I've been given the below plist which points to a bash script.
The script is supposed to delete the installer (El capitan.app) after it has been downloaded to prevent people from upgrading to it.
It is not working and I am not sure what needs changing/tweaking, if anything, to the script. It fails to delete the downloaded installer.
I have placed the script in the location /usr/local/bin, filename blockelcapitan.sh and can also confirm that the launch dameon (stored in /Library/LaunchDaemons) is loaded as confirmed by using the command:
sudo launchctl list | grep net.
which shows a result of:
- 78 net.ORG.blockelcapitan
I need help with the script, I have no idea if it is correct or what needs adding/removing/changing.
#!/bin/bash
Version=$(sw_vers | grep ProductVersion | tail -c 7 | cut -d . -f 2)
if [[ $Version -ge 11 ]]
then
sudo launchctl unload /Library/LaunchDaemons/net.ORG.blockelcapitan.plist
sudo rm -rf /Library/LaunchDaemons/net.ORG.blockelcapitan.plist
sudo rm -rf /var/ORG/ElCapitan/
sudo rm -rf /var/db/receipts/net.ORG.pkg.BlockElCapitanLaunchDaemon.bom
sudo rm -rf /var/db/receipts/net.ORG.pkg.BlockElCapitanLaunchDaemon.plist
exit 0
fi
rm -rf /Applications/Install\ OS\ X\ El\ Capitan.app/
osascript -e 'display dialog "OS X El Capitan is not allowed on ORG computers at this time." with title "ORG Technology Notice" buttons {"OK"} default button "OK" giving up after 30'
Post-flight for installer PKG (you’ll want to use something like Packages for Mac to build a deployable .pkg):
#!/bin/bash
launchctl load -w /Library/LaunchDaemons/net.ORG.blockelcapitan.plist
Version=$(sw_vers | grep ProductVersion | tail -c 7 | cut -d . -f 2)
if [[ $Version -ge 11 ]]
then
sudo launchctl unload /Library/LaunchDaemons/net.ORG.blockelcapitan.plist
sudo rm -rf /Library/LaunchDaemons/net.ORG.blockelcapitan.plist
sudo rm -rf /var/ORG/ElCapitan/
sudo rm -rf /var/db/receipts/net.ORG.pkg.BlockElCapitanLaunchDaemon.bom
sudo rm -rf /var/db/receipts/net.ORG.pkg.BlockElCapitanLaunchDaemon.plist
exit 0
fi
Here is the actual launchdaemon itself:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com /DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>net.ORG.blockelcapitan</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/blockelcapitan.sh</string>
</array>
<key>KeepAlive</key>
<dict>
<key>PathState</key>
<dict>
<key>/Applications/Install OS X El Capitan.app/</key>
<true/>
</dict>
</dict>
<key>OnDemand</key>
<true/>
</dict>
</plist>
Best Answer
If you didn't install any BlockElCapitanLaunchDaemon.pkg previously, but just got the content of the plist and the shell script you will get this working by removing some useless lines and bogus commands:
A working version is:
The Variable Version can be simplified to:
The related launch daemon plist net.company_name.blockelcapitan.plist added to your question is properly formatted and working after changing the line
<string>net.ORG.blockelcapitan</string>to<string>net.company_name.blockelcapitan</string>.The files ought to have the following permissions:
The script does the following:
Version=$(sw_vers | grep ProductVersion | tail -c 7 | cut -d . -f 2)orVersion=$(sw_vers -productVersion | cut -d . -f 2 ):Get the major release number of the current system version (e.g. 9: Mavericks, 10: Yosemite, 11: El Capitan etc.)
if [[ $Version -ge 11 ]]:if the major version of the booted system is equal or greater than 11
then...(if El Capitan or newer is installed) unload and remove the launch daemon and the shell scriptelse...(if Yosemite or older is installed) remove El Capitan installer app
None of the preceding sudos is needed, because the shell script started by the launch daemon already runs as root. The -r option in the first
rmcommands is not needed because none of the objects is a directory. The files and folder in /var don't exist if you haven't installed anything (except the plist and the shell script file).As far as I can tell, the osascript doesn't work like that, so I ignored it. I'll try to find a solution.