Worklet: Suppress macOS Catalina Upgrade Notifications

macOS Catalina has arrived and as you may know, Apple sends upgrade notifications to all macOS devices soon after release. While Automox will be compatible with macOS Catalina shortly after it’s public release, you may not be.

notification
sw_upd_catalina

Apple installs this upgrade notifier via Apple Software Update. If you are using an internal Software Update Server, you can remove the update macOSInstallerNotification_GM and ‘macOS Catalina’ from scope, if not you can tell your macOS devices to ignore this update.

If you’re reading this too late and the update has already installed, this script will still remove the notifier bundle.

Check script:

#!/bin/bash

set -e

############################################################################
# suppress_macOS_upgrade_notifications_check
#
# exit 0 = upgrade notifier is not installed AND is not pending installation
# exit 1 = upgrade notifier is installed OR pending installation
############################################################################

# Exit if Apple's notifier is pending installation
/usr/bin/python <<EOF
import sys
from Foundation import CFPreferencesCopyAppValue

ignored_updates = CFPreferencesCopyAppValue('InactiveUpdates', 'com.apple.SoftwareUpdate')
if 'macOSInstallerNotification_GM' and 'macOS Catalina' not in ignored_updates:
	sys.exit(1)
EOF

# Exit if Apple's notifier is installed
if [ -e /Library/Bundles/OSXNotification.bundle ]; then
	exit 1
fi

exit 0

Remediation script:

#!/bin/bash

set -e

############################################################################
# suppress_macOS_upgrade_notifications_check_remediate
#
# exit 0 = upgrade notifier is not installed AND is not pending installation
# exit 1 = upgrade notifier is installed OR pending installation
############################################################################

# Return 1 if notifier update is not ignored by softwareupdate
sw_update=$(/usr/bin/python <<EOF
import sys
from Foundation import CFPreferencesCopyAppValue

ignored_updates = CFPreferencesCopyAppValue('InactiveUpdates', 'com.apple.SoftwareUpdate')
if 'macOSInstallerNotification_GM' and 'macOS Catalina' not in ignored_updates:
	print(1)
else:
	print(0)
EOF
)

# ignore notifier from softwareupdate
if [[ $sw_update -eq 1 ]]; then
	/usr/sbin/softwareupdate --ignore 'macOSInstallerNotification_GM' 'macOS Catalina' 1>/dev/null
fi

# Move notifier to Disabled folder if it exists
if [ -e /Library/Bundles/OSXNotification.bundle ]; then
	mkdir /Library/Bundles/Disabled
	mv /Library/Bundles/OSXNotification.bundle /Library/Bundles/Disabled/
fi

exit 0