joshua-d-miller · October 22, 2023 11:13
diff --git a/MontereyPostInstall.sh b/MontereyPostInstall.sh
 #!/bin/sh
 : '
 ------------------------
  Penn State MacAdmins
 ------------------------
 Performs the following:
  - Installs the latest version of macOS by using the current copied
  version from munki
 Sources:
  - https://scriptingosx.com/2019/09/get-current-user-in-shell-scripts-on-macos/
  - https://www.xmodulo.com/catch-handle-errors-bash.html
 -----------------------------------------------
  Joshua D. Miller - [email protected]
  Last Updated - February 23, 2022
 -----------------------------------------------
 '

 macOSVersion="Monterey"
 ### Get Current Architecture ###
 ARCH=$(/usr/bin/arch)
 ### Set macOS Installer Path ###
 STARTOSINSTALL_PATH="/Applications/Install macOS "$macOSVersion".app/Contents/Resources/startosinstall"
 ### Create jamf Dialog to block user access ###
 ## Set our Variables for the window ##
 TITLE="macOS Upgrade"
 ICON="/Applications/Install macOS "$macOSVersion".app/Contents/Resources/ProductPageIcon.icns"
 HEADING="macOS Device Upgrade"
 DESCRIPTION="Please be patient as we begin the upgrade process of your machine.
 Once the machine reboots, the upgrade process can take up to an hour to complete."

 ### jamf Full Screen Dialog function ###
 jamf_dialog () {
  /Library/Application\ Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper \
  -windowType fs -title "$TITLE" \
  -icon "$ICON" \
  -heading "$HEADING" \
  -description "$DESCRIPTION" &
 }
 ### Verify Volume Ownership of Current User ###
 verify_volume_owner () {
  ## Grab the Current Users allowed to unlock the disk and output to temporary PLIST ##
  DISKUTIL_PATH="/private/tmp/diskutil.plist"
  CRYPTO_PLIST=$(/usr/sbin/diskutil apfs listCryptoUsers / -plist > $DISKUTIL_PATH)
  ## Start Counter ##
  COUNTER=0
  declare -i CRYPTO_USER_COUNT=$(/usr/bin/xmllint --xpath 'count(//plist/dict/array/dict)' $DISKUTIL_PATH)
  while [[ $COUNTER -le $CRYPTO_USER_COUNT ]]
  do
      ## Get List Item UUID ##
      CRYPTO_USER_UUID=$(/usr/libexec/PlistBuddy -c "print :Users:$COUNTER:APFSCryptoUserUUID" $DISKUTIL_PATH)
      if [[ "$CRYPTO_USER_UUID" == "$CURRENT_USER_UUID" ]]
      then
        VOLUME_OWNER_STATUS=$(/usr/libexec/PlistBuddy -c "print :Users:$COUNTER:VolumeOwner" $DISKUTIL_PATH)
        if [[ $VOLUME_OWNER_STATUS == true ]]
        then
          /bin/echo "$CURRENT_USER is a Volume Owner"
          return true
        else
          /bin/echo "$CURRENT_USER is NOT a Volume Owner. Exiting"
          return false
        fi
      else
        COUNTER=$((COUNTER + 1))
        continue
      fi
  done

 }

 ### Install macOS function ###
 install_macOS () {
  ### Install macOS based on architecture ###
  if [ "$ARCH" == "arm64" ]
  then
    ### Get the current user logged in and password ###
    CURRENT_USER=$(/bin/echo "show State:/Users/ConsoleUser" |
                   /usr/sbin/scutil | /usr/bin/awk
                   '/Name :/&&!/loginwindow/{print $3}')
    ## Get User ID ##
    USER_ID=$(/usr/bin/id -u "$CURRENT_USER")
    ## Verify Disk Ownership ##
    USER_CAN_START_UPGRADE=verify_volume_owner
    if [[ $USER_CAN_START_UPGRADE == true ]]
    then
      ## Get Password ##
      PASSWORD="$(/bin/launchctl "asuser" "$USER_ID" sudo -u "$CURRENT_USER" /usr/bin/osascript -e '
        display dialog "Please enter your current macOS Password:"
        default answer ""
        with title "Upgrade macOS"
        with text buttons {"OK"}
        default button 1 with hidden answer' -e '
        return text returned of result')"
      PASSWORD=$(printf '%s\n' "$PASSWORD" | sed -e 's/[]\/$*.^[]/\\&/g')
      /bin/echo "$PASSWORD" | "$STARTOSINSTALL_PATH" --agreetolicense --forcequitapps --user "$CURRENT_USER" --stdinpass
    else
      /bin/echo "Unable to initiate upgrade of macOS as this device is an Apple Silicon device and user $CURRENT_USER does not have the ability to unlock the disk."
      return 1
    fi
  else
    "$STARTOSINSTALL_PATH" --agreetolicense --forcequitapps
  fi
 }

 jamf_dialog
 if ! install_macOS
 then
    /bin/echo "Unable to start the upgrade process. Exiting..."
    /usr/bin/killall jamfHelper
    exit 1
 fi

