Upgrade to Pro — share decks privately, control downloads, hide ads and more …

A Patch Deep Dive

Jamf
October 25, 2018
Technology
1
200

A Patch Deep Dive

Presentation from JNUC 2018, the world's largest rally of Apple IT administrators.

Session:
A Patch Deep Dive

Presented by:
Duncan McCracken, Mondada Pty Ltd
Luckie Vang, Jamf

View all session slides, recordings and more at https://www.jamf.com/events/jamf-nation-user-conference/2018/.

Jamf

October 25, 2018
Tweet

More Decks by Jamf

See All by Jamf
MDM for Everyone
jamf
0
83
Off-boarding in a Modern Deployment
jamf
0
430
Sharing Control to Improve Process and Relationships
jamf
0
31
Roll Your Own Configuration Profiles
jamf
0
370
Teaching the Teacher: Leveraging Jamf and Apple Resources for Professional Development with iPad
jamf
0
61
Jamf@SAP: Journey to 100,000 Mobile Devices
jamf
0
180
What's in the Blue Bin: Recycled Malware
jamf
0
190
Who's Afraid of the Command Line
jamf
0
150
Your Internal Beta Test Program: Opt-in/Opt-out via Self Service
jamf
0
120

Other Decks in Technology

See All in Technology
Amplify Gen2を 拡張してみよう JAWS-UG北陸新幹線 ( 福井開催 ) 2024-04-06/Let's extend Amplify Gen2
fossamagna
0
270
Databricks におけるデータエンジニアリング
databricksjapan
0
270
インシデントレスポンスのライフサイクルを廻すポイントってなに / Pinpoints of Incidentresponse Lifecycle for Operation
sakaitakeshi
0
260
Data and AI Governance: Existing Challenges and Emerging Trends
scotthsieh825
0
120
コンパウンドスタートアップのためのスケーラブルでセキュアなInfrastructure as Codeパイプラインを考える / Scalable and Secure Infrastructure as Code Pipeline for a Compound Startup
yuyatakeyama
0
240
Microsoft Cloudで 開発ライフサイクルを保護する
kkamegawa
0
130
Tebiki株式会社 エンジニア採用資料
tebiki
0
4k
日本におけるデータエンジニアリングのこれまでとこれから
foursue
4
460
キャラクター制御のためのプロンプト術 for LINE Bot
uezo
0
480
TiUG #1 HBaseからTiDBへの移行を選んだ理由
watanori
0
130
Autonomous Database Cloud 技術詳細 / adb-s_technical_detail_jp
oracle4engineer
PRO
13
35k
次世代Web認証「パスキー」 / mo-zatsudan-passkey
nkzn
22
13k

Featured

See All Featured
GraphQLの誤解/rethinking-graphql
sonatard
49
9.2k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
34
8.8k
Testing 201, or: Great Expectations
jmmastey
27
6.3k
GraphQLとの向き合い方2022年版
quramy
29
12k
Designing Experiences People Love
moore
135
23k
How to Ace a Technical Interview
jacobian
272
22k
Principles of Awesome APIs and How to Build Them.
keavy
119
16k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
13
1.5k
How To Stay Up To Date on Web Technology
chriscoyier
781
250k
Designing for Performance
lara
601
67k
Building Better People: How to give real-time feedback that sticks.
wjessup
352
18k
Gamification - CAS2011
davidbonilla
76
4.6k

Transcript

  1. None

  2. © JAMF Software, LLC Duncan McCracken Co-Founder / Technical Director

    Mondada Pty Ltd Luckie Vang Test Engineer Jamf

  3. © JAMF Software, LLC A Patch Deep Dive Presentation agenda:

    About Version Control Jamf Patch History External Patch Endpoints Connecting to an External Source External Patch Source Projects

  4. © JAMF Software, LLC A Patch Deep Dive Presentation agenda:

    Structure of a Patch Definition Creating Patch Definitions Pre-supplied Patch Definitions

  5. © JAMF Software, LLC About Version Control Not as simple

    as it seems on the surface

  6. © JAMF Software, LLC About Version Control • Where is

    the information stored? Not as simple as it seems on the surface

  7. © JAMF Software, LLC About Version Control • Default Location


    <App Bundle>.app/Contents/Info.plist • Default Key
 CFBundleShortVersionString Where is the information stored?

  8. © JAMF Software, LLC About Version Control • Except for

    when it isn’t • In the Context of Jamf: Extension Attribute Where is the information stored?

