Creating a wrapper package for a choices.xml file

In a previous article, I discussed creating a choices.xml file to control what gets installed by a vendor package.  I briefly touched on how to use the choices.xml file, but don’t give much detail.  In this post, I will spell out how to put the vendor package and choices.xml file in a wrapper package for deployment through anything that handles packages.

For my example, I will be using Cisco’s AnyConnect 4.8 package and a choices.xml file to only install the VPN portion.  Using Stéphane Sudre’s Packages application, create a new raw package project. Screen Shot 2020-03-17 at 12.38.06 PM Give it a useful name and decide where to save the project. Screen Shot 2020-03-17 at 12.38.24 PMYou can set Settings how you like, but the defaults generally work for what we are doing.

Everything in this exercise will be in the Scripts tab. Screen Shot 2020-03-17 at 12.58.09 PMDrag the AnyConnect.pkg and your choices.xml to the Additional Resources area.  You can name your xml file anything you want.  For example, I have choicesForAnyConnectVPN.xml and choicesForAnyConnectUmbrella.xml for 2 different package projects.  For AnyConnect, I also want to install our vpn configuration, so I add a Profiles folder with the vpn folder and the configuration in there.

Screen Shot 2020-03-17 at 12.57.51 PM

My company’s VPN requires a certificate, so that is added as well.Screen Shot 2020-03-17 at 1.38.57 PM.png

The AnyConnect.pkg already looks for the Profiles directory in the same directory as the package. Now we need a post installation script to tell the installer binary to use our choices.xml file.  The first step is to find the path to the resources area, which is created by the installer process and cleaned up automatically.  The post install script will be running from that directory, so we can find the path with ​dirname.  Then we tell installer about the choices.xml, the vendor package, and the target volume.  Lastly, I add the certificate to the System Keychain.

Once the postinstall.sh is created, drag it to the Post-installation well, save your package, and build it. Screen Shot 2020-03-17 at 1.39.44 PM.pngI then sign my packages with a certificate from my company’s Apple developer account.

Lastly, a note about the target for installer. You could put / in for the target, but if there is a chance this package will be installed while booted from something other than the internal drive (much more common in the era of imaging), the package will be installed to the boot volume, not the correct target.  Using $3 means put it on the target volume.  Rich Trouton mentions it under Installer Script Variables here.  There are also mentions in the old PeachPit Mac OS X Deployment book.  [edit]And thanks to Scripting OS X for the pointer to double quote $3 in the post install script.  In these cases (where it isn’t /) it will likely expand to /Volumes/Macintosh HD/​ and the space will cause a problem if not quoted.  He also points out that I hard coded the path to the System Keychain, butsecurity won’t be happy if $3 isn’t /, so this isn’t as flexible as I intended.

One thought on “Creating a wrapper package for a choices.xml file

  1. Pingback: Using installer choices.xml to modify AnyConnect and McAfee deployments | My Thoughts

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s