Disable Automatic Update Check via Script or Command

kginger · October 2018

We manage updates with Munki and need to stay on older Safari. 1Password 7.2.1 requires Safari 12. I want to disable Automatic Update across our fleets to maintain compatibility, this trick does not appear to work on version 7. Any suggestions?

1Password Version: 7
Extension Version: Not Provided
OS Version: macOS 10+
Sync Type: Teams

chadseld · October 2018

The preference domain and domain precedence has changed.

Try this instead:

/usr/libexec/PlistBuddy -c "Add :CheckForSoftwareUpdatesEnabled bool 0" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

If you want to change the value back to the default, you can...

/usr/libexec/PlistBuddy -c "Delete :CheckForSoftwareUpdatesEnabled" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

ctyjiuh · February 2019

edited
~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

this value

<key>CheckForSoftwareUpdatesEnabled</key>
<true/>

to

<key>CheckForSoftwareUpdatesEnabled</key>
<false/>

and it worked for me

Lars · February 2019

@ctyjiuh - excellent! Glad you figured it out. Let us know if you need any further assistance. :)

kginger · May 2019

.

Lars · May 2019

@kginger - I'm going to guess you figured out the issue on your own? ;)

kginger · May 2019

This worked.
defaults write ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits CheckForSoftwareUpdatesEnabled false
I am now experimenting with making this a system mobileconfig profile, is there a System preference or is it only user sandboxed?

ag_kevin · May 2019

Hi @kginger ,

In the next update, you will be able to simply override that preference in a mobileconfig. It will accept the value you put in the config, and disable the checkbox in the Preferences.

Cheers,
Kevin

MrCoBalt · February 2020

Hi @ag_kevin do you have any existing system-wide mobileconfig examples for setting CheckForSoftwareUpdatesEnabled ? I see that v7.3 had "Check For Updates can now be disabled by Mobile Device Management profiles. {#3430}" in the release notes but I have yet to find an MDM profile example that works… Thanks!

ikaplan · February 2020

We're trying to disable the automatic updates on 1Password 7.4.1 stand alone (not through app store) through command line/scripting, so far non of the options from the forums have worked for us. Looking for other suggestions.

Tried the following:
defaults write ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits CheckForSoftwareUpdatesEnabled false
defaults