From e1f62ad572d5f092be2b50d9937223399b6b9506 Mon Sep 17 00:00:00 2001 From: Kevin <86124561+Macjutsu@users.noreply.github.com> Date: Thu, 4 May 2023 15:58:53 -0400 Subject: [PATCH] 3.0b12 --- CHANGELOG.md | 13 ++++++++++++- super | 52 +++++++++++++++++++++++++++------------------------- 2 files changed, 39 insertions(+), 26 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bbfa52c..cecb973 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # CHANGELOG +## [3.0b12] + +2023-05-04 + +- __UPGRADE NOTICE: Any version of `super` prior to 3.0b4 may unintentionally upgrade computers with macOS 12.6.2 to macOS 13.1+. You should avoid using any version of `super` prior to version 3.0b4 on macOS 12 or newer.__ +- Resolved an issue preventing the macOS update via MDM workflow properly starting. +- Resolved an issue causing erroneous test mode timeout warning dialogs. (Thanks to Connor Garside in #super on MacAdmins Slack for finding this one!) +- Resolved an issue where the MDM service check was too agressive. (Thanks to Julien vander Straeten in #super on MacAdmins Slack for finding this one!) +- Resolved an issue causing the script to exit due to a bad macOS update size calculation. (Thanks to David C. in #super on MacAdmins Slack for finding this one!) +- `super` 3.0b12 SHA-256: 747d9311ff411904b4a0e0cd0d17ab1ad7e4169f5c364e8e41c39751e0940dd5 + ## [3.0b11] 2023-05-04 @@ -17,7 +28,7 @@ - Updated [Generate-MDM-Update-Jamf-API.sh](https://github.com/Macjutsu/super/blob/main/Super-Friends/Create-MDM-Update-Jamf-API.sh) script aligns with updated MDM workflow. - Updated `--verbose-mode` option now creates two additional debug-level logs for troubleshooting the MDM workflow located at `/Library/Management/super/mdmCommandDebug.log` and `/Library/Management/super/mdmWorkflowDebug.log`. - Updated user authentication MDM failover workflow can now prompt for credentials earlier, detect more potential MDM failures, and only attempts to escrow the bootstrap token when the MDM service is actually available. -- Updated test mode validation will temporarily adjust timeouts to improve the test mode behavior. (Thanks to Dustin Nikles in #super on MacAdmins Slack for finding this one!) +- Updated test mode validation temporarily adjusts timeouts to improve the test mode behavior. (Thanks to Dustin Nikles in #super on MacAdmins Slack for finding this one!) - Updated method for detecting if the Jamf binary is the parent process. (Thanks to @iDrewbs for finding this one!) - Updated method for finding available storage space when no user is logged in. (Thanks to @gzilla13 for finding this one!) - Resolved issues causing improper calculation of macOS update sizes in non-USA regions. (Thanks to @gzilla13 and @davidjimenezm for helping with this!) diff --git a/super b/super index 58b9e71..97dc654 100755 --- a/super +++ b/super @@ -8,7 +8,7 @@ # https://github.com/Macjutsu/super # by Kevin M. White -superVERSION="3.0b11" +superVERSION="3.0b12" superDATE="2023/05/04" # MARK: *** Documentation *** @@ -1952,7 +1952,7 @@ elif [[ -n $testModeTimeoutOPTION ]] && [[ $testModeTimeoutOPTION =~ $regexNUMBE testModeTimeoutSECONDS=$testModeTimeoutOPTION fi redrawMaximumTIMEOUT=$((testModeTimeoutSECONDS / 3)) - if [[ $displayRedrawSECONDS -gt $redrawMaximumTIMEOUT ]]; then + if [[ "$testModeOPTION" == "TRUE" ]] && [[ $displayRedrawSECONDS -gt $redrawMaximumTIMEOUT ]]; then