Skip to main content

Remove Contents of a distribution package

Yesterday I got a request to create a VPN AnyConnect package where client asked to remove some of the contents from the file and repackage it with the preconfigured server settings.

This is what it looked like:

Clients demand was to remove 'Web Security', 'Diagnostic and Reporting Tool' & 'Posture' leaving only VPN in the package. So there are again, two options, take a snapshot using FileWave or Casper and create the package, which any kid can do or try the more advance way of doing it.

There is an advance way of doing this - Flatten the package make the changes and Unflatten it again.

Steps:

1. Run the command to open the package using pkgutil

2. Make the changes, delete the unwanted stuffs (the selected ones in this example)

4. Just leave the VPN items:

5. Check if there is anything else the is requested by the client or something under cleanup activity. In this specific example you need to modify the Distibution file.

Have a glance at this file and you will make out what modification is needed:

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<installer-gui-script minSpecVersion="1">
    <title>AnyConnect Secure Mobility Client</title>
    <background file="pkg_background.png" scaling="proportional" alignment="bottomleft"/>
    <license file="License.rtf"/>
    <options customize="always" rootVolumeOnly="true" hostArchitectures="i386"/>
    <choices-outline>
        <line choice="choice_vpn"/>
        <line choice="choice_websecurity"/>
        <line choice="choice_dart"/>
        <line choice="choice_posture"/>
    </choices-outline>
    <choice id="choice_vpn" start_enabled="choice_vpn_enabled()" enabled="choice_vpn_enabled()" start_selected="choice_vpn_selected(true)" selected="choice_vpn_selected(false)" title="VPN" description="Installs the module that enables VPN capabilities.">
        <pkg-ref id="com.cisco.pkg.anyconnect.vpn"/>
    </choice>
    <choice id="choice_websecurity" title="Web Security" description="Installs the WebSecurity module that enables cloud scanning of web content to protect against malware and enforce acceptable use policies via the ScanSafe cloud proxies.">
        <pkg-ref id="com.cisco.pkg.anyconnect.websecurity"/>
    </choice>
    <choice id="choice_dart" title="Diagnostics and Reporting Tool" description="Installs the diagnostics module that collects AnyConnect Secure Mobility Client troubleshooting information.">
        <pkg-ref id="com.cisco.pkg.anyconnect.dart"/>
    </choice>
    <choice id="choice_posture" title="Posture" description="Installs the module that provides the AnyConnect Secure Mobility Client with the ability to identify the operating system, antivirus, antispyware, and firewall software installed on the host prior to creating a remote access connection to the secure gateway.">
        <pkg-ref id="com.cisco.pkg.anyconnect.posture"/>
    </choice>
    <pkg-ref id="com.cisco.pkg.anyconnect.vpn" version="3.1.05187" installKBytes="12252">#vpn_module.pkg</pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.dart" version="3.1.05187" installKBytes="1457">#dart_module.pkg</pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.websecurity" version="3.1.05187" installKBytes="3104">#websecurity_module.pkg</pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.posture" version="3.1.05187" installKBytes="6211">#posture_module.pkg</pkg-ref>
    <installation-check script="InstallationCheck()"/>
    <volume-check script="VolumeCheck()"/>
    <script>
    function InstallationCheck()
    {
        if(!(system.compareVersions(system.version.ProductVersion, '10.6') >= 0))
        {
            my.result.title = 'Cisco AnyConnect Secure Mobility Client';
            my.result.message = 'This software requires Mac OS X version 10.6 or later.';
            my.result.type = 'Fatal';
            return false;
        }

        return true;
    }
    
    function VolumeCheck()
    {
        // version of VPN being installed has to be higher than the version already installed

        var vpnReceipt = my.target.receiptForIdentifier("com.cisco.pkg.anyconnect.vpn");
        var vpnPackage = choices.choice_vpn.packages[0];

