Hello Admin Friends!
I'm back again with another magical script to install Homebrew and deploy Homebrew packages silently on Mac devices directly via JumpCloud Commands without any enduser interaction.
Inspiration for portions of this script has been taken from homebrew-3.3.sh. Original script credit goes to Tony Williams (Honestpuck).
This script silently installs Homebrew as the most common local user. Below I've mentioned my system environment, where I tested the deployment. I highly advise to test the script on a test device first and chalk out a plan, before planning a mass deployment.
- MacBook Pro Intel running Sonoma 14.4.1, JumpCloud Agent-installed and enrolled in JumpCloud MDM.
- Device has an unmanaged local account with sudo/admin rights and a managed JumpCloud user account without sudo/admin rights. (following a typical setup we usually observe in corporate IT environments, local user account is just optional)
- Logged into the device as a managed user and the state of the system is afresh with no Xcode Tools, Homebrew or any other applications/updates installed.
In JumpCloud Commands section, configure the attached script to install Homebrew silently. This script is designed to add brew to the current user's PATH, but if a user has pre-existing CLI sessions open, the brew command may not be recognized. The user will need to relaunch their sessions (ex - zsh -l) or start a new session so that brew is seen in their PATH.
Install Script -
This script checks if Homebrew is already installed on the system, checks for the presence of Rosetta 2, which is necessary for running Intel-based software on Silicon Macs, checks for and installs Xcode Command Line Tools, in case if its missing, sets the Homebrew prefix based on the processor architecture, creates directories and sets permissions required by Homebrew and most importantly adds Homebrew to the user's PATH environment variable.
First, download the .sh script file from here as-is. Then in JumpCloud Commands, upload the script, set type as "Mac', run as 'root' and TimeOut set to '600' seconds, configure the below command:
chmod +x /tmp/brew_install.sh
sh /tmp/brew_install.sh
rm /tmp/brew_install.sh
Now the command is ready to be executed, run the command on a target device(s) as needed. Depending on the network speed, availability of dependencies, script takes time to completely execute. If the command has run successfully, Homebrew should be installed and the output of the command result would be:
Send the below command to verify successful installation of Xcode Command Tools and Homebrew by querying their versions. Command can be set to run as 'enduser' and the command results output the versions of the Xcode Command Tools and Homebrew installed on the device.
xcode-select -v
/opt/homebrew/bin/brew --version #for Silicon Macs
/usr/local/bin/brew --version #for Intel Macs
| NOTE - Going forward, depending on your Mac architecture, you may need to correct the PATH of Homebrew as it is installed at /opt/homebrew/bin/brew on Silicon Macs and /usr/local/bin/brew on Intel Macs. |
The output would reflect the version of the Xcode Command Tools and Homebrew installed, similar to this:
At this point we're ready to push brew commands on the endpoint. For e.g., let's deploy jq formula via Homebrew. jq is a lightweight and flexible command-line JSON processor. Setup the below command in JumpCloud Commands set to be run as the 'enduser' and NOT 'root'.
/opt/homebrew/bin/brew install jq #for Silicon Macs
/usr/local/bin/brew install jq #for Intel Macs
jq package would be installed and the command output would result like this:
Same can be reverified by querying the version of jq using the below command.
/opt/homebrew/bin/jq --version #for Silicon Macs
/usr/local/bin/jq --version #for Intel Macs
Here's the resultant output:
At this point, enduser can also run brew commands directly on the device from the Terminal.
At times, admins may also wish to deploy cask applications via Homebrew. Casks are basically applications on the device, and we can leverage JumpCloud Software Management to deploy apps on Mac endpoints through VPP or self-hosted apps or via private repository methods. However for advanced admins, who'd still like to leverage Homebrew to deploy applications, it can be achieved via JC Commands as well. But the caveat here is that the enduser may need to have time-based passwordless sudo/admin access to be able to install casks. This is due to a prerequisite of brew cask --install command, which requires sudo admin password.
Grant time-based passwordless sudo/admin access to the target user on their respective device. 10 minutes access would suffice.
Next, from here, copy the script in its entirety and deploy it in JumpCloud Commands. Before saving the Command, modify the PACKAGE_NAME with the required cask name as found in this list, set type as 'Mac', run as 'enduser' (who has been granted temporary passwordless sudo access) and Time Out set to 600 seconds.
For e.g., I have used 'google-drive' as an example to install Google Drive application on my endpoint via Homebrew.
Thats it! Homebrew is deployed and fully funcational on your Mac fleet. Hope this was helpful! Until next time... ๐
New to the site? Take a look at these additional resources:
Community created scripts:
Our new Radical Admin blog:
Keep up with Product News:
Ready to join us? You can register here.