  9. © JAMF Software, LLC About Version Control • Where is

    the information stored? • Standards in version strings Not as simple as it seems on the surface

  10. © JAMF Software, LLC About Version Control • What does

    a version string look like? Standards in version strings

  11. © JAMF Software, LLC About Version Control • What does

    should a version string look like? • Major . Minor . Build [ . Revision ] Standards (or lack of) in version strings

  12. © JAMF Software, LLC About Version Control • Lack of

    standards in version strings • Where the information is stored • Comparison vs Lookup Not as simple as it seems on the surface

  13. © JAMF Software, LLC About Version Control • Comparison gives

    a Relative State Comparison vs Lookup

  14. © JAMF Software, LLC About Version Control • Comparison gives

    a Relative State • Comparison requires consistency Comparison vs Lookup

  15. © JAMF Software, LLC About Version Control • Comparison gives

    a Relative State • Comparison requires consistency • Comparison works most of the time Comparison vs Lookup

  16. © JAMF Software, LLC About Version Control • Lookup doesn't

    care about consistency Comparison vs Lookup

  17. © JAMF Software, LLC About Version Control • Lookup doesn't

    care about consistency • Lookup is reactive Comparison vs Lookup

  18. © JAMF Software, LLC About Version Control • Lookup doesn't

    care about consistency • Lookup is reactive • Lookup works all the time Comparison vs Lookup

  19. © JAMF Software, LLC Jamf Patch History • Patch Reporting

    in Jamf Pro 9.96 The Road So Far…

  20. © JAMF Software, LLC Jamf Patch History • Patch Reporting

    in Jamf Pro 9.96 • Patch Management in Jamf Pro 10.0 The Road So Far…

  21. © JAMF Software, LLC Jamf Patch History • Patch Reporting

    in Jamf Pro 9.96 • Patch Management in Jamf Pro 10.0 • External Patch Sources in Jamf Pro 10.2 The Road So Far…

  22. © JAMF Software, LLC External Patch Endpoints https://www.jamf.com/jamf-nation/articles/497

  23. © JAMF Software, LLC External Patch Endpoints • API -

    API communication https://www.jamf.com/jamf-nation/articles/497

  24. © JAMF Software, LLC External Patch Endpoints • API -

    API communication • /software https://www.jamf.com/jamf-nation/articles/497

  25. © JAMF Software, LLC

  26. © JAMF Software, LLC External Patch Endpoints • API -

    API communication • /software • /software/{ids} https://www.jamf.com/jamf-nation/articles/497

  27. © JAMF Software, LLC

  28. © JAMF Software, LLC External Patch Endpoints • API -

    API communication • /software • /software/{ids} • /patch/{id} https://www.jamf.com/jamf-nation/articles/497

  29. © JAMF Software, LLC

  30. © JAMF Software, LLC

  31. © JAMF Software, LLC Connecting to an External Source •

    The Java Keystore must trust the SSL Cert Things to Remember

  32. © JAMF Software, LLC Connecting to an External Source •

    The Java Keystore must trust the SSL Cert • The Endpoint must have at least one definition Things to Remember

  33. © JAMF Software, LLC Connecting to an External Source •

    The Java Keystore must trust the SSL Cert • The Endpoint must have at least one definition • Patch Definitions for 3rd-party sources can't be code-signed Things to Remember

  34. © JAMF Software, LLC External Patch Source Projects • Patch

    Server for Jamf Pro
 https://patchserver.readthedocs.io/en/latest/ Take a Look at These

  35. © JAMF Software, LLC

  36. © JAMF Software, LLC External Patch Source Projects • Patch

    Server for Jamf Pro
 https://patchserver.readthedocs.io/en/latest/ • Kinobi Open Source
 https://kinobi.io/ Take a Look at These

  37. © JAMF Software, LLC

  38. © JAMF Software, LLC Structure of a Patch Definition •

    Jamf Pro External Patch Source Endpoints
 https://www.jamf.com/jamf-nation/articles/497 References

  39. © JAMF Software, LLC Structure of a Patch Definition •

    Kinobi: Understanding Patch Definitions
 https://github.com/mondada/kinobi/wiki/ Understanding-Patch-Definitions References

  40. © JAMF Software, LLC

  41. © JAMF Software, LLC Structure of a Patch Definition •

    Corresponds to the Jamf Pro Database Patch Data Structure

  42. © JAMF Software, LLC Structure of a Patch Definition •

    Corresponds to the Jamf Pro Database • Modular and extensible Patch Data Structure

  43. © JAMF Software, LLC Structure of a Patch Definition •

    Corresponds to the Jamf Pro Database • Modular and extensible • Not everything is used Patch Data Structure

  44. © JAMF Software, LLC Structure of a Patch Definition •

    Corresponds to the Jamf Pro Database • Modular and extensible • Not everything is used • Some duplication of information Patch Data Structure

