Hello, I am currently researching to develop an application where I want to apply the MacOS updates without the password prompt shown to the users.
I did some research on this and understand that an MDM solution can apply these patches without user intervention.
Are there any other ways we can achieve this? Any leads are much appreciated.
OK.
Next, I’d like to clarify this:
I want to apply the MacOS updates without the password prompt shown to the users.
Without prompting for a password ever? Or without prompting for each update?
Doing the latter is perfectly feasible. When the user initially installs your app, you install a daemon that manages the update process. That daemon has elevated privileges, and thus doesn’t need to prompt the user for each update.
Note These days I recommend that you use SMAppService to update your daemon. See BSD Privilege Escalation on macOS for links to docs and lots of other options.
Doing it without ever prompting for a password is trickier. Most apps are installed in the Applications folder, and /Applications is a privileged location:
% ls -ld /Applications
drwxrwxr-x 89 root admin 2848 22 Jul 17:19 /Applications
So if your app is installed in the Applications folder, you might find yourself in a situation where you have to escalate privileges, and that requires at least one user prompt.
Still, Mac apps don’t need to be in the Applications folder, so if you put the app elsewhere, like ~/Applications, then privilege escalation isn’t required to update.
Notwithstanding the above, I consider an app updating itself without telling me to be really bad form. So thinking carefully about the user impact before heading down this path.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"