Jump to content
Kaspersky Support Forum

How to generate an installation package [KES for Mac]

svc_kms

Entry posted by svc_kms in How-to

5 views

 Share

Intro

This instruction describes how to create an installation package (.pkg) for the MacOS operating system from the standalone installation package of Kaspersky Endpoint Security for Mac.

You may need to create such a package to automate the installation of Kaspersky Endpoint Security software via third-party systems (e.g. AirWatch).

Details

Files

Munki tool (with predefined files)

Prerequisites

  • Kaspersky Security Center
  • MacOS machine
  • Python must be installed

Usage

Unzip the file munki-munki-pkg-e018bf1.zip to Desktop.

Open Terminal and navigate to the directory munki-munki-pkg-e018bf1

cd /Users/John/Desktop/munki-munki-pkg-e018bf1

Copy the built standalone installation package (kesmac11.2.1.145.sh) to the postinstall file in the kesmac/scripts/ directory:

cp kesmac11.2.1.145.sh kesmac/scripts/postinstall

Modify the code of the standalone installation package with the vim editor

vi kesmac/scripts/postinstall

Replace the section in the file  to the modified section (note that the line "#!/bin/sh" must be the first line in the file, there must be no empty lines before it):

nagent/scripts/postinstall (new) 
#!/bin/sh
 
logfile="/tmp/kesmac11.2.1.1450.log"
wstrUnpackTempPath="${TMPDIR:-/tmp}"/"$(date '+%d.%m_%H.%M.%S.%N')"
 
if [ -f "$logfile" ]; then
    rm -f "$logfile"
fi
 
ExitWithError()
{
    echo "Clean temporary directory '$wstrUnpackTempPath'" >> $logfile
        rm -rf "$wstrUnpackTempPath"
        echo "$2" >> $logfile
        exit $1
}
 
rm -rf "$wstrUnpackTempPath"
mkdir "$wstrUnpackTempPath" || ExitWithError 1 "Failed to create temporary directory '$wstrUnpackTempPath': error = $?"
 
echo "Unpack archive to '$wstrUnpackTempPath'..." >> $logfile
archive_marker_line=$(grep -an '^CCFAFCA1-F619-4618-B8C1-107EF7694A0C-ARCHIVE:$' "$0" | cut -d : -f 1 | tail -1)
tail -n +$((archive_marker_line + 1)) "$0" | tar -xzf - -C "$wstrUnpackTempPath" > /dev/null || ExitWithError 1 "Failed to unpack archive: error = $?"
 
echo "Found installer..." >> $logfile
wstrExecName=$(grep -o -r "--include=*.kud" "--include=*.kpd" '^Executable=.*\.sh' $wstrUnpackTempPath | sed 's/.*=//' | sed 's/.*[\\/]//')
[ ! -z "$wstrExecName" ] || ExitWithError 1 "Installer not found"
 
echo "Found parameters..." >> $logfile
wstrParams=$(grep -o -r "--include=*.kud" "--include=*.kpd" '^Params=.*' $wstrUnpackTempPath | sed 's/.*=//' | sed 's/\r//')
 
echo "Run package installer '$wstrExecName $wstrParams' ..." >> $logfile
sh "$wstrUnpackTempPath/$wstrExecName" $wstrParams >> $logfile || ExitWithError $? "Installation failed: error = $?"
 
echo "Product successfully installed!" >> $logfile
ExitWithError 0 ""

Add the execution bit:

chmod +x kesmac/scripts/postinstall

You can also change the metadata (if needed) in the nagent/build-info.plist file

Change meta 
<key>version</key>
<string>11.2.1.145</string> // version of package
<key>name</key>
<string>Kaspersky Endpoint Security.pkg</string> // name of package
<key>identifier</key>
<string>com.kaspersky.kesmac</string> // identifier of package

Perform the assembly:

./munkipkg kesmac

The built package will be available in the kesmac/build directory with the name <name of package from build-info.plist>.pkg

Important

Before installing, a configuration profile must be installed: https://support.kaspersky.com/kes11mac/settings/15647

The configuration profile contains settings that are only allowed through User Approved Mobile Device Management (UAMDM), so when you apply the configuration profile locally on the device, the error "Profile installation failure. System profile required. User profiles are not supported". To avoid the error, use the remote administration utility.

When installing a .pkg built this way, MacOS may give an error that the package has been signed by an unauthorized developer. It is necessary to allow it to run in OS.

The installation log will be saved to the file /tmp/kesmac11.2.1.1450.log

 Share

0 Comments

Recommended Comments

There are no comments to display.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...