Unattended installs of Flash Player 11.3
For some time now, OS X admins have been downloading the latest Flash Player disk image, opening the “Install Adobe Flash Player.app” application, pulling out the “Adobe Flash Player.pkg” package, and using that package to do unattended installs of Flash Player.
Recently, people have discovered an issue with that method: some component related to the Flash updater is not properly installed. If you use this installation method, open the “Flash Player” preferences pane in System Preferences, select the “Advanced” tab, and click “Check Now” under “Updates”, it crashes.
It turns out that Adobe has changed their recommended method for “silent” installs of Flash Player: see this article.
The method outlined in Adobe’s article works, and resolves the crashing issue in the Preferences pane, but there are several issues:
- This “silent” install causes an icon to appear in the Dock as it runs.
- Executing this method as described by Adobe fails when the machine is at the loginwindow — the process hangs indefinitely.
- It turns out there is an “–uninstall” flag for Adobe Flash Player Install Manager, but it cannot be done silently; it always displays a confirmation dialog and a success/failure dialog.
- Uninstall is therefore impossible at the loginwindow, as the OS prevents display of the dialogs (not that you’d want to rely on people clicking on the dialogs anyway)
We can fix (or at least work around) issues 1 and 2.
To prevent an icon from appearing in the Dock, you’ll need to modify the Info.plist in the Install Adobe Flash Player.app. So you must first copy it from its disk image to writable media (or use a shadowfile to mount the disk image as read-write. Details on this technique are outside the scope of this post.)
defaults write /path/to/Install\ Adobe\ Flash\ Player.app/Contents/Info LSUIElement -int 1 chmod a+r /path/to/Install\ Adobe\ Flash\ Player.app/Contents/Info.plist
This causes Launch Services to treat Install Adobe Flash Player.app as a “UIElement” – a type of application that should not display a menu or Dock icon. (The
defaults command has an unfortunate side-effect of changing the permissions of files it modifies so that only the owner can read them; the
chmod command sets the “read” bit for everyone once again.)
To run this thing at the loginwindow, we’ll need to resort to an old trick also used here. This technique uses
`launchctl bsexec` to run the process in the same “bootstrap context” as the loginwindow. This allows the process to run to completion.
To do this manually, we must first find the process ID for loginwindow:
sudo ps axwww | grep loginwindow 1485 ?? Ss 0:00.36 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow console
The process ID is 1485.
We can then use
sudo launchctl bsexec 1485 /path/to/Install\ Adobe\ Flash\ Player.app/Contents/MacOS/Adobe\ Flash\ Player\ Install\ Manager -install
The next step is to wrap all of this into a nice script, and maybe stuff it all into a payload-free package. Maybe I’ll get around to that next week.
These changes make setting up automated installs of Adobe Flash Player a royal pain, so you might want to consider turning on automatic background updates so you never have to do this again.
It turns out there is another flag you can pass to Adobe Flash Player Install Manager:
-setUpdateMode 0turns on “Silent Auto Updates” – updates are downloaded and automatically installed.
-setUpdateMode 1causes updates to be auto downloaded, but the user is prompted to install them.
-setUpdateMode 2turns off automatic checking for updates.
So our final command might look more like this:
sudo launchctl bsexec 1485 /path/to/Install\ Adobe\ Flash\ Player.app/Contents/MacOS/Adobe Flash Player Install Manager -install -setUpdateMode 0
It turns out that you cannot set the update mode by calling the Adobe Flash Player Install Manager binary; instead, after install, call this:
/Library/Application\ Support/Adobe/Flash\ Player\ Install\ Manager/fpsaud -setUpdateMode 0
or just create the
/Library/Application Support/Macromedia/mms.cfg file with the desired contents.
Still to solve: unattended uninstalls. This will almost certainly involve custom scripting.
But really, Adobe?
UPDATE 17-Aug-2012, 16:07 PDT
Patrick Fergus reminds me by way of a comment below that there are issues if you enable “Silent Auto Updates”. So you may want to wait until Adobe fixes the bugs around that process as well.Explore posts in the same categories: Adobe, Deployment, OS X