Weekly News Summary for Admins — 2019-03-15

Lot’s of news for important conferences this week. JamfNation User Conference, MacSysAdmin, and WWDC are getting obviously closer. Also, MacADUK has sold out of tickets! (10 days and counting…)

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

On Scripting OS X

Conferences

MacAdmins on Twitter

  • Tim Perfitt: “Version 1.4 of MDS is going to be awesome. How awesome you ask? Glad you asked. 1/” (Thread)
  • Steve Troughton-Smith: “I like to remind myself sometimes that the current Mac Pro was announced before iOS 7…”

News and Opinion

Bugs and Security

Support and HowTos

Scripting and Automation

Updates and Releases

To Watch

To Listen

Just for Fun

Support

There are no ads on my webpage or this newsletter. If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Scripting OS X

Pi-Day: Let’s talk about dates, baby!

Happy Pi day!

Explanation for those who live in countries with sensible units and date notations: Americans – aside from using weird non-metric units – also have the odd habit of putting the month first in dates, then the day, then the year. So: ‘Mar 14, 2019’ or 3/14/2019. Instead of the more sensible 14.3.2019.

On the other hand, once every year, this weird notation will spell out 3.14, or the first three digits of the circle number, π (pi). And since non-mathematicians seem to love the (non-deserved) quasi-mystical nature of Pi and mathematicians are happy that at least once a year people are paying attention, Pi-day has become kind of a thing.

It’s also an excuse to bake tasty pies as a real-world dad joke manifestation, so overall, fun can be had!

But since we are talking about date notations…

While the day.month.year notation common in the rest of the world is arguably better than the American month/day/year, it is still not an ideal notation. Even better is year-month-day, especially when used with fixed digit lengths: YYYY-MM-DD, e.g. 2019-03-14.

While we will have to wait 1122 years before this notation approximates π, it has many other benefits. First, it sensibly and obviously sorts the components of date and time from largest (years) to lowest (seconds or even fractions of a second). It is fairly easy to parse in scripts and languages. When you sort ISO 8601 date strings alphanumerically, they will be in the correct order for dates. No other notation does that.

This is the reason this notation is enshrined as ISO 8601 and used in many places on your computer. For example, property lists encode timestamps in ISO 8601.

Learn more about property lists in my book: “Property Lists, Preferences and Profiles for Apple Administrators”

Jamf Extension Attributes can also be parsed properly as dates when returned in ISO 8601 format.

Dates in the shell

When working in shell scripts on macOS, you can use the date command to get the current date or for other date operations. Other flavors of unix-like operating systems have a specific flag to get ISO 8601 output, but in macOS you have to format manually:

$   date -u +"%F" 2019-03-14 $   date -u +"%FT%T" 2019-03-14T08:00:15 

When you want a file’s creation, access, or modification date you can use the stat command:

$   stat -f 'Created: %Sc   Modified: %Sm   Accessed: %Sa' pi-day Created: Mar 14 08:43:07 2019   Modified: Mar 14 08:43:06 2019   Accessed: Mar 14 08:43:06 2019 

You can use the -t option to format the time:

$   stat -f 'Created: %Sc   Modified: %Sm   Accessed: %Sa' -t "%FT%T" pi-day Created: 2019-03-14T08:43:07   Modified: 2019-03-14T08:43:06   Accessed: 2019-03-14T08:43:06 

Finder and macOS Interface

You can teach Finder an approximation of ISO 8601. Go to System Preferences > Language & Region and click on the ‘Advanced…’ button and select the ‘Dates’ tab:

Set something close to the ISO date format for Mac
Set something close to the ISO date format for Mac

AppleScript

AppleScript will use the system’s date formatter (set in System Preferences) to parse and print dates. It will use the “Full date format” to show date objects by default, which is quite elaborate.

You can declare date variables with the short format, but as soon as you “compile” the script, it will be replaced by the full format. So, this:

set thedate to date "2019-03-14" 

will turn into this

set thedate to date "Thursday, 14 March, 2019 at 00:00:00" 

AppleScript uses the date format defined in System Preferences, so you have to have this set up. This format will also be used when AppleScript extracts a date object to a string, but again it will use the full date format by default:

get date string of thedate "Thursday, 14 March, 2019"  

There is, however, a short date string property you can use:

get short date string of thedate "2019-03-14" 

Again, the output will depend on the format set in System Preferences.

  • AppleScript Language Guide: date

Python

Getting and parsing ISO dates with Python is (not surprisingly) easy.

