Home Forums OS X Server and Client Discussion Updates softwareupdate scripting

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
  • #368636

    Hey, all,

    Anyone out there got any automated softwareupdate scripts they want to share? Here’s one I wrote. Not even remotely pretty, and all are welcome to dissect it. What can I say? I’m a bash rookie…

    A forewarning about the script, though. This script is kicked off via cron every night at 1:15 AM. We’ve got 1500 OS X-capable Macs, and each school has pretty limited bandwidth. As such, my thought was to randomize the day the script runs softwareupdate (statistically giving softwareupdate a 20% chance of running each night). Also, to try to prevent a bunch of machines hammering the network all at the same time, there’s a section that randomizes (within an hour) when softwareupdate actually kicks off.

    It works, it’s ugly, but hey… It works.

    If you do end up using this script, I only ask that you give credit where credit’s due.

    Happy scripting, all!


    # This script attempts to call softwareupdate, checks if reboots are necessary,
    # then runs the softwareupdate command, rebooting if necessary. If reboots
    # are not necessary, it exits after the install.

    # Written by:
    # Dave Bruhn
    # Durham Public School District
    # Durham, NC

    # Rewritten slightly by Eric Frost, IBM, Inc.

    # Variables and such
    trap ‘rm -rf $tmp_file’ EXIT

    # Bandwidth is at a premium. Let’s play the lottery and see if updates run today.

    let “random_day %= $RANGE”

    echo “Random number is $random_day.”

    if [ $random_day != “3” ]
    echo “Today is not the day. Bye-bye.”
    exit 0

    # Clocks tend to get skewed. Let’s clean this up.
    /usr/sbin/ntpdate -u

    # Need to offset the start time of this script.
    # First, generate random number. This will be number of seconds.
    let “offset_time %= $RANGE”

    # Let the script sleep for the offset time so we don’t hammer our bandwidth
    echo “Software Update will sleep for $offset_time seconds. Please hold.”
    sleep $offset_time

    # And we’re off. Run software update and wait until done.
    /usr/sbin/softwareupdate -l > $tmp_file
    reboot=$(/usr/bin/grep “restart” $tmp_file | /usr/bin/wc -w)
    echo “Restart is $reboot”
    found_updates=$(/usr/bin/grep “found the following” $tmp_file | /usr/bin/wc -w)
    echo “Updates found is $found_updates”
    /bin/rm -rf $tmp_file

    if [ $found_updates = “0” ]
    echo “No updates found. Exiting.”
    if [ $reboot = “0” ]
    echo “Updates found, but no reboot required. Installing now.”
    /usr/sbin/softwareupdate -i –all
    echo “Updates found, reboot required. Installing now.”
    /usr/sbin/softwareupdate -i –all

    exit 0


    Wow… dozens and dozens of views over the last month, and no takers? Come on, someone out there MUST have written a script! 🙂


    You should probably add this to the top of the script:
    [code]export COMMAND_LINE_INSTALL=1
    export USER=foo[/code]
    User foo is any account that can login.

    This will resolve problems with iTunes upgrades.


    Would it make a difference that this script is being run from /etc/periodic/daily/?


    No. This should be set in the script no matter where it is run from. Except if you run it from the Terminal while you are logged into an account.


    Awesome. I’ll add it to my script and, of course, test it before I deploy it. 😉


    Couple of questions/suggestions: are you obtain software updates from Apple or are you running your own software update server? If you are obtaining updates from Apple, you might want to consider having your own software update server to pull updates from Apple and then the clients pulling from the local network server (this will save your WAN bandwidth).

    Regarding your script, have you tried running with launchd instead of cron? Launchd provides more flexibility. Here is a link for a graphic user interface for launchd: http://tuppis.com/lingon/


    The script written above was originally intended for an environment that did not have a software update server available. Therefore, managing what updates got deployed was not really feasible.

    The purpose for writing the script was because of the fact that teachers would often not run updates, or there would be only one teacher per building that would run them. As such, it was written to be a timesaver for those teachers (and for myself), as well as to make sure that at least SOME updates would be installed. Granted, a few updates from Apple have had less-than-desirable results, but those have been few and far between.

    We never added any cron entries for this script. We simply dropped it into /etc/periodic/daily so that it’d kick off at the default of 3:15 AM. This time was perfect as it was early enough in the day that it would not affect school hours or affect the required nightly bandwidth for other school-related functions.

    However, I am working on a new endeavor involving backups for FileVault-enabled user accounts, and we’re intending to use launchd for that. Your link proves quite helpful in that regard, so thanks! 🙂

Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.

Comments are closed