 exit 0
	#!/bin/sh
	: '
	------------------------
	Penn State MacAdmins
	------------------------
	Performs the following:
	- Installs the latest version of macOS by using the current copied
	version from munki
	Sources:
	- https://scriptingosx.com/2019/09/get-current-user-in-shell-scripts-on-macos/
	- https://www.xmodulo.com/catch-handle-errors-bash.html
	-----------------------------------------------
	Joshua D. Miller - [email protected]
	Last Updated - February 23, 2022
	-----------------------------------------------
	'

	macOSVersion="Monterey"
	### Get Current Architecture ###
	ARCH=$(/usr/bin/arch)
	### Set macOS Installer Path ###
	STARTOSINSTALL_PATH="/Applications/Install macOS "$macOSVersion".app/Contents/Resources/startosinstall"
	### Create jamf Dialog to block user access ###
	## Set our Variables for the window ##
	TITLE="macOS Upgrade"
	ICON="/Applications/Install macOS "$macOSVersion".app/Contents/Resources/ProductPageIcon.icns"
	HEADING="macOS Device Upgrade"
	DESCRIPTION="Please be patient as we begin the upgrade process of your machine.
	Once the machine reboots, the upgrade process can take up to an hour to complete."

	### jamf Full Screen Dialog function ###
	jamf_dialog () {
	/Library/Application\ Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper \
	-windowType fs -title "$TITLE" \
	-icon "$ICON" \
	-heading "$HEADING" \
	-description "$DESCRIPTION" &
	}
	### Verify Volume Ownership of Current User ###
	verify_volume_owner () {
	## Grab the Current Users allowed to unlock the disk and output to temporary PLIST ##
	DISKUTIL_PATH="/private/tmp/diskutil.plist"
	CRYPTO_PLIST=$(/usr/sbin/diskutil apfs listCryptoUsers / -plist > $DISKUTIL_PATH)
	## Start Counter ##
	COUNTER=0
	declare -i CRYPTO_USER_COUNT=$(/usr/bin/xmllint --xpath 'count(//plist/dict/array/dict)' $DISKUTIL_PATH)
	while [[ $COUNTER -le $CRYPTO_USER_COUNT ]]
	do
	## Get List Item UUID ##
	CRYPTO_USER_UUID=$(/usr/libexec/PlistBuddy -c "print :Users:$COUNTER:APFSCryptoUserUUID" $DISKUTIL_PATH)
	if [[ "$CRYPTO_USER_UUID" == "$CURRENT_USER_UUID" ]]
	then
	VOLUME_OWNER_STATUS=$(/usr/libexec/PlistBuddy -c "print :Users:$COUNTER:VolumeOwner" $DISKUTIL_PATH)
	if [[ $VOLUME_OWNER_STATUS == true ]]
	then
	/bin/echo "$CURRENT_USER is a Volume Owner"
	return true
	else
	/bin/echo "$CURRENT_USER is NOT a Volume Owner. Exiting"
	return false
	fi
	else
	COUNTER=$((COUNTER + 1))
	continue
	fi
	done

	}

	### Install macOS function ###
	install_macOS () {
	### Install macOS based on architecture ###
	if [ "$ARCH" == "arm64" ]
	then
	### Get the current user logged in and password ###
	CURRENT_USER=$(/bin/echo "show State:/Users/ConsoleUser" \|
	/usr/sbin/scutil \| /usr/bin/awk
	'/Name :/&&!/loginwindow/{print $3}')
	## Get User ID ##
	USER_ID=$(/usr/bin/id -u "$CURRENT_USER")
	## Verify Disk Ownership ##
	USER_CAN_START_UPGRADE=verify_volume_owner
	if [[ $USER_CAN_START_UPGRADE == true ]]
	then
	## Get Password ##
	PASSWORD="$(/bin/launchctl "asuser" "$USER_ID" sudo -u "$CURRENT_USER" /usr/bin/osascript -e '
	display dialog "Please enter your current macOS Password:"
	default answer ""
	with title "Upgrade macOS"
	with text buttons {"OK"}
	default button 1 with hidden answer' -e '
	return text returned of result')"
	PASSWORD=$(printf '%s\n' "$PASSWORD" \| sed -e 's/[]\/$*.^[]/\\&/g')
	/bin/echo "$PASSWORD" \| "$STARTOSINSTALL_PATH" --agreetolicense --forcequitapps --user "$CURRENT_USER" --stdinpass
	else
	/bin/echo "Unable to initiate upgrade of macOS as this device is an Apple Silicon device and user $CURRENT_USER does not have the ability to unlock the disk."
	return 1
	fi
	else
	"$STARTOSINSTALL_PATH" --agreetolicense --forcequitapps
	fi
	}

	jamf_dialog
	if ! install_macOS
	then
	/bin/echo "Unable to start the upgrade process. Exiting..."
	/usr/bin/killall jamfHelper
	exit 1
	fi

	exit 0