful!!

Thanks for the script. It works great. Except..
I do get an error after Chrome installs saying it could not be installed and contact your Admin...

Thanks for putting this together, works great! Do you think we can modify this to work with other applications like Adobe Acrobat Reader or Firefox? We're not installing these browsers on enrollment so having an always up to date package in Self Service would be amazing.

Thanks again!

Edit: Found this! https://www.jamf.com/jamf-nation/discussions/12042/adobe-reader-update

Thanks!!

What a great idea and so neat and clean and simple. I wish I thought of it, thanks for sharing!

When looking for a way to install Chrome from the command line, I found this discussion. The meaty goodness is here:

temp=$TMPDIR$(uuidgen)

mkdir -p $temp/mount

curl $4 > $temp/1.dmg

yes | hdiutil attach -noverify -nobrowse -mountpoint $temp/mount $temp/1.dmg

cp -r $temp/mount/*.app /Applications

hdiutil detach $temp/mount

rm -r $temp

In the Policy, set Parameter 4 to https://dl.google.com/chrome/mac/stable/GGRO/googlechrome.dmg

It's not nice & commented, but it's really elegant. The user has no idea it's happening. This also will work for other packages, by simply changing the source URL (paremeter 4). It also cleans up after itself.

The major improvement over the OP's script is that line that starts with "yes". That will auto-accept any licensing pop-ups that mounting the DMG might make.

Hi @JayDuff

I tried your script but it didn't work Shows completed, but I didn't get an install. Here are the details within jamf pro

Hi @ryan.er - It looks like the image had a problem. I'd say try it again. Also, triple check your Parameter 4.

I tested it with the link hardcoded in. So

curl $4 > $temp/1.dmg

was

curl https://dl.google.com/chrome/mac/stable/GGRO/googlechrome.dmg > $temp/1.dmg

in my test.

Maybe there is a problem with $4?

Hi,

Does anybody know what the new download link is? We've been using this script for the longest time and it's worked until now. When i try to go to the download link it doesn't exist anymore

https://dl.google.com/chrome/mac/stable/GGRO/

# Vendor supplied DMG file
VendorDMG="googlechrome.dmg"

Download vendor supplied DMG file into /tmp/

curl https://dl.google.com/chrome/mac/stable/GGRO/$VendorDMG -o /tmp/$VendorDMG

Mount vendor supplied DMG File

hdiutil attach /tmp/$VendorDMG -nobrowse

Copy contents of vendor supplied DMG file to /Applications/

Preserve all file attributes and ACLs

cp -pPR /Volumes/Google Chrome/Google Chrome.app /Applications/

Identify the correct mount point for the vendor supplied DMG file

GoogleChromeDMG="$(hdiutil info | grep "/Volumes/Google Chrome" | awk '{ print $1 }')"

Unmount the vendor supplied DMG file

hdiutil detach $GoogleChromeDMG

Remove the downloaded vendor supplied DMG file

rm -f /tmp/$VendorDMG

@ryan.er

https://dl.google.com/chrome/mac/stable/GGRO/googlechrome.dmg still works fine for me.

I'd recommend verifying the app signature as in https://github.com/themacadmin/macOS-Management/blob/master/cURLInstallZoom.bash

Great script! Worked for me! But...

After installation and when Chrome opened for the first time, It gave me the Auto-Update alert. I had the option to either Enable or Cancel(?) the auto updater. When I hit enable, it prompted me to enter an Administrator password. Is there way to bypass the need for an Admin password for the auto updater? Or better yet, script to allow the Auto Updater to enable without prompting the user?

My environment has all employees as Standard Users.

I also noticed my 1Password Chrome extension won't work if the Chrome Browser can't check for updates (weird... but is this just me?)

Thanks!

I answered my own question with a little more digging into Jamf Nation:

Jamf Nation Discussion : Force Enable Google Chrome Automatic Updates

What I did:

1. I downloaded this script, added it to our JSS cloud server. Then I set to Script>Option>Priority = After.


2. I then added it to the Policies mentioned in the original post of this discussion.

In JSS, if you have more than 1 script in a Policy, they will run in Alphabetical Order. Just make sure the "Google Chrome (Latest Version)" script is named alphabetically before the enable auto-update script.

Thanks again @cainehorr and everyone else involved in this discussion!

Nice script, but wondering what options is there to auto update chrome as soon there is a new version - or at least update chrome versions that maybe are outdated as self service is not always something users look at

@kcsantos The reason auto-updating doesn't work on most non admin accounts is that the updater is stored in ~/library by default. Running an application from there requires admin credentials. By running the script you posted above the updater gets moved to /library like it should be, allowing it to run.

