Apple releases OS updates periodically to fix bugs or strengthen the security of the released versions of the OS. Organizations prefer their devices to have the latest available OS. However, deploying OS updates can be a cumbersome task. This document provides two methods to update macOS devices; Update OS and OS upgrade via policies and by deploying scripts. This document contains the scripts and methods of deploying the scripts via Jamf.
It should be noted at this point that this document outlines methods for updating the current OS that is currently on the device (Update OS) and upgrading to a different OS (Upgrade) for example upgrading from Big Sur to Ventura.
Firstly, we will discuss updating the current OS.
Script to Update OS
To simply list available updates for the current OS version of your device, in Terminal use the command:
| softwareupdate -l |
To install all available updates listed with the above command and restart the system when installation is complete, use the following command:
| softwareupdate -i -a -restart |
To avoid running two commands separately, you can use a combination of these commands to Update MacOS:
| #!/bin/bash getosupd=$(softwareupdate -l | grep “OS NAME” | awk NR==1 | cut -d ‘ ‘ -f 3-) softwareupdate -i “$getosupd” -R |
Example of OS NAME: “Ventura” “Big Sur”
The above script uses a combination of commands and tools to update the OS to the latest version of macOS available. Listed below outlines what the different aspects of the script do.
softwareupdate –l command is used to fetch the list of all available software updates.
grep “OS NAME” scans the list for available versions of macOS. You may replace “OS NAME” in the above code with an OS version name suitable for your use case.
awk NR==1 filters the updated list to the latest version.
cut –d ‘ ‘ -f 3- further processes the output to contain only the OS name identifier.
Finally, we pass the OS name identifier as an argument $getosupd with the softwareupdate command to install the specified OS version. The -i command installs the OS and the -R command can be added to automatically restart the system when the OS installation is complete.
Secondly, let’s discuss how to upgrade from one OS to another.
Below is the basic script for downloading and installing the corresponding operating system.
Script to Upgrade MacOS
| #!/bin/bash osVersion=<OS Version> installerPath=”” majorVersion=$(echo $osVersion | cut -d “.” -f 1) minorVersion=$(echo $osVersion | cut -d “.” -f 2) if [ $majorVersion == “12” ];then installerPath=”install macOS Monterey.app” elif [ $majorVersion == “11” ];then installerPath=”Install macOS Big Sur.app” elif [ $minorVersion == “13”* ];then installerPath=”Install macOS Ventura.app” fi fullPath=”/Applications/$installerPath/Contents/Resources/startosinstall” softwareupdate –fetch-full-installer –full-installer-version $osVersion echo <Password> | “$fullPath” –agreetolicense –forcequitapps –nointeraction –user <Username> –stdinpass |
Note: the <OS Version> is to be replaced with the required OS version, i.e., the version to which the OS should be updated. Likewise, <Username> and <Password> should be replaced with the username and password of the admin, respectively.
This script receives the required OS version as input, installing the corresponding version’s installer app and initiates the update installation. For example, if the admin enters 12.1 as the required OS version, the macOS Monterey installer app will be installed, and once the admin credentials are given, the update will begin to install.
Deployment of Updates and Upgrades
You need to create two separate policies that will allow you to update and upgrade MacOS via Jamf.
The first policy allows the current OS to be updated.
Deployment of MacOS Update
Log onto Jamf
Go to Policies
Select: New
Display Name: MacOS Update
Category: Operating System
Trigger: Recurring Check-In or Custom (updateos)
Script: MacOS Update
Scope: Add OS Deployment as a test environment, specific Computers or Groups
Select Save
This policy should then deploy automatically as an on-going update process or you can trigger it in Terminal using the command:
sudo jamf policy -trigger %custom trigger name%
The second policy is to upgrade from one operating system to the next.
Deployment of MacOS Upgrade
Log onto Jamf
Go to Policies
Select: New
Display Name: MacOS Upgrade
Category: Operating System
Trigger: Recurring Check-In or Custom (macosupgrade)
Script: MacOS Upgrade – %OS Version%
Scope: Add OS Deployment as a test environment, specific Computers or Groups
Select Save
This policy should then deploy automatically or trigger it on Terminal
sudo jamf policy -trigger %custom trigger name%
Note: It is worth setting the policy to run out of hours as not to disrupt users.
Further Information
Here is a step-by-step guidance to better understand the process to upgrade the OS:
To list all available OS versions for installation, use the following command –
| #!/bin/bashsoftwareupdate –list-full-installers | grep ‘macOS’ | awk ‘{print ++count ” ” $0}’ |
You could also just run the command to list all installers and check if installers are available for the latest OS version for your device.
| softwareupdate –list-full-installers |
Fetch the installer app to your device using the command:
| softwareupdate –fetch-full-installer |
Using this command, you can fetch a specific OS version of the installer app from the list that had been displayed earlier, for instance, version 12.1:
| softwareupdate –fetch-full-installer –full-installer-version 12.1 |
David Williams Technical 