$   python >>> import datetime >>> datetime.date.today().isoformat() '2019-03-14' >>> datetime.datetime.now().isoformat() '2019-03-14T09:03:24.107317' >>> datetime.datetime.now().replace(microsecond=0).isoformat() '2019-03-14T09:04:10'  

You can also parse an ISO string with python:

>>> datetime.datetime.strptime("2019-03-14T10:09:12", "%Y-%m-%dT%H:%M:%S") datetime.datetime(2019, 3, 14, 10, 9, 12) 

Swift

Swift uses the Date class to represent dates and times. There is a DateFormatter object which can convert Date objects to strings and back. There is also a dedicated, if awkwardly named, ISO8601DateFormatter class just for ISO dates and times.

let now = Date() print(ISO8601DateFormatter().string(from: now))  let pidaywithtime = ISO8601DateFormatter().date(from: "2019-03-14T15:09:26Z") 

You can even customize the behavior of the ISO8601DateFormatter:

let dateISOFormatter = ISO8601DateFormatter() dateISOFormatter.formatOptions = [ .withFullDate, .withDashSeparatorInDate] let piday = dateISOFormatter.date(from: "2019-03-14") 

Scripting OS X

Weekly News Summary for Admins — 2019-03-08

Steve Troughton-Smith gave us all a glimpse of the future this week as he documented how to already use the “Marzipan” framework that allows UIKit (iPad) apps to run on macOS. Even if you don’t develop it is worth browsing through those posts. You will get an interesting look at the features and limitations that ported apps will have.

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

MacAdmins on Twitter

  • Akshay Bakshi: “Coming soon to a Dock near you. New app icons in Office for Mac.… ”
  • Jeff Johnson: “The Mac App Store has put price pressure on Mac apps, but not as bad as in the iOS App Store. Mac app prices are still generally much higher on average than iOS app prices. Marzipan could change that though.” (Thread)
  • Timo Perfitt: “MDS was just approved in the app store. Didn’t expect this. I’m going to need a minute.… ”
  • Steve Troughton-Smith: “I had another go at making this work, and I got somewhere: here is AppleScript in a Marzipan app… ”
  • Otto the Automator: “Steve, that’s a beautiful thing to see. Thank you for making my day.… ”

Bugs and Security

Support and HowTos

Scripting and Automation

Updates and Releases

To Listen

Support

There are no ads on my webpage or this newsletter. If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Scripting OS X

Weekly News Summary for Admins — 2019-03-01

This week we got great posts from MacAdmins on bash, snapshots, bootstrappr, MDS, Fleetsmith, Intune with Munki, AutoPkgr with Jamf Cloud and more.

I am always intrigued at how diverse the MacAdmin community can be. Of course, all our lives rotate around the Apple platforms, but the approaches and tools today are more varied than they have ever been.

Apple may be drastically changing how we deploy Macs, but there are so many tools, both open and commercial, that are being created to fill the gaps or improve on existing tools. It is an exciting time to be a MacAdmin!

If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)

On Scripting OS X

News and Opinion

Support and HowTos

Scripting and Automation

Updates and Releases

To Listen

Support

There are no ads on my webpage or this newsletter. If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!

If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!

Scripting OS X

Install Bash 5 on macOS

The default bash on macOS is still bash v3:

$   bash --version GNU bash, version 3.2.57(1)-release (x86_64-apple-darwin18) Copyright (C) 2007 Free Software Foundation, Inc. 

Just recently, bash v5 was released. The discrepancy comes from the fact that bash has been licensed as GPL v3 since version 4. Apple does not include GPL v3 licensed tools with macOS.

However, nothing is keeping you from downloading and installing the latest bash version.

New features include, among many other things, associated arrays (i.e. dictionaries) and better auto-completion setup.

While you would think this is a common desire, most pages I have found will simply point to Homebrew to download and install a newer bash version.

The main challenge with using brew is that it does not work on the scale that MacAdmins require. brew is designed for single user installation, where the user has administrator privileges. brew’s workflows do not scale to large deployments controlled with a management system.

Ideally, there would be package installer for the latest bash version. Unfortunately, the bash project does not provide one.

In this post, I will show how you can install the latest bash version without brew and how to build an installer package for deployment.

Manual Installation

This requires Xcode or the Developer Command Line Tools to be installed.

First, download the source for the latest bash version from this page. As of this writing the latest version is bash-5.0 and the file you want is bash-5.0.tar.gz. Once downloaded, you can expand the archive in Finder by double-clicking.

Open a Terminal window and change directory to the newly expanded bash-5.0 directory. Then run the configure script there.

$   cd ~/Downloads/bash-5.0 $   ./configure 

The configure process will take a while, there will be plenty of messages showing progress.

Once the configure process is complete. You can build bash with the make command.

$   make

This will build the bash binary and the supporting files in the current directory. That’s not where we want it in the end, but it is probably a good idea see if the build process works. This will (again) take a while. There will be some odd looking warnings, but you can ignore those.

When make succeeds, you can actually install bash v5 with

$   sudo make install 

This will build and install the bash binary and supporting files in /usr/local/bin and /usr/local. sudo is required to modify /usr/local.

If you were just looking for a way to install bash v5 without brew, you are done!

There is more useful information in the rest of the post, though, so keep reading!

How the new and the old bash interact

By default, the bash v5 binary is called bash and will be installed in /usr/local/bin. The macOS default PATH lists /usr/local/bin before /bin where the default bash v3 binary, also called bash, is located.

This means, that when a user types bash in to a shell, the version in /usr/local/bin will be preferred over the pre-installed bash v3.

You can test this behavior in Terminal. Since the default shell has not yet been changed from /bin/bash the Terminal still opens to bash v3. You can test this by showing the BASH_VERSION environment variable:

$   echo $  BASH_VERSION 3.2.57(1)-release 

But when you then run bash it will invoke /usr/local/bin/bash, so it will run the new bash v5. It will show this in the prompt, but you can also verify the BASH_VERSION.

