Carview!

CARVIEW

MOTORHOMES

Select Language

HTTP/2 301 server: nginx date: Sun, 25 Jan 2026 13:25:13 GMT content-type: text/html content-length: 162 location: https://managingosx.wordpress.com/feed/ x-ac: 3.bom _dca MISS alt-svc: h3=":443"; ma=86400 strict-transport-security: max-age=31536000 server-timing: a8c-cdn, dc;desc=bom, cache;desc=MISS;dur=229.0 HTTP/2 200 server: nginx date: Sun, 25 Jan 2026 13:25:13 GMT content-type: application/rss+xml; charset=UTF-8 vary: Accept-Encoding x-hacker: Want root? Visit join.a8c.com/hacker and mention this header. host-header: WordPress.com vary: accept, content-type last-modified: Sat, 19 Jul 2025 10:43:28 GMT x-nc: HIT dca 158 content-encoding: gzip x-ac: 2.bom _dca BYPASS alt-svc: h3=":443"; ma=86400 strict-transport-security: max-age=31536000 server-timing: a8c-cdn, dc;desc=bom, cache;desc=BYPASS;dur=231.0 Managing OS X https://managingosx.wordpress.com Trials and Tribulations of an OS X Administrator Thu, 20 Jul 2023 10:40:17 +0000 en hourly 1 https://wordpress.com/ https://s0.wp.com/i/buttonw-com.png Managing OS X https://managingosx.wordpress.com Links for PSU MacAdmins 2023: The Past, Present, and Future of Munki https://managingosx.wordpress.com/2023/07/20/links-for-psu-macadmins-2023-the-past-present-and-future-of-munki/ Thu, 20 Jul 2023 10:40:17 +0000 https://managingosx.wordpress.com/?p=1687 Here are links to things in my presentation at Penn State MacAdmins 2023:

]]> GregN PSU Mac Admins Conference 2023 https://managingosx.wordpress.com/2023/06/29/psu-mac-admins-conference-2023/ Thu, 29 Jun 2023 15:53:32 +0000 https://managingosx.wordpress.com/?p=1682 I had thought I wasn’t going to be able to attend or present at PSU Mac Admins this year — a bummer since I love the conference and it’s back in person for the first time since 2019. But some last minute developments — thank you, Fleet (https://fleetdm.com) — mean I will be able to be there, and I’ll be talking about the Past, Present and Future of Munki!

https://psumac2023.sched.com/event/1OIYF/the-past-present-and-future-of-munki

]]> GregN Ventura notes for Mac admins https://managingosx.wordpress.com/2022/10/10/ventura-notes-for-mac-admins/ Mon, 10 Oct 2022 19:40:34 +0000 https://managingosx.wordpress.com/?p=1673 macOS Ventura should be available soon. I talked about some issues that might affect you as a Mac admin last week at MacSysAdmin Online 2022:

https://www.macsysadmin.se/video/day3session7.mp4

Some Ventura topic timestamps:

18:38 Login items

22:09: Application update protections

24:00 Deferring Ventura issues

]]> GregN Munki and Ventura notes https://managingosx.wordpress.com/2022/06/14/munki-and-ventura-notes/ https://managingosx.wordpress.com/2022/06/14/munki-and-ventura-notes/#comments Tue, 14 Jun 2022 16:41:56 +0000 https://managingosx.wordpress.com/?p=1667 TL;DR:

It looks like Munki is going to need a signed binary and an MDM-delivered PPPC/TCC config profile to continue working properly on macOS Ventura.

Details

Last week was Apple’s Worldwide Developer Conference 2022. Among others things announced and introduced was macOS Ventura, or macOS 13.

As is not unusual for macOS releases, this release contains changes that may affect the functionality of Munki (and other similar tools).

Two changes in particular have the potential to affect Munki functionality (and there may be more, but these were discussed in WWDC sessions):

1) A new “Login Items” section in the System Settings (formerly System Preferences) application. This settings view allows users to easily disable Login Items, Launch Agents, and Launch Daemons. Users require admin rights to disable Launch Daemons. Since Munki makes heavy use of Launch Agents and Launch Daemons, a user could easily and trivially disable Munki from running. At present there appear to be no management options/tools to prevent this. File Feedback with Apple about how important managing would be to your organization.

2) A new privacy protection around “App Management”. This prevents software from changing or removing items from /Applications without user approval. Its effect on Munki can be subtle and easy to miss in simple testing.

On a fresh Ventura install, Munki can install software as it does under Monterey and earlier. But when updating or removing software, it may be blocked from making changes to apps in /Applications. Again, this can be easy to miss in testing. It’s common to have Terminal set for Full Disk Access, and also common for ssh to have Full Disk Access (via /usr/libexec/sshd-keychain-wrapper). Running managedsoftwareupdate via either of these methods will allow Munki to update and/or remove app bundles in /Applications. But Munki operations triggered via launchd jobs will fail to update or remove app bundles in /Applications.

Apple has not yet provided supported/documented management controls to affect or manage this behavior. It _appears_ at present that managing/allowing Full Disk Access will allow processes to update or remove app bundles in /Applications, but I’d really like to see official Apple documentation and recommendations on this topic.

It is possible to “pre-approve” binaries or apps for Full Disk Access via an MDM-delivered profile, but the binary or app must be signed. In the case of Munki, this will most likely have to take the form of a signed binary wrapper/launcher that calls munki-python and the needed Munki scripted tools.

