How does munki check whether a nopkg item has been installed?

[PStojanovic]

Scenario:

I am building a work-in-progress script that is delivered as a post_install wrapped in a nopkg.  When testing on a test munki client, the nopkg always shows as "installed" and grayed out (using optional installs delivery).

I've tried altering the post_install script, changing the version number, renaming Name and Display name of the nopkg, tinkering with misc options to get munki to see this as a new package (that either needs to be installed again or updated) to no avail.

The pkginfo has no receipts, no CFBundle.  I've managed to trick it by putting up a dummy "installcheck_script" with an exit code of 0, but now it just wants to run (update) all the time.

Which mechanism is used in this scenario? 
Thanks in advance!
Predrag

[Nick McSpadden]

The same rules apply for "nopkg" that applies to other installs - Munki needs to know of some way to determine that it needs to be installed.  Given that "nopkg" pkginfos generally don't refer to files that are being installed, the logical choice, which you used, is to put an "installcheck_script."  

You can see an example of this in the Printers section of the wiki:

https://github.com/munki/munki/wiki/Managing-Printers-With-Munki#how-the-nopkg-pkginfo-works

--
You received this message because you are subscribed to the Google Groups "munki-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to munki-dev+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

--

Nick McSpadden

Client Systems Manager

Schools of the Sacred Heart, San Francisco

[PStojanovic]

Awesome, thanks for the quick reply Nick!

[zack.m...@bsd7.org]

Another option is to create a file as a "receipt" of sorts. 

Post install script, touch /path/to/hidden/file/.hiddenfile

Installs array item pointing to that file.

Not as clean but it works.

[Erik Gomez]

Nick's approach is probably ideal.

Sent from my iPhone

[Gregory Neagle]

If you are going to do that, it might be easier/better to just add the script to a pseudo-payload-free package and use the native package receipts mechanisms. 

https://managingosx.wordpress.com/2015/05/20/pseudo-payload-free-pkgs-with-pkgbuild/

Sent from my iPhone

[zack.m...@bsd7.org]

TL;DR

Greg and Nick's approach work best and should be used all the time if possible.

Try not to use mine but it does exist if needed.

Continued:

All true. To me it is just sometimes easier to wipe together a quick fix script in the post-install string that does what I need, leaves the touch file behind ( I typically add a version number to it for sanity on my end) and add the install array to look for that file. MunkiReport does a very similar thing as well. The installer script touches a file at /usr/local/munki/munkireport-versionnumber . I haven't migrated the few scripts I have that work this way to that payload-free trick yet.

[A.E. van Bochoven]

I have to say that I'm resorting to install_check scripts for certain packages lately. Package receipts only tell munki that item X version Y once was installed. When a user removes the resulting application, munki will not offer to install it again as long as the package receipt is in the database.

-Arjen

[bryanzak]

If these are applications you should be using an installs key array along with the receipts key

That way if the app is deleted by the user it'll get reinstalled by Munki

Bryan

[bryanzak]

a payload free package is about as easy as it gets.

For example here's a payload free package.

In Finder create two folders and then one text file:

Folder

   build.sh

   nopayload (folder)

build.sh should be:

#!/bin/bash

script_path=$(dirname "${0}")

cd "${script_path}"

# nopayload does not leave a package receipt behind, 

# so install an empty payload into /tmp to get a receipt

sudo pkgbuild --identifier org.yourorg.yourapp \

              --version "1.0" \

              --root "nopayload" \

              --install-location "/tmp/nopayload" \

              "My Payload Free.pkg"

Just run that build.sh script and now you have a package that leaves behind a receipt with version info (just like your touch method, but better!) and you can just simply import this into munki using munkiimport

Bryan

[A.E. van Bochoven]

You are right, and looking in my catalog file, I see that I use installcheck_script mostly for configuration items (users, printers, preferences, etc.)

-Arjen

[Tim Sutton]

As far as I know you shouldn't even need to specify --install-location as you did here - because by default it's /.

Tim