Post Tagged with: "Munki"

Arbitrary Code via Puppet instead of Jamf (Pro)

Arbitrary Code via Puppet instead of Jamf (Pro)

If you are familiar with Jamf Pro’s (formerly the JSS/Casper Suite’s) model of smart groups and extension attributes (or EA’s), they provide a way to run code that can (among other things) inventory the state of a computer. Every recon run, they run the provided scripts configured server-side, and through […]

Read more

Proactive Mac Security, Introduction

Proactive Mac Security, Introduction

Let’s say your company is a place where no one works day-to-day logged in as an admin on their Mac. Everybody in this environment is also a computer expert, and therefore aren’t as prone to tomfoolery such as letting family members use their login to play Chrome games, and of […]

Read more

Ep. 3 – Fuse to the MDM Powder Keg

Welcome to the first episode of the 2016 edition or the Frogor 45. Pardon that we’re going to need a bit of time between our episodes from here on. We have a special guest, Pepijn Bruienne, who will be discussing things both MDM and DEPy. Other topics include: bsdpy Swift […]

Read more

Ep.2 – Thang

We’re trying to keep a good pace with these, and this week we have a little game: every time one of us says ‘thing’, take a drink. Thanks to Peter Bukowinski for the new artwork, Aaron Lippincott as always for mastering the audio, and Tiki for the sound effects. It’s […]

Read more

Thunderstrike Need-To-Know

Thunderstrike Need-To-Know

When we heard about the ‘bootkit’ exploit branded Thunderstrike having the potential to remove all of your security controls it was pretty disturbing. Luckily Apple controls a relatively small number of models, and released a patch for several affected CPU versions, bundling it with 10.10.2 so as to lessen┬áthe number […]

Read more

Enhancing Sal with Facter and Profiles

In a previous post, I showed how to set up Sal. Sal‘s basic functionality is useful on its own, for the basic Munki reporting – what are the completed installs, pending updates, what OS versions, how many devices checked in the past 24 hours, etc. In this post, I’m going […]

Read more

Running Munki with Puppet SSL Client Certificates

Previously, I showed how you can run Munki in a Docker container. Then, I talked about how to build Munki to use Puppet for SSL certificates. Assuming you’ve got a running Puppetmaster image (which I talked about building here), let’s run the Munki-Puppet image we just built. Running the Container: […]

Read more

Building Munki with Puppet for SSL Client Certificates

Note: this is based on the README for the Munki-SSL docker container. In a previous post, we ran a Docker container serving Munki repo content via Nginx. That works fine, but only serves insecure HTTP content. It’s generally in everyone’s best interest to use a secure connection between the Munki […]

Read more

Running Munki in Docker

In the previous post, I built a container that serves static files at http://munki/repo using Nginx. Now that we have build the Docker image, let’s put it to use. Data Containers We’re going to hook up the Munki image to a data-only container. Data-only containers are a way of keeping […]

Read more

Building Munki with Docker

Munki is an incredible tool for Mac software deployment, and the setup process is fairly straightfoward – configure a web server, create your repo, run the tools to populate it with software, and configure clients. It’s the “configure a web server” aspect that may give some pause, as setting up […]

Read more