Endpoint Standard: How to Perform an Unattended Installation of the Mac Sensor
Endpoint Standard (formerly CB defense): All Versions
Apple macOS: All Supported Versions
This document provides information on how to install CB endpoint standard sensor on an OS X/macOS endpoint remotely.
The sensor software package for OS X/macOS is delivered in a DMG file format (disk image). In order to perform a command line installation, you will need to extract the installation package and the installation script. The hdiutil command "mounts" the disk image in a virtual disk location, for example, "/Volumes/CbDefense-220.127.116.11/".
Make a copy of the files "CbDefense Install.pkg" and "cbdefense_install_unattended.sh" from the mounted disk image. These two files are needed for the target machine to install Confer Sensor Software. Copy these two files to the installation target OS X/macOS device, for example to "/tmp/" directory.
-rw-r--r--@ 1 user staff 21188558 Nov 20 21:44 /Volumes/CbDefense-18.104.22.168/CbDefense Install.pkg
-rwxr-xr-x 1 user staff 15226 Nov 20 21:44 /Volumes/CbDefense-22.214.171.124/docs/cbdefense_install_unattended.sh
Make sure to use the installation script (cbdefense_install_unattended.sh) that came with the Sensor version you are installing
Run the installation command remotely on the target OS X/macOS device and replace the string COMPANY_CODE with the correct Company Code for the sensor version you are installing.
Ensure that single quotes are always used for any parameter in the command line string. The use of double quotes anywhere in the command line string will cause a read failure from that point on in the command
Ensure that both files are copied to the target machine verbatim. Some file copy tools may not preserve the execute bit (+x) which will prevent "cbdefense_install_unattended.sh" from running
The command "confer_install_unattended.sh" supports additional installer options, use "-h" option to display the remaining options.
Under all conditions the "-i" option to provide the installer package, and the "-c" option to provide the COMPANY_CODE are required to execute the installer script successfully.