I have been using this script for over a year. It has been great. Much thanks to cainehorr and anyone else who worked on it. I did just start having an issue though. I deployed this script to a few test machines and also ran it manually to be sure. After the script is applied Chrome will not open unless the machine is restarted. Anyone else run into this problem and found a solution or updated the script?

Awesome script @cainehorr!!

I created a modified version of it that will take just about any app installer direct download link and install the app, regardless of type of packaging. It's worked out great for us so far, I created a template script & policy in Jamf, so all that's needed to create a new app installer is clone the script, paste in the DL link in the script, clone the policy, and add the newly cloned script to the policy.

The one caveat here is installers that are packaged as a .app (e.g. Adobe CC menu bar item). This script still works, but just dumps the <installer name>.app into the /Applications folder.

Anyways, I haven't really worked with bash or Jamf scripts too much yet, so I'd love some feedback if y'all would be willing to share! Some additional verification logic might be helpful for the if/then statements, but I haven't noticed any negative results so far.

#!/bin/sh



# -------------------------------------------------------------------------------------

#

# Universal App Installer Script

#

# -------------------------------------------------------------------------------------

#

# DESCRIPTION

#

# Automatically download and install nearly any app from a direct download link

# App can be packaged as .dmg, .pkg, or .zip, and have either the .app or a .pkg inside

#

# -------------------------------------------------------------------------------------

#

# HISTORY

#

# Created by Ella Hansen on 10/30/2018

#

# v1.0 - 10/30/2018 - Ella Hansen

# Created script based on Caine Hörr's script for Google Chrome:

# https://www.jamf.com/jamf-nation/discussions/20894

#

# -------------------------------------------------------------------------------------



# ADD THE DIRECT DOWNLOAD LINK FOR YOUR APP HERE:



# Example: DownloadURL="https://dl.google.com/chrome/mac/stable/googlechrome.dmg"

DownloadURL="___"



# -------------------------------------------------------------------------------------



# LEAVE THIS CODE ALONE:



# Create directory /tmp/jamf, continue if directory already exists

mkdir /tmp/jamf || :



# Change directory to /tmp/jamf

cd /tmp/jamf



#Download installer container into /tmp/jamf

# -O downloads file without changing its name

curl $DownloadURL -O -L



# If container is a .dmg:

# Mount installer container

# -nobrowse to hide the mounted .dmg

# -noverify to skip .dmg verification

# -mountpoint to specify mount point

yes | hdiutil attach /tmp/jamf/*.dmg -nobrowse -noverify -mountpoint /tmp/jamf/mount ||

# Else if container is a .pkg

# Run installer package with the boot drive as the destination

installer -pkg /tmp/jamf/*.pkg -target / ||

# Else if container is anything else, presumably a zip file:

# Unzip installer container and place contents into /tmp/jamf/mount, continue on error

unzip /tmp/jamf/* -d /tmp/jamf/mount || :



# If contents is installer .pkg:

# Run installer package with the boot drive as the destination

installer -pkg /tmp/jamf/mount/*.pkg -target / ||

# Else if contents is .app:

# Copy the .app file from the installer container to /Applications

# Preserve all file attributes and ACLs

cp -pPR /tmp/jamf/mount/*.app /Applications || :



# Unmount the secondary installation folder, continue on error

hdiutil detach /tmp/jamf/mount || :



# Delete the main installation folder

rm -r /tmp/jamf

https://github.com/hjuutilainen/adminscripts/blob/master/chrome-enable-autoupdates.py

@ellavader that. is. awesome.

I made a quick change to avoid having to duplicate and edit the script.

# -------------------------------------------------------------------------------------



# ADD THE DIRECT DOWNLOAD LINK FOR YOUR APP HERE:



# Example: DownloadURL="https://dl.google.com/chrome/mac/stable/googlechrome.dmg"

DownloadURL="$4"



# -------------------------------------------------------------------------------------

This way I can add the URL as a parameter from the policy creation window.

I'd love to stay in the loop on this for "additional verification logic"

Maybe this question would be better answered in its own thread but here goes:

Where and how do you find ATOM feeds and download links to use with scripts like this? I'd like to use this for a variety of things that aren't part of the patch management framework.

Awesome script @ellavader & @cainehorr - Thanks a lot, that saved a lots of time from our side !
Is there a way to enhance the script by downloading & Installing the latest version only when there is a new version of Chrome released ?
Seems that script is continuously upgrading at each checkin time that is not good for an end-user if he has bad network... ! We can also space the checkin by a week or a month which is ok as a workaround.
Best,