        // if the receipt is not there assume no VPN installed or pre-3.1.1 version so it is OK to install
        if (vpnReceipt)
        {
            // there is a 3.1.1+ version of VPN already installed
            // check to see if version in this package is newer
            var comparison = system.compareVersions(vpnReceipt.version, vpnPackage.version);

            if (comparison > 0)
            {
                // installed version is newer
                my.result.message = 'Newer version ' + vpnReceipt.version + ' of the Cisco AnyConnect Secure Mobility Client is already installed.';
                my.result.type = 'Fatal';
                return false;
           }
        }

        return true;
    }

    function choice_vpn_enabled()
    {
        return (!choices.choice_websecurity.selected &amp;&amp; !choices.choice_posture.selected);      
    }

    function choice_vpn_selected(isStart)
    {
        var tSelected;

        tSelected=((choices.choice_websecurity.selected || choices.choice_posture.selected) || (!choices.choice_websecurity.selected &amp;&amp; !choices.choice_posture.selected));

        if (choice_vpn_enabled()==false || isStart==true)
        {
            return tSelected;
        }

        return (tSelected &amp;&amp; my.choice.selected);
    }
    </script>
    <pkg-ref id="com.cisco.pkg.anyconnect.vpn">
        <bundle-version>
            <bundle CFBundleShortVersionString="3.1" CFBundleVersion="1" id="com.cisco.Cisco-AnyConnect-Secure-Mobility-Client" path="Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app"/>
            <bundle CFBundleVersion="3.1.05187" id="com.yourcompany.vpndownloader" path="opt/cisco/anyconnect/bin/vpndownloader.app"/>
            <bundle CFBundleVersion="3.1.05187" id="com.cisco.uninstaller" path="Applications/Cisco/Uninstall AnyConnect.app"/>
        </bundle-version>
    </pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.websecurity">
        <bundle-version/>
    </pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.dart">
        <bundle-version>
            <bundle CFBundleShortVersionString="3.1.05187" id="com.cisco.Cisco-AnyConnect-DART" path="Applications/Cisco/Cisco AnyConnect DART.app"/>
        </bundle-version>
    </pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.posture">
        <bundle-version/>
    </pkg-ref>
</installer-gui-script>

6. Flatten the package again using pkgutil with desired contents

This .pkg file is ready for deployment using any tool of your choice.

Note: I understand that the complete pkgutil commands are missing in the post but I believe it is better you search and try it yourself. wink Here is the man pages for pkgutil. At this stage, more you study, the more you learn.

Comments

Post a Comment

Popular posts from this blog

An introduction to Mac OS X Server

Mac OS X server is combination of Power and Style. It derives power from its strong UNIX base and the style comes from well known Apple GUI. This combination makes Mac OS X Server one of the robust server available in present time. Mac OS X Server is built on a fully compliant UNIX foundation. This battle-tested core provides the stability, performance, and security that organizations require. And full UNIX conformance ensures compatibility with existing server and application software. Mac OS X Server is the ideal platform for deploying groundbreaking enterprise applications and services. The kernel in Mac OS X Server provides superior thread management and affinity algorithms for efficient handling of multithreaded applications on the latest generation of Intel multicore processors. It also provides precise control of real-time processing requirements, allowing a user-level thread — even an unprivileged one — to precisely specify its requirements for time-sensitive operations...
3 comments
Read more

ENTOURAGE TROUBLESHOOTING: CRASHES WHILE LAUNCHING - II

Entourage Crashing due to Fonts There are two fonts that are known to be one of the most popular reasons of Entourage crashing. The first one is Helvetica Fractions which is majorly responsible to cause problems, the second is Times Phonetic. In order to fix this issue, don't just disable these fonts in Font Book, but physically remove them from your system and try to launch Entourage again. Other discussed reasons are database , schedules and duplicate daemons .
Post a Comment
Read more

MANAGING YOUR MAILING LISTS

How to set up Mailing List Manager? Before we move ahead lets be clear about what a mailing list is all about? These are groups over the net that you join and they send mails to you, generally they come in bulk so it is a wise idea to create a seperate folder for this so that your inbox is never over limit. It is recommended to subscribe to a mailing list as it is a good source of information and knowledge. Here is an example of a mailing list and its subscription. Under mailing list manager rules, there is an option selecting which you can run more rules under one MLM ( Mailing List Manager ). Process to setup MLM: 1. Launch Entourage and select a mail that you have received from the mailing list. 2. Go to 'Tools' from the menu bar and select 'New'. 3. MLM is smart enough to fill up most of the feilds by itself, but make sure from your end that the the feilds entered is according to your preference. 4. Now it will allow you to add new folder to transfer mails coming f...
Post a Comment
Read more