Automator application to run script as root

I was recently asked to create a shortcut on our users’ Desktops to kick off the High Sierra install. We are caching the installer through our management system. In the past I have created a shortcut to the installer on their Desktop, but that required them to click through the many continue buttons. This method will use the startosinstall script from Slack member @bp to start the install with minimal user interaction.
I wrap that shell script (with the appropriate modifications for my environment) in an Automator application, but to have the script run as root, I call it with Run AppleScript using the do shell script ... with administrator privileges form.
AutomatorInstaller.png
The full AppleScript is

on run {input, parameters}
set myPath to POSIX path of (path to me)
set upgradeScript to myPath & "Contents/Resources/HighSierra_Upgrade.sh"
do shell script quoted form of upgradeScript with administrator privileges
return input
end run

First the script finds the path to the Automator application and then I define the script to run based on that. This lets me embed the script in the application itself for easy deployment. To embed the script, save the Automator application somewhere. Then right click it and choose Show Package Contents. This will open a Contents folder. Expand that and find Resources. Copy the shell script into there. Keep in mind any time you change the Automator workflow and re-save you will need to re-copy the script into the application bundle.
ApplicationBundle.png
Then to finish off the application to look nice, open the Get Info window of the application and of the actually Install macOS High Sierra.app. Click once on the icon of the real installer to highlight it and copy it (command-C). Then click once on the icon of our Automator application to select it and paste the copied icon (command-V). Now our application has the nice installer icon for it.

CopyIcon.png

When the user runs this they will prompted for the credentials to run the script as root. Then they will be prompted by the script for their password to setup a FileVault authenticated restart. If I could figure out a way to combine those, it would make the process smoother, but I’m not sure if it is possible.

AuthForsudo.png

AuthForRestart.png

PleaseWait.png

After that, the system reboots and the user sees the standard ‘Installing: About X minutes remaining’.

Advertisements

3 thoughts on “Automator application to run script as root

  1. Heyas – it looks like you might be using Jamf from the last screenshot (jamfhelper?). If you’re running Jamf Pro 10, you could put the installer policy in Self Service and get a URL that opens Self Service and runs that policy automatically:

    http://docs.jamf.com/10.0.0/jamf-pro/administrator-guide/Making_Items_Available_to_Users_in_Jamf_Self_Service_for_macOS.html

    There’s a section on that page; Item URLs

    An AppleScript with:
    do shell script “open ”

    might work (haven’t tested but would be really interested).

    • Thank you, I didn’t want to get into it in the post, but the upgrade is already in self service… There is a feeling that it is too hard/complex/many steps for some of our users and an excuse they are using for delaying the update. The thought is an icon on the desktop is “easier”. Although an icon that opens the right place in Self Service is interesting on its own. I’ll look into that.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s