(Please pardon the piecemeal post; I’m presuming partial information is better than nothing.)
scheduleOSUpdate via the Jamf Pro API
Thanks to AppleCare pointing out that:
When running the
softwareupdate
command in a root shell on Apple Silicon users are being prompted for a password. This is expected behavior and the recommendation is to use the Schedule an OS Update command via MDM. This is the method to use if you want to update Apple Silicon Macs without requiring user credentials.
In other words:
if [[ "$arch" == "arm64" ]]; then scheduleOSUpdateViaAPI else /usr/sbin/softwareupdate --install --all --include-config-data --restart --force fi
In my limited testing, users are still prompted:
Pending Feature Requests
Snippets
#################################################################################################### # # Variables # #################################################################################################### jamfProURL="https://company.jamfcloud.com" # No trailing forward slash apiUsername="${5}" apiPasswordEncrypted="${6}" computerSerialNumber=$( /usr/sbin/system_profiler SPHardwareDataType | /usr/bin/grep Serial | /usr/bin/awk '{print $NF}' ) arch=$( /usr/bin/arch ) #################################################################################################### # # Functions # #################################################################################################### # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # xpath tool changes in Big Sur # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # function xpath() { # https://scriptingosx.com/2020/10/dealing-with-xpath-changes-in-big-sur/ # Thanks, Armin! if [[ $(sw_vers -buildVersion) > "20A" ]]; then /usr/bin/xpath -e "$@" else /usr/bin/xpath "$@" fi } # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # Decrypt Password # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # function decryptPassword() { /bin/echo "${1}" | /usr/bin/openssl enc -aes256 -d -a -A -S "${2}" -k "${3}" } # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # Schedule OS Update via the API # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # function scheduleOSUpdateViaAPI() { echo "Schedule OS Update via the API …" apiPassword=$( decryptPassword ${apiPasswordEncrypted} ${Salt} ${Passphrase} ) jamfProCompID=$( /usr/bin/curl -s -u ${apiUsername}:${apiPassword} ${jamfProURL}/JSSResource/computers/serialnumber/${computerSerialNumber}/subset/general | xpath "/computer/general/id/text()" ) # /usr/bin/curl -s -X POST -H "Content-Type: text/xml" -u ${apiUsername}:${apiPassword} ${jamfProURL}/JSSResource/computercommands/command/ScheduleOSUpdate/action/InstallForceRestart/id/${jamfProCompID} /usr/bin/curl -s -X POST -H "Content-Type: text/xml" -u ${apiUsername}:${apiPassword} ${jamfProURL}/JSSResource/computercommands/command/ScheduleOSUpdate/action/Default/id/${jamfProCompID} } #################################################################################################### # # Program # #################################################################################################### # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # Force Software Update Snippet only # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # if [[ "$arch" == "arm64" ]]; then scheduleOSUpdateViaAPI else /usr/sbin/softwareupdate --install --all --include-config-data --restart --force fi
There are many comments on the Jamf Nation post which may prove helpful:
https://community.jamf.com/t5/jamf-pro/programmatic-macos-updates-for-apple-silicon/td-p/229141