  45. © JAMF Software, LLC Structure of a Patch Definition •

    Software Title • patch • components • extensionAttributes Object Types

  46. © JAMF Software, LLC Structure of a Patch Definition •

    killApps • criteria (used for multiple things) Object Types

  47. © JAMF Software, LLC Structure of a Patch Definition •

    name • publisher • appName • bundleId Software Title

  48. © JAMF Software, LLC Structure of a Patch Definition •

    lastModified • currentVersion • id Software Title

  49. © JAMF Software, LLC Structure of a Patch Definition •

    requirements • patches • extensionAttributes Software Title

  50. © JAMF Software, LLC Structure of a Patch Definition •

    version • releaseDate • standalone • minimumOperatingSystem patch

  51. © JAMF Software, LLC Structure of a Patch Definition •

    reboot patch

  52. © JAMF Software, LLC Structure of a Patch Definition •

    killApps • components • capabilities • dependencies patch

  53. © JAMF Software, LLC Structure of a Patch Definition •

    name • version components

  54. © JAMF Software, LLC Structure of a Patch Definition •

    criteria components

  55. © JAMF Software, LLC Structure of a Patch Definition •

    key • value • displayName extensionAttributes

  56. © JAMF Software, LLC Structure of a Patch Definition •

    bundleId • appName killApps

  57. © JAMF Software, LLC Structure of a Patch Definition •

    name • operator • value • type Criteria

  58. © JAMF Software, LLC Structure of a Patch Definition •

    name • operator • value • type Criteria • and

  59. © JAMF Software, LLC Creating Patch Definitions Hand-cutting the JSON

  60. © JAMF Software, LLC Creating Patch Definitions Kinobi Editor

  61. © JAMF Software, LLC

  62. © JAMF Software, LLC

  63. © JAMF Software, LLC

  64. © JAMF Software, LLC

  65. © JAMF Software, LLC

  66. © JAMF Software, LLC

  67. © JAMF Software, LLC

  68. © JAMF Software, LLC

  69. © JAMF Software, LLC

  70. © JAMF Software, LLC

  71. © JAMF Software, LLC

  72. © JAMF Software, LLC

  73. © JAMF Software, LLC

  74. © JAMF Software, LLC

  75. © JAMF Software, LLC

  76. © JAMF Software, LLC

  77. © JAMF Software, LLC

  78. © JAMF Software, LLC

  79. © JAMF Software, LLC

  80. © JAMF Software, LLC

  81. © JAMF Software, LLC

  82. © JAMF Software, LLC

  83. © JAMF Software, LLC

  84. © JAMF Software, LLC

  85. © JAMF Software, LLC

  86. © JAMF Software, LLC

  87. © JAMF Software, LLC

  88. © JAMF Software, LLC

  89. © JAMF Software, LLC

  90. © JAMF Software, LLC

  91. © JAMF Software, LLC

  92. © JAMF Software, LLC

  93. © JAMF Software, LLC

  94. © JAMF Software, LLC

  95. © JAMF Software, LLC

  96. © JAMF Software, LLC

  97. © JAMF Software, LLC

  98. © JAMF Software, LLC

  99. © JAMF Software, LLC

  100. © JAMF Software, LLC

  101. © JAMF Software, LLC

  102. © JAMF Software, LLC

  103. © JAMF Software, LLC Creating Patch Definitions • Validate Extension

    Attributes Pro Tips

  104. © JAMF Software, LLC Creating Patch Definitions • Validate Extension

    Attributes • Use Advanced Searches in Jamf Pro Pro Tips

  105. © JAMF Software, LLC Creating Patch Definitions • Validate Extension

    Attributes • Use Advanced Searches in Jamf Pro • Smart Groups without parenthesis Pro Tips

  106. © JAMF Software, LLC Pre-supplied Patch Definitions • Community Patch


    https://communitypatch.readthedocs.io/ If [insert annoying part] all seems too much…

  107. © JAMF Software, LLC Pre-supplied Patch Definitions • Community Patch


    https://communitypatch.readthedocs.io/ • Kinobi Subscription
 https://kinobi.io/kinobi/ If [insert annoying part] all seems too much…

  108. © JAMF Software, LLC One More Thing… NetSUS 5.0

  109. © JAMF Software, LLC NetSUS 5.0 • Improved UI •

    Enable / Disable Services • Additional System Management • Better Sanity Checking New Features

  110. © JAMF Software, LLC NetSUS 5.0 • File Sharing •

    Multiple NBIs • SUS Catalog Selection • And many more New Features

  111. © JAMF Software, LL THANK YOU!