Cylance Deployment on macOS • The Occasional Buzz  <meta name="title" content="Cylance Deployment on macOS • The Occasional Buzz"> <meta name="description" content="Cylance Deployment on macOS"> <meta name="author" content="Ryan Buzzell">  <meta property="og:type" content="article"> <meta property="og:url" content="https://astro.buzzell.io/post/cylance-deployment-on-macos/"> <meta property="og:title" content="Cylance Deployment on macOS"> <meta property="og:description" content="Cylance Deployment on macOS"> <meta property="og:image" content="https://astro.buzzell.io/_astro/brett-jordan-eYNcM172214-unsplash.-PTFfpr0.jpg"> <meta property="article:author" content="Ryan Buzzell"> <meta property="article:published_time" content="2017-08-03T04:00:00.000Z">  <meta property="twitter:card" content="summary_large_image"> <meta property="twitter:url" content="https://astro.buzzell.io/post/cylance-deployment-on-macos/"> <meta property="twitter:title" content="Cylance Deployment on macOS"> <meta property="twitter:description" content="Cylance Deployment on macOS"> <meta property="twitter:image" content="https://astro.buzzell.io/_astro/brett-jordan-eYNcM172214-unsplash.-PTFfpr0.jpg">  <link rel="alternate" type="application/rss+xml" title="The Occasional Buzz" href="/rss.xml">

I at one point had a Cylance package and needed to figure out how to mass deploy it.

The manual install directions it came with were

Download the package
Open terminal and run

cd ~/Downloads/
cat > cyagent_install_token <<EOF
B39D7692-572F-41D4-BBC8-3D8F39E542DE
Other-Bit-Of-Info
EOF
sudo installer -pkg CylancePROTECT.pkg -target /

Profit

This was an overly manual process for what needs to be a Munki based deployment. Upon using Suspicous Package to look at the postinstall script I noticed these blocks of code

#!/bin/sh

INSTALL_TOKEN_FILE="/tmp/YvUnIpzc2omyt1ln"
if ! [ -e "$INSTALL_TOKEN_FILE" ]
then
	INSTALL_TOKEN_FILE="$(/usr/bin/dirname "$PACKAGE_PATH")/cyagent_install_token"
fi

if [ -e "/tmp/YvUnIpzc2omyt1ln" ]
then
   /bin/rm /tmp/YvUnIpzc2omyt1ln
fi

Ah-ha! It has a hardcoded location where it expects that file to exist. All we have to do is write a preinstall script in Munki that makes that file exist.

#!/bin/sh

cat > /tmp/YvUnIpzc2omyt1ln << EOF
B39D7692-572F-41D4-BBC8-3D8F39E542DE
Other-Bit-Of-Info
EOF

After testing it appers this was all it took to get it to deploy with Munki.

Photo by Brett Jordan on Unsplash