Disable Automatic Update Check via Script or Command

kgingerkginger Junior Member

We manage updates with Munki and need to stay on older Safari. 1Password 7.2.1 requires Safari 12. I want to disable Automatic Update across our fleets to maintain compatibility, this trick does not appear to work on version 7. Any suggestions?


1Password Version: 7
Extension Version: Not Provided
OS Version: macOS 10+
Sync Type: Teams

Comments

  • chadseldchadseld 1Password Developer

    Team Member
    edited October 2018

    The preference domain and domain precedence has changed.

    Try this instead:

    /usr/libexec/PlistBuddy -c "Add :CheckForSoftwareUpdatesEnabled bool 0" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

    If you want to change the value back to the default, you can...

    /usr/libexec/PlistBuddy -c "Delete :CheckForSoftwareUpdatesEnabled" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

  • ctyjiuhctyjiuh
    edited February 2019

    edited
    ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

    this value

    <key>CheckForSoftwareUpdatesEnabled</key>
    <true/>
    

    to

    <key>CheckForSoftwareUpdatesEnabled</key>
    <false/>
    

    and it worked for me

  • LarsLars Junior Member

    Team Member

    @ctyjiuh - excellent! Glad you figured it out. Let us know if you need any further assistance. :)

  • kgingerkginger Junior Member
    edited May 2019

    .

  • LarsLars Junior Member

    Team Member

    @kginger - I'm going to guess you figured out the issue on your own? ;)

  • kgingerkginger Junior Member
    edited May 2019

    This worked.
    defaults write ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits CheckForSoftwareUpdatesEnabled false
    I am now experimenting with making this a system mobileconfig profile, is there a System preference or is it only user sandboxed?

  • ag_kevinag_kevin Junior Member

    Team Member

    Hi @kginger ,

    In the next update, you will be able to simply override that preference in a mobileconfig. It will accept the value you put in the config, and disable the checkbox in the Preferences.

    Cheers,
    Kevin

  • Hi @ag_kevin do you have any existing system-wide mobileconfig examples for setting CheckForSoftwareUpdatesEnabled ? I see that v7.3 had "Check For Updates can now be disabled by Mobile Device Management profiles. {#3430}" in the release notes but I have yet to find an MDM profile example that works… Thanks!

  • We're trying to disable the automatic updates on 1Password 7.4.1 stand alone (not through app store) through command line/scripting, so far non of the options from the forums have worked for us. Looking for other suggestions.

    Tried the following:
    defaults write ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits CheckForSoftwareUpdatesEnabled false
    defaults write 2BUA8C4S2C.com.agilebits.onepassword-osx-helper CheckForSoftwareUpdatesEnabled 0
    /usr/libexec/PlistBuddy -c "Add :CheckForSoftwareUpdatesEnabled bool 0" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

  • rudyrudy

    Team Member

    @ikaplan,

    This doesn't do anything with 1Password 7

    defaults write 2BUA8C4S2C.com.agilebits.onepassword-osx-helper CheckForSoftwareUpdatesEnabled 0

    MDM would probably be a better approach than scripting it as that allows you to push those settings down to all user machines from your admin console.

    You'd want to set the CheckForSoftwareUpdatesEnabled preference to 0 to disable from MDM.

  • MrCoBaltMrCoBalt
    edited March 2020

    Giving this thread a bump as I believe I have structured a Configuration Profile that actually functions as expected when deployed at a system level.

    For those out there seeking a similar solution give this a try, saving all the below text into a "1Password.mobileconfig" file (and then preferably opening it with Apple Configurator or a similar tool, signing it with your org's profile certificate, and then saving it back out so as to prevent future modifications/tampering):

    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
        <key>PayloadContent</key>
        <array>
            <dict>
                <key>PayloadDescription</key>
                <string>Configures com.agilebits.onepassword7 settings</string>
                <key>PayloadDisplayName</key>
                <string>com.agilebits.onepassword7</string>
                <key>PayloadIdentifier</key>
                <string>org.yourco.FD4844FE-B509-4AEA-908A-8E50928388F4.com.agilebits.onepassword7.CA94A7E3-12F9-4DEA-9895-D264F8C64CBB</string>
                <key>PayloadOrganization</key>
                <string></string>
                <key>PayloadType</key>
                <string>com.agilebits.onepassword7</string>
                <key>PayloadUUID</key>
                <string>CA94A7E3-12F9-4DEA-9895-D264F8C64CBB</string>
                <key>PayloadVersion</key>
                <integer>1</integer>
                <key>CheckForSoftwareUpdatesEnabled</key>
                <false/>
                <key>AutoInstallSoftwareUpdatesEnabled</key>
                <false/>
            </dict>
        </array>
        <key>PayloadDescription</key>
        <string>Disables 1Password autoupdate services</string>
        <key>PayloadDisplayName</key>
        <string>1Password</string>
        <key>PayloadIdentifier</key>
        <string>org.yourco.FD4844FE-B509-4AEA-908A-8E50928388F4</string>
        <key>PayloadOrganization</key>
        <string>Company Name</string>
        <key>PayloadScope</key>
        <string>System</string>
        <key>PayloadType</key>
        <string>Configuration</string>
        <key>PayloadUUID</key>
        <string>FD4844FE-B509-4AEA-908A-8E50928388F4</string>
        <key>PayloadVersion</key>
        <integer>1</integer>
    </dict>
    </plist>
    

    Also be sure to update the org.yourco. identifier / PayloadOrganization company name, and PayloadDescription lines as you see fit!

    EDIT - yikes, this forum made a total hash of the line spacing and indents despite using the code tag… I've put a copy up for download here in txt format if anybody wants that vs trying to unmangle the forum's version…

  • ag_anaag_ana

    Team Member

    @MrCoBalt:

    I have unmangled the code display for you ;)

  • Many thanks!

  • ag_tommyag_tommy

    Team Member

    :+1::)

  • @ag_tommy how would I determine the identifier, company name & description lines, out of curiosity?

  • BenBen AWS Team

    Team Member

    Hey @RafaelN

    Those lines are specific to your organization, not 1Password. :) It is really entirely up to you what they say.

    Ben

  • @Ben No, I get that part :-).

    I guess what I'm asking is whether this string in the config above FD4844FE-B509-4AEA-908A-8E50928388F4 changes with my company, or not. Similarly, whether I'd just be substituting my company name for PayloadOrganization.

    Sorry, I'm brand-new to doing stuff like this.

  • @RafaelN That UUID was auto-generated when I made the original profile in ProfileCreator and I doubt it overlaps with any other MobileConfig Profiles you may have on your system so I think it would be safe to re-use while just changing "org.yourco" and the PayloadDisplayName / PayloadOrganization / PayloadDescription portions to whatever you wish.

  • @MrCoBalt thank you! I'll do that; I'm still struggling with what I'd change PayloadDescription to, TBH.

  • BenBen AWS Team

    Team Member
    edited May 2020

    You don't have to change it. :) All it does is describe what the purpose of the file is to people who might view it. Most people will never see the description.

    Ben

This discussion has been closed.