Google Packages and Munki
On a few machines, I've been getting Munki errors related to the Chrome Remote Desktop Host update packages, and the Google Drive FileStream packages. The packages fail when you disable the Keystone Agent via Profile or via the MasterDisable key in /Library/Preferences/com.google.Keystone.plist
. As we deploy these updates through Munki via AutoPkg, I found that I needed to disable the GoogleSoftwareUpdate package bundled with both of these.
Munki has the ability to modify the ChoiceChanges feature of installer packages to help customize your deployment. You can also test this outside with the installer
tool. The Munki wiki goes over this, but a brief summary is that you run -showChoicesXML
on the package to see which options are available to select or de-select. If the software developer was a good packager, you'll see choiceIdentifier
making sense (much like how the Munki packages are identified). Listed below are the outputs of -showChoicesXML
from Google Drive FileStream's package and Google Chrome Remote Desktop Host's package.
Google Drive FileStream
installer -showChoicesXML -pkg /Volumes/Install\ Google\ Drive\ File\ Stream/GoogleDriveFileStream.pkg
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<dict>
<key>childItems</key>
<array>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string></string>
<key>choiceIdentifier</key>
<string>installer_choice_1</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>0</integer>
<key>choiceTitle</key>
<string>Google Software Update</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Install%20Google%20Drive%20File%20Stream/GoogleDriveFileStream.pkg#Google_Software_Update.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string></string>
<key>choiceIdentifier</key>
<string>installer_choice_2</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>196075</integer>
<key>choiceTitle</key>
<string>Google Drive File Stream</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Install%20Google%20Drive%20File%20Stream/GoogleDriveFileStream.pkg#GoogleDriveFileStream.pkg</string>
</array>
</dict>
</array>
<key>choiceIdentifier</key>
<string>__ROOT_CHOICE_IDENT_DISTRIBUTION_TITLE</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>0</integer>
<key>choiceTitle</key>
<string>Google Drive File Stream</string>
<key>pathsOfActivePackagesInChoice</key>
<array/>
</dict>
</array>
</plist>
Google Chrome Remote Desktop Host:
installer -showChoicesXML -pkg /Volumes/Chrome\ Remote\ Desktop\ Host\ 70.0.3538.21/Chrome\ Remote\ Desktop\ Host.pkg
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<dict>
<key>childItems</key>
<array>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string></string>
<key>choiceIdentifier</key>
<string>installer_choice_1</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>0</integer>
<key>choiceTitle</key>
<string>Chrome Remote Desktop Host</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Chrome%20Remote%20Desktop%20Host%2070.0.3538.21/Chrome%20Remote%20Desktop%20Host.pkg#Chrome_Remote_Desktop_Host.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string></string>
<key>choiceIdentifier</key>
<string>installer_choice_2</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>0</integer>
<key>choiceTitle</key>
<string>Google Software Update</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Chrome%20Remote%20Desktop%20Host%2070.0.3538.21/Chrome%20Remote%20Desktop%20Host.pkg#GoogleSoftwareUpdate.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string></string>
<key>choiceIdentifier</key>
<string>installer_choice_3</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>86899</integer>
<key>choiceTitle</key>
<string>ChromeRemoteDesktopHostService</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Chrome%20Remote%20Desktop%20Host%2070.0.3538.21/Chrome%20Remote%20Desktop%20Host.pkg#ChromeRemoteDesktopHostService.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string></string>
<key>choiceIdentifier</key>
<string>installer_choice_4</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>174</integer>
<key>choiceTitle</key>
<string>ChromeRemoteDesktopHostUninstaller</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Chrome%20Remote%20Desktop%20Host%2070.0.3538.21/Chrome%20Remote%20Desktop%20Host.pkg#ChromeRemoteDesktopHostUninstaller.pkg</string>
</array>
</dict>
</array>
<key>choiceIdentifier</key>
<string>__ROOT_CHOICE_IDENT_DISTRIBUTION_TITLE</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>0</integer>
<key>choiceTitle</key>
<string>Chrome Remote Desktop Host</string>
<key>pathsOfActivePackagesInChoice</key>
<array/>
</dict>
</array>
</plist>
Looking at the snippets, you will see the choiceIdentifier
for the packages are super helpful installer_choice_1-4
. 😒 Thanks Google. Not only will your packages fail if the ksadmin
tool is disabled, but the installer choices requires more diving to figure out which option is which. Thankfully there is a file that helps with this. Some packages you can browse as a directory and you can navigate to the Distribution
XML file with no other work needed. As these packages are Flat Packages you will need to expand them with pkgutil --expand
flag in order to get access to the Distribution
file. Let's look at the Google Drive FileStream package as an example.
pkgutil --expand /Volumes/Install\ Google\ Drive\ File\ Stream/GoogleDriveFileStream.pkg ~/Desktop/GDFS
Looking in this file, you will see a lot of definitions that correlate to the Installer menu options.
<?xml version="1.0" encoding="UTF-8"?>
<installer-script authoringTool="Packages" authoringToolVersion="1.1.3" authoringToolBuild="2B112" minSpecVersion="1.0">
<options customize="never"/>
<volume-check script="volume_check()"/>
<!--+==========================+
| Presentation |
+==========================+-->
<title>DISTRIBUTION_TITLE</title>
<background file="background" scaling="proportional" alignment="bottomleft"/>
<!--+==========================+
| Installer |
+==========================+-->
<choices-outline>
<line choice="installer_choice_1"/>
<line choice="installer_choice_2"/>
</choices-outline>
<choice id="installer_choice_1" title="Google Software Update" description="">
<pkg-ref id="com.google.pkg.Keystone"/>
</choice>
<choice id="installer_choice_2" title="Google Drive File Stream" description="">
<pkg-ref id="com.google.drivefs"/>
</choice>
<!--+==========================+
| Package References |
+==========================+-->
<pkg-ref id="com.google.drivefs" version="27.1.49.2230" auth="Root" installKBytes="196075">#GoogleDriveFileStream.pkg</pkg-ref>
<pkg-ref id="com.google.pkg.Keystone" version="1.2.10.105" auth="Root" installKBytes="0">#Google_Software_Update.pkg</pkg-ref>
<!--+==========================+
| JavaScript Scripts |
+==========================+-->
<script>
CUT For Ease of Reading
You can now match up your -showChoicesXML
choiceIdentifier
's to the packages they reference. For Google Drive FileStream this is installer_choice_1
that we want to 'deselect'. Now we know what to add to the pkginfo
file. For Google Drive FileStream, you'll want to add this the pkginfo
file to turn off the KeyStone/GoogleSoftwareUpdate package.
<key>installer_choices_xml</key>
<array>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>installer_choice_1</string>
</dict>
</array>
You could also build this as a plist
and add it to the package through installer
with the -applyChoiceChangesXML
flag. This is effectively what Munki does to modify the installer package.
I've also updated my AutoPkg Recipe for GDFS to include this by default.
Pro Tip!
You can also open packages with Suspicious Package and view the Distribution
XML document under the packages Scripts tab!