sendToLog "Warning: Test mode requires temporary adjustment of the display redraw option from $displayRedrawSECONDS seconds to $redrawMaximumTIMEOUT seconds. This adjustment will not be saved." displayRedrawSECONDS=$redrawMaximumTIMEOUT fi @@ -1968,25 +1968,27 @@ elif [[ -n $testModeTimeoutOPTION ]] && [[ $testModeTimeoutOPTION =~ $regexNUMBE fi fi defaults write "$superPLIST" TestModeTimeout -string "$testModeTimeoutSECONDS" - if [[ -n $deferDialogTimeoutSECONDS ]] && [[ $deferDialogTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then - sendToLog "Warning: Test mode requires temporary adjustment of the restart/defer dialog timeout from $deferDialogTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." - deferDialogTimeoutSECONDS=$testModeTimeoutSECONDS - fi - if [[ -n $softDialogTimeoutSECONDS ]] && [[ $softDialogTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then - sendToLog "Warning: Test mode requires temporary adjustment of the soft deadline dialog timeout from $softDialogTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." - softDialogTimeoutSECONDS=$testModeTimeoutSECONDS - fi - if [[ $userAuthTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then - sendToLog "Warning: Test mode requires temporary adjustment of the user authentication dialog timeout from $userAuthTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." - userAuthTimeoutSECONDS=$testModeTimeoutSECONDS - fi - if [[ $freeSpaceTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then - sendToLog "Warning: Test mode requires temporary adjustment of the free space notification timeout from $freeSpaceTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." - freeSpaceTimeoutSECONDS=$testModeTimeoutSECONDS - fi - if [[ $batteryTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then - sendToLog "Warning: Test mode requires temporary adjustment of the battery level notification timeout from $batteryTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." - batteryTimeoutSECONDS=$testModeTimeoutSECONDS + if [[ "$testModeOPTION" == "TRUE" ]]; then + if [[ -n $deferDialogTimeoutSECONDS ]] && [[ $deferDialogTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then + sendToLog "Warning: Test mode requires temporary adjustment of the restart/defer dialog timeout from $deferDialogTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." + deferDialogTimeoutSECONDS=$testModeTimeoutSECONDS + fi + if [[ -n $softDialogTimeoutSECONDS ]] && [[ $softDialogTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then + sendToLog "Warning: Test mode requires temporary adjustment of the soft deadline dialog timeout from $softDialogTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." + softDialogTimeoutSECONDS=$testModeTimeoutSECONDS + fi + if [[ $userAuthTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then + sendToLog "Warning: Test mode requires temporary adjustment of the user authentication dialog timeout from $userAuthTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." + userAuthTimeoutSECONDS=$testModeTimeoutSECONDS + fi + if [[ $freeSpaceTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then + sendToLog "Warning: Test mode requires temporary adjustment of the free space notification timeout from $freeSpaceTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." + freeSpaceTimeoutSECONDS=$testModeTimeoutSECONDS + fi + if [[ $batteryTimeoutSECONDS -gt $testModeTimeoutSECONDS ]]; then + sendToLog "Warning: Test mode requires temporary adjustment of the battery level notification timeout from $batteryTimeoutSECONDS seconds to $testModeTimeoutSECONDS seconds. This adjustment will not be saved." + batteryTimeoutSECONDS=$testModeTimeoutSECONDS + fi fi elif [[ -n $testModeTimeoutOPTION ]] && ! [[ $testModeTimeoutOPTION =~ $regexNUMBER ]]; then sendToLog "Parameter Error: The test mode timeout must only be a number."; parameterERROR="TRUE" @@ -3205,7 +3207,7 @@ if [[ $(echo "$profilesRESULT" | grep -c 'MDM server') -gt 0 ]]; then [[ $(echo "$profilesRESULT" | grep 'Enrolled via DEP:' | grep -c 'Yes') -gt 0 ]] && mdmDEP="TRUE" mdmSERVICE="https://$(echo "$profilesRESULT" | grep 'MDM server' | awk -F '/' '{print $3}')" curlRESULT=$(curl -Is "$mdmSERVICE" | head -n 1) - if [[ $(echo "$curlRESULT" | grep -c 'HTTP') -gt 0 ]] && [[ $(echo "$curlRESULT" | grep -c -e '4[0-9][0-9]' -e '5[0-9][0-9]') -eq 0 ]]; then + if [[ $(echo "$curlRESULT" | grep -c 'HTTP') -gt 0 ]] && [[ $(echo "$curlRESULT" | grep -c -e '400' -e '40[4-9]' -e '4[1-9][0-9]' -e '5[0-9][0-9]') -eq 0 ]]; then sendToLog "Status: MDM service is currently available at: $mdmSERVICE" else sendToLog "Warning: MDM service at $mdmSERVICE is currently unavailable with stauts: $curlRESULT" @@ -3781,7 +3783,7 @@ if [[ "$softwareUpdatesAVAILABLE" == "TRUE" ]]; then macOSSoftwareUpdateLABEL=$(echo "${macOSSoftwareUpdateLABELS[*]}" | grep "$macOSMAJOR.\d") macOSSoftwareUpdateTITLE=$(echo "${macOSSoftwareUpdateTITLES[*]}" | grep "$macOSMAJOR.\d") macOSSoftwareUpdateVERSION=$(echo "${macOSSoftwareUpdateVERSIONS[*]}" | grep "$macOSMAJOR.\d") - macOSSoftwareUpdateGB=$(echo "$softwareUpdateLIST" | grep 'Title: macOS' | grep "$macOSMAJOR.\d" | awk -F ': ' '{print $4}' | sed -e 's/,//g' | grep -o -E '[0-9]+' | awk '{print $1/1000000}' | awk -F '.' '{print $1+1}') + macOSSoftwareUpdateGB=$(echo "$softwareUpdateLIST" | grep 'Title: macOS' | grep " $macOSMAJOR.\d" | awk -F ': ' '{print $4}' | sed -e 's/,//g' | grep -o -E '[0-9]+' | awk '{print $1/1000000}' | awk -F '.' '{print $1+1}') elif [[ $macOSMAJOR -ge 11 ]] || [[ $macOSVERSION -ge 1015 ]]; then allSoftwareUpdateLABELS=($(echo "$softwareUpdateLIST" | awk -F ': ' '/Label:/{print $2}')) allSoftwareUpdateTITLES=($(echo "$softwareUpdateLIST" | awk -F ',' '/Title:/ {print $1}' | cut -d ' ' -f 2-)) @@ -5283,9 +5285,9 @@ if [[ "$testModeOPTION" != "TRUE" ]]; then # Not in test mode. else # macOS update. mdmWorkflowTYPE="UPDATE" if [[ "$betaWORKFLOW" != "FALSE" ]] || [[ "$softwareUpdateRSR" == "TRUE" ]]; then - jamfJSON='{ "deviceIds": ["'${jamfProID}'"], "applyMajorUpdate": false, "skipVersionVerification": true, "updateAction": "DOWNLOAD_AND_INSTALL", "restartWithoutUpdates": true }' + jamfJSON='{ "deviceIds": ["'${jamfProID}'"], "applyMajorUpdate": false, "skipVersionVerification": true, "updateAction": "DOWNLOAD_AND_INSTALL", "forceRestart": true }' else # Standard non-beta workflow. - jamfJSON='{ "deviceIds": ["'${jamfProID}'"], "applyMajorUpdate": false, "updateAction": "DOWNLOAD_AND_INSTALL", "restartWithoutUpdates": true }' + jamfJSON='{ "deviceIds": ["'${jamfProID}'"], "applyMajorUpdate": false, "updateAction": "DOWNLOAD_AND_INSTALL", "forceRestart": true }' fi fi [[ "$verboseModeOPTION" == "TRUE" ]] && sendToLog "Verbose Mode: Function ${FUNCNAME[0]}: mdmWorkflowTYPE is: $mdmWorkflowTYPE"