Using Munki’s nopkg to Push User Level Profiles

Posted: July 24th, 2015 | Author: | Filed under: Mac OS X, munki | Tags: | No Comments »

I recently needed to push some user level profiles, CardDAV to be specific. I use Meraki MDM but the custom mobileconfig profile would only install as a device profile. So I turned to my new munki install instead. Check out this post here if you’re not familiar with nopkg http://grahamgilbert.com/blog/2014/07/27/personal-automation-munki-part-2/

 

First make sure you know the unique identifier of your profile, for an example we’ll use com.company.carddav

First create a folder on your munki repo called profiles then copy the profile into this folder.

Use the following bash scripts in your pkginfo files to check, install, and uninstall the profile as you need

<key>installcheck_script</key>
<string>#!/bin/bash
USER=`/usr/bin/who | grep console | cut -d ' ' -f1`
sudo /usr/bin/profiles -P | grep com.company.carddav | grep $USER
if [ $? -eq 0 ]; then
exit 1
else
exit 0
fi


<key>postinstall_script</key>
<string>#!/bin/bash
USER=`/usr/bin/who | grep console | cut -d ' ' -f1`
/usr/bin/curl -L1 http://munki.yourmunkirepo.com/profiles/com.company.carddav.mobileconfig -o /tmp/profile.mobileconfig
sudo -u $USER /usr/bin/profiles -L -I -F /tmp/profile.mobileconfig
exit 0


<key>uninstall_method</key>
<string>uninstall_script</string>
<key>uninstall_script</key>
<string>#!/bin/bash
USER=`/usr/bin/who | grep console | cut -d ' ' -f1`
/usr/bin/curl -L1 http://munki.yourmunkirepo.com/profiles/com.company.carddav.mobileconfig -o /tmp/profile.mobileconfig
sudo -u $USER /usr/bin/profiles -L -R -F /tmp/profile.mobileconfig
exit 0