Skip to main content

Remove Contents of a distribution package

Yesterday I got a request to create a VPN AnyConnect package where client asked to remove some of the contents from the file and repackage it with the preconfigured server settings.

This is what it looked like:

Clients demand was to remove 'Web Security', 'Diagnostic and Reporting Tool' & 'Posture' leaving only VPN in the package. So there are again, two options, take a snapshot using FileWave or Casper and create the package, which any kid can do or try the more advance way of doing it.

There is an advance way of doing this - Flatten the package make the changes and Unflatten it again.

Steps:

1. Run the command to open the package using pkgutil

2. Make the changes, delete the unwanted stuffs (the selected ones in this example)

4. Just leave the VPN items:

5. Check if there is anything else the is requested by the client or something under cleanup activity. In this specific example you need to modify the Distibution file.

Have a glance at this file and you will make out what modification is needed:

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<installer-gui-script minSpecVersion="1">
    <title>AnyConnect Secure Mobility Client</title>
    <background file="pkg_background.png" scaling="proportional" alignment="bottomleft"/>
    <license file="License.rtf"/>
    <options customize="always" rootVolumeOnly="true" hostArchitectures="i386"/>
    <choices-outline>
        <line choice="choice_vpn"/>
        <line choice="choice_websecurity"/>
        <line choice="choice_dart"/>
        <line choice="choice_posture"/>
    </choices-outline>
    <choice id="choice_vpn" start_enabled="choice_vpn_enabled()" enabled="choice_vpn_enabled()" start_selected="choice_vpn_selected(true)" selected="choice_vpn_selected(false)" title="VPN" description="Installs the module that enables VPN capabilities.">
        <pkg-ref id="com.cisco.pkg.anyconnect.vpn"/>
    </choice>
    <choice id="choice_websecurity" title="Web Security" description="Installs the WebSecurity module that enables cloud scanning of web content to protect against malware and enforce acceptable use policies via the ScanSafe cloud proxies.">
        <pkg-ref id="com.cisco.pkg.anyconnect.websecurity"/>
    </choice>
    <choice id="choice_dart" title="Diagnostics and Reporting Tool" description="Installs the diagnostics module that collects AnyConnect Secure Mobility Client troubleshooting information.">
        <pkg-ref id="com.cisco.pkg.anyconnect.dart"/>
    </choice>
    <choice id="choice_posture" title="Posture" description="Installs the module that provides the AnyConnect Secure Mobility Client with the ability to identify the operating system, antivirus, antispyware, and firewall software installed on the host prior to creating a remote access connection to the secure gateway.">
        <pkg-ref id="com.cisco.pkg.anyconnect.posture"/>
    </choice>
    <pkg-ref id="com.cisco.pkg.anyconnect.vpn" version="3.1.05187" installKBytes="12252">#vpn_module.pkg</pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.dart" version="3.1.05187" installKBytes="1457">#dart_module.pkg</pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.websecurity" version="3.1.05187" installKBytes="3104">#websecurity_module.pkg</pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.posture" version="3.1.05187" installKBytes="6211">#posture_module.pkg</pkg-ref>
    <installation-check script="InstallationCheck()"/>
    <volume-check script="VolumeCheck()"/>
    <script>
    function InstallationCheck()
    {
        if(!(system.compareVersions(system.version.ProductVersion, '10.6') >= 0))
        {
            my.result.title = 'Cisco AnyConnect Secure Mobility Client';
            my.result.message = 'This software requires Mac OS X version 10.6 or later.';
            my.result.type = 'Fatal';
            return false;
        }

        return true;
    }
    
    function VolumeCheck()
    {
        // version of VPN being installed has to be higher than the version already installed

        var vpnReceipt = my.target.receiptForIdentifier("com.cisco.pkg.anyconnect.vpn");
        var vpnPackage = choices.choice_vpn.packages[0];

