This morning while reviewing new updates on my reposado server I saw this new update:
091-76348 macOS High Sierra 2018-04-10 
I didn’t think much of it; various “Install macOS High Sierra” updates have appeared in the softwareupdate catalogs since early in the High Sierra beta cycle: the App Store, when installing the “Install macOS High Sierra” application, downloads resources from these catalogs. (See https://managingosx.wordpress.com/2017/09/26/some-stuff-about-install-macos-high-sierra-app/ for more info).
But then I saw this cry for help on the munki-discuss list: https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/munki-discuss/I9nA-340mO4/KVQTJMEGCgAJ
Apologies if this has been asked and answered already, but we’re in a desperate time crunch. This morning, on the second day of standardized testing for our district, High Sierra is appearing as a “regular update” instead of an App Store option, so naturally MSC offers it:
It appeared that “macOS High Sierra” was being offered as an Apple software update (which Munki was then offering to install).
Continue reading “Unwelcome Apple surprise”
While working on solving the problem of not getting a “stub” Install macOS High Sierra application, I stumbled across another way to get a full installer.
I present this merely as an oddity and a point of interest. I make no claims as to whether or not you should use this information in any way for ill or for good.
If you run a local Apple software update server, you may have noticed a new product: product ID 091-34298 — “Install macOS High Sierra”. I use Reposado to run a local softwareupdate server:
# ./repoutil --info 091-34298
Title: Install macOS High Sierra
Size: 5.8 GB
Post Date: 2017-09-25 16:56:37
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
We can use the location printed above to find the actual files on disk:
# ls /disk1/swupd/html/content/downloads/04/61/091-34298/almpfkbhyxnsgbxxqhoqo7sb40w3uip0wk/
The contents of a softwareupdate product directory are very much like an exploded/expanded distribution package. Not very well-known is that we can sometimes trick Apple’s installer to install these. If we can get this directory copied to (or mounted via afp, smb or nfs on) a Mac (my Reposado server is on a Linux box), we can do this:
sudo installer -pkg /path/to/091-34298.English.dist -target /
open /path/to/091-34298.English.dist -a Installer.app
If you do the latter, you’ll need to click through the Installer like you would with any other package.
The result? A functional “Install macOS High Sierra.app” in /Applications.
If you haven’t read this already, please do:
Done? OK. Concerned? No? Then you can skip the rest of this post.
If you are concerned, and would like to make sure your managed machines have these security updates, I have a solution for you — if it affects you (and you use Munki and Reposado; so what, about six people?)
Continue reading “Gatekeeper Configuration Data and XProtectPlistConfigData and Munki and Reposado, oh my!”