JSS-Scripts
JSS-Scripts copied to clipboard
bp88
OSUpdateNotifier: refreshSoftwareUpdateList() issue in Monterey (M1) machine issue 1
In case machine are updating, when script running and require refreshSUL, original function will kickstart the softwareupdated service it also will stop all current update process, we need add another function to check if there no update going on before kickstart the service
# pngo 1/5/22 include check UpdateBrainService process, to avoid restart softwareupdated when user are updating
function checkingUpdateProcess(){
if ps aux | grep -e com.apple.MobileSoftwareUpdate.UpdateBrainService$ >/dev/null; then
debug "com.apple.MobileSoftwareUpdate.UpdateBrainService is running, potental Update in process, exit"
exit 0
fi
}
include the function on on top of current refreshSoftwareUpdateList()
refreshSoftwareUpdateList(){
debug "Refresh Software Update list"
# check update process, make sure there not update running
checkingUpdateProcess
........
}
Another issue with Monterey (12.0.1) is softwareupdate -l sometime return "no update available"
I have some modify in refreshSoftwareUpdateList() to reduce the issue (not eliminated it but help most of my case)
# pngo 1/5/22 redo the refreshSUL function to resolve some issue with M1 machine also to work better with jamf policy
refreshSoftwareUpdateList(){
debug "Refresh Software Update list"
# check update process, make sure there not update running
checkingUpdateProcess
for (( j=0; j<3; j++ )); do
# Store list of software updates in /tmp which gets cleared periodically by the OS and on restarts
runAsUser /usr/sbin/softwareupdate -l --force 2>&1 > "$ListOfSoftwareUpdates"
setPlistValue "$BundleID" "LastUpdateCheckEpochTime" "integer" "$CurrentRunEpochTime" "$DeprecationPlist"
# Variables to capture whether updates require a restart or not
UpdatesNoRestart=$(/bin/cat "$ListOfSoftwareUpdates" | /usr/bin/grep -i recommended | /usr/bin/grep -v -i restart | /usr/bin/cut -d , -f 1 | /usr/bin/sed -e 's/^[[:space:]]*//' | /usr/bin/sed -e 's/^Title:\ *//')
RestartRequired=$(/bin/cat "$ListOfSoftwareUpdates" | /usr/bin/grep -i restart | /usr/bin/grep -v '\*' | /usr/bin/cut -d , -f 1 | /usr/bin/sed -e 's/^[[:space:]]*//' | /usr/bin/sed -e 's/^Title:\ *//')
if [[ ! -z $UpdatesNoRestart ]] || [[ ! -z $RestartRequired ]]; then
# update detected, exit loop
j=3
else
if [[ $j == 0 ]]; then
# Restart the softwareupdate daemon to ensure latest updates are being picked up
# pngo 12/30/21 if restart the daemon system will not pickup the update right the wait and indicate "Your Mac is running latest software update allowed by your administrator"
# the issue will go away in 2-10 minutes
killall "System Preferences" 2>/dev/null
/bin/launchctl kickstart -k system/com.apple.softwareupdated
# Allow a few seconds for daemon to startup
debugVerbose "restarting com.apple.softwareupdated daemon"
fi
debug "Retry $((j+1))"
/bin/sleep 120
fi
done
debug "Recheck Update list:"
debug "UpdatesNoRestart: $UpdatesNoRestart"
debug "RestartRequired: $RestartRequired"
# if no update detected after many try, the computer should submit last inventory to Jamf so it will exclude from OS Update policy (using smartgroup)
# careful when schedule the jamf policy because if you not exclude it correctly the machine will re-submit inventory every 4 hours
if [[ -z $UpdatesNoRestart ]] && [[ -z $RestartRequired ]]; then
debugVerbose "No update detected, submit Inventory to Jamf"
jamf recon >/dev/null
fi
}
@bp88 I'm open for discussion, there some improve I do before deploy in our env, would love to talk with you about this