But this surfaces another problem. I don’t want to sign this binary with my personal Apple Developer ID and then distribute that as part of the official Munki release. And (while I have not asked) I suspect my employer doesn’t want to publicly distribute a Munki binary signed by them. While orgs using Munki could sign the tool themselves (and some will), many orgs will find this hard to do. I’d like to find some way to have a “Munki Project” or “Mac Admins” identity for a publicly-distributed release of the Munki tools. If anyone has useful thoughts, ideas, or information on how that might happen, I’d greatly appreciate it.

(Original Google Groups posting here: https://groups.google.com/g/munki-dev/c/yRKhUGjNibY/m/eZ91OxZ5AAAJ)

]]> https://managingosx.wordpress.com/2022/06/14/munki-and-ventura-notes/feed/ 3 GregN Reaction to “Recognition, Retirement, and Remembrance” https://managingosx.wordpress.com/2021/07/19/reaction-to-recognition-retirement-and-remembrance/ Mon, 19 Jul 2021 23:18:50 +0000 https://managingosx.wordpress.com/?p=1659 Mac admins: if you haven’t already, read Anthony’s article here:

https://maclabs.jazzace.ca/2021/07/18/recognition-retirement-remembrance.html

His well-written, well-researched thoughts inspired some thoughts of my own.

It occurs to me that many of the “first” generation of Mac admins came from no-traditional backgrounds. This makes a bit of sense, since the Mac appealed to a new set of computer users.

My college degree was in Theater. I know many Mac admins who were (or are) musicians. Many many Mac admins come from Liberal Arts backgrounds or no college at all.

It’s far more common for “newer” Mac admins to come from more “traditional” backgrounds: they’ve studied computer science or software development.

Anecdotally, it seems to me that many of us who’ve come to this from non-traditional backgrounds are here for the long haul. One might speculate as to the reasons, but the fact remains that some of use have been doing this for _decades_.

It’s fantastic that we’re getting more people with deeper technical experience into the field — it’s what’s needed for the field to become more professional. Concepts like DevOps and Configuration Management and Version Control come from CompSci/Software development.

But: it also seems to me that admins coming from CompSci/software development backgrounds are far less likely to stay in the field long term. They are far more likely to move on to other things (bigger and better?!)

This, then, possibly presents another challenge for the community. Yes, we are starting to see a generational change, but we’re going to see faster “churn” overall.

We’re going to see new admins contribute exciting new things, but we’re also going to see those admins not stick around as long to shepherd what they’ve contributed.

Just as Anthony doesn’t really have any answers on how the community should deal with the generational change, I also don’t (yet at least) have any real suggestions on how the community should adapt to faster “churn”.

I do hope, however, that the community will take this opportunity to start talking about the changes and what can be done.

]]> GregN Munki news https://managingosx.wordpress.com/2020/11/29/munki-news/ Mon, 30 Nov 2020 00:58:30 +0000 https://managingosx.wordpress.com/?p=1647 Official release of Munki 5.2:
https://github.com/munki/munki/releases/tag/v5.2.0

Early experimental build of Munki 5.3:
https://github.com/munki/munki/releases/tag/v5.3.0a1

]]> GregN Munki 5.1.2 Official Release https://managingosx.wordpress.com/2020/11/12/munki-5-1-2-official-release/ Thu, 12 Nov 2020 17:56:22 +0000 https://managingosx.wordpress.com/?p=1644 https://github.com/munki/munki/releases/tag/v5.1.2

This is the official release of Munki 5.1.2: an update to the Munki tools.
There are two changes in this release from version 5.1.1:

• Code signing has been removed from files in the embedded Python framework; the existing code signing was broken because of the process making the framework relocatable.

• When importing a Big Sur installer, the pkginfo will reflect the 35.5GB required space for upgrading from macOS Sierra or later. (See https://support.apple.com/en-us/HT211238): https://github.com/munki/munki/commit/0714196b87e35b2862723a66bc5a95e736d8449b

The main focus for the Munki 5.1.x releases is compatibility with macOS Big Sur, but there are other changes.

See release notes for Munki 5.1 (https://github.com/munki/munki/releases/tag/v5.1.0) and 5.1.1 (https://github.com/munki/munki/releases/tag/v5.1.1) for more details on those changes.

See https://github.com/munki/munki/wiki/Munki-5-Information for information on the changes in Munki 5.

]]> GregN Munki 5.2 release candidate https://managingosx.wordpress.com/2020/11/11/munki-5-2-release-candidate/ Thu, 12 Nov 2020 04:19:49 +0000 https://managingosx.wordpress.com/?p=1642 Find out more here: https://github.com/munki/munki/releases/tag/5.2.0RC1

]]> GregN Munki 5.2 Beta 4 https://managingosx.wordpress.com/2020/11/09/munki-5-2-beta-4/ Mon, 09 Nov 2020 16:09:04 +0000 https://managingosx.wordpress.com/?p=1640 Let’s hope this is the last beta! https://github.com/munki/munki/releases/tag/v5.2.0b4

]]> GregN Munki 5.2 Beta 1 https://managingosx.wordpress.com/2020/10/08/munki-5-2-beta-1/ Fri, 09 Oct 2020 05:09:48 +0000 https://managingosx.wordpress.com/?p=1638 Check it out: https://github.com/munki/munki/releases/tag/v5.2.0b1

]]> GregN

Original Source | Taken Source