$   bash bash-5.0$   echo $  BASH_VERSION 5.0.0(2)-release 

This might be the setup you want, when you want to use bash v5 always. It might lead to some unexpected behavior for some users, though.

One option to avoid this ambiguity is to rename the binary in /usr/local/bin to bash5. But then other tools such as env (mentioned below) will not find the binary any more.

Note: the PATH in other contexts will likely not contain /usr/local/bin and further confuse matters.

bash v5 and Scripting

Scripts using bash, should have the full path to the binary in the shebang. This way, the script author can control whether a script is executed by the default bash v3 (/bin/bash) or the newer bash v5 (/usr/local/bin/bash or /usr/local/bin/bash5).

It is often recommended to use the env command in the shebang:

#!/usr/bin/env bash 

The env command will determine the path to the bash binary in the current environment. (i.e. using the current PATH) This is useful when the script has to run in various environments where the location of the bash binary is unknown, in other words across multiple Unix and Unix-like platforms. However, this renders the actual version of bash that will interpret the script unpredictable.

For example, assume you have bash v5 installed in the default configuration (as /usr/local/bin/bash. A script with the shebang #!/usr/bin/env bash launched in the user environment (i.e. from Terminal) will use the newer bash, as /usr/local/bin comes before /bin in the search order.

When you launch the same script in a different context, e.g. as an installation script, an AppleScript, or a management system, /usr/local/bin will likely not be part of the PATH in that environment. Then the env shebang will choose /bin/bash (v3). The script will be interpreted and might behave differently.

Administrators prefer certainty in their managed environments. Administrators should know the location and versions of the binaries on their systems. For management scripts, you should avoid env and use the proper full path to the desired interpreter binary.

The solutions to resolve the ambiguity are

  • use the full path to the binary in the shebang
  • manage and update the additional custom version of bash with a management system
  • (optional) rename the newer bash binary to bash5 or bash4 (this also allows you to have bash v4 and bash v5 available on the same system)
  • Scripting OS X: On the Shebang
  • Scripting OS X: Setting the PATH in Scripts

Changing a user’s default Shell to bash v5

Even though we have installed bash v5, the default shell of a new Terminal window will still use the built-in bash v3.

The path to the default shell is stored in the user record. You can directly change the UserShell attribute with dscl, in the ‘Advanced Options’ of the ‘Users & Groups’ preference pane, or in Directory Utility.

There is also a command to set the default shell:

$   chsh -s /usr/local/bin/bash Changing shell for armin. Password for armin:  chsh: /usr/local/bin/bash: non-standard shell 

The chsh (change shell) command will check for allowed shells in the /etc/shells file. You can easily append a line with /usr/local/bin/bash to this file, and then chsh will work fine.

$   chsh -s /usr/local/bin/bash Changing shell for armin. Password for armin:  

Note: if you choose to rename the bash binary, you have to use the changed name in /etc/shells and with chsh.

Remember that just running chsh will not change the shell in the current Terminal window. It is best to close the old Terminal window and open a new one to get the new shell.

Packaging bash v5 for mass deployment

While these steps to install and configure bash v5 on a single Mac are simple enough, they would not work well with a management system for hundreds or thousands of Macs. We want to wrap all the files that make install creates into a package installer payload.

The --help option of the configure script yields this useful information:

By default, make install' will install all the files in/usr/local/bin,/usr/local/libetc. You can specify an installation prefix other than/usr/localusing–prefix, for instance–prefix=$ HOME`.

When we run the configure script with the --prefix option it creates a folder suitable as a payload for a package installer. We can then use pkgbuild to build to create an installer pkg:

$   cd ~/Downloads/bash-5.0 $   mkdir payload $   ./configure --prefix=/Users/armin/Downloads/bash-5.0/payload $   make install $   pkgbuild --root payload --install-location /usr/local --identifier org.gnu.bash --version 5.0 bash-5.0.pkg pkgbuild: Inferring bundle components from contents of payload pkgbuild: Wrote package to bash-5.0.pkg 

(Note: the --prefix argument requires an absolute path.)

Automate the package creation

So, we have our workflow for building an installer package to distribute and configure bash v5:

  • download the archive
  • extract the archive
  • run configure with the --prefix argument
  • run make install to create the files in a payload folder
  • optional: rename the resulting bash binary to bash5 to avoid conflicts
  • add a postinstall script that adds /usr/local/bin/bash[5] to /etc/shells if not yet present
  • build the installer with pkgbuild

This sounds like a workflow ripe for automation. You can get the script from this repository.

You can pass a different (valid) bash version number as an argument to the script, e.g. 4.4.18. (I did not test anything significantly older.) The script does not autodetect the latest version and defaults to version 5.0 when no argument is given. When an update to bash v5 is published, you will have to modify the version line or run the script with an argument.

I have not (yet) figured out how to detect the latest version from the download web page. An autopkg recipe will have to wait for that. (If someone else wants to tackle that, please do!)

Scripting OS X