        // if the receipt is not there assume no VPN installed or pre-3.1.1 version so it is OK to install
        if (vpnReceipt)
        {
            // there is a 3.1.1+ version of VPN already installed
            // check to see if version in this package is newer
            var comparison = system.compareVersions(vpnReceipt.version, vpnPackage.version);

            if (comparison > 0)
            {
                // installed version is newer
                my.result.message = 'Newer version ' + vpnReceipt.version + ' of the Cisco AnyConnect Secure Mobility Client is already installed.';
                my.result.type = 'Fatal';
                return false;
           }
        }

        return true;
    }

    function choice_vpn_enabled()
    {
        return (!choices.choice_websecurity.selected &amp;&amp; !choices.choice_posture.selected);      
    }

    function choice_vpn_selected(isStart)
    {
        var tSelected;

        tSelected=((choices.choice_websecurity.selected || choices.choice_posture.selected) || (!choices.choice_websecurity.selected &amp;&amp; !choices.choice_posture.selected));

        if (choice_vpn_enabled()==false || isStart==true)
        {
            return tSelected;
        }

        return (tSelected &amp;&amp; my.choice.selected);
    }
    </script>
    <pkg-ref id="com.cisco.pkg.anyconnect.vpn">
        <bundle-version>
            <bundle CFBundleShortVersionString="3.1" CFBundleVersion="1" id="com.cisco.Cisco-AnyConnect-Secure-Mobility-Client" path="Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app"/>
            <bundle CFBundleVersion="3.1.05187" id="com.yourcompany.vpndownloader" path="opt/cisco/anyconnect/bin/vpndownloader.app"/>
            <bundle CFBundleVersion="3.1.05187" id="com.cisco.uninstaller" path="Applications/Cisco/Uninstall AnyConnect.app"/>
        </bundle-version>
    </pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.websecurity">
        <bundle-version/>
    </pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.dart">
        <bundle-version>
            <bundle CFBundleShortVersionString="3.1.05187" id="com.cisco.Cisco-AnyConnect-DART" path="Applications/Cisco/Cisco AnyConnect DART.app"/>
        </bundle-version>
    </pkg-ref>
    <pkg-ref id="com.cisco.pkg.anyconnect.posture">
        <bundle-version/>
    </pkg-ref>
</installer-gui-script>

6. Flatten the package again using pkgutil with desired contents

This .pkg file is ready for deployment using any tool of your choice.

Note: I understand that the complete pkgutil commands are missing in the post but I believe it is better you search and try it yourself. wink Here is the man pages for pkgutil. At this stage, more you study, the more you learn.

Comments

Post a Comment

Popular posts from this blog

MAKING A FILE/FOLDER INVISIBLE

How to hide a file/folder using Terminal This is one of the greatest technique that I ever came across, I had to share my Mac in office and was curious about hiding confidential data. This was when I started exploring and finally came up with this solution. These commands are to be typed in Terminal. To make a file or folder invisible in Mac OS X Finder setfile -a V testfile.txt Here is goes, the file or folder is no longer visible via the Finder GUI, though it will be by Terminal. Your files are still there and you can find them via the command line and will show with an ls command. If you want your files and folders to be visible again, use this command: To make a file or folder visible again in Mac OS X Finder setfile -a v testfile.txt Now the file/folder will be visible again to the Finder, cool isn't it? Please Note: setfile is a command line utility included in Apple’s Developer Tools, which is a highly recommended optional install included on any Mac OS X install...
4 comments
Read more

ENTOURAGE TROUBLESHOOTING: CRASHES WHILE LAUNCHING - II

Entourage Crashing due to Fonts There are two fonts that are known to be one of the most popular reasons of Entourage crashing. The first one is Helvetica Fractions which is majorly responsible to cause problems, the second is Times Phonetic. In order to fix this issue, don't just disable these fonts in Font Book, but physically remove them from your system and try to launch Entourage again. Other discussed reasons are database , schedules and duplicate daemons .
Post a Comment
Read more

An introduction to Mac OS X Server

Mac OS X server is combination of Power and Style. It derives power from its strong UNIX base and the style comes from well known Apple GUI. This combination makes Mac OS X Server one of the robust server available in present time. Mac OS X Server is built on a fully compliant UNIX foundation. This battle-tested core provides the stability, performance, and security that organizations require. And full UNIX conformance ensures compatibility with existing server and application software. Mac OS X Server is the ideal platform for deploying groundbreaking enterprise applications and services. The kernel in Mac OS X Server provides superior thread management and affinity algorithms for efficient handling of multithreaded applications on the latest generation of Intel multicore processors. It also provides precise control of real-time processing requirements, allowing a user-level thread — even an unprivileged one — to precisely specify its requirements for time-sensitive operations...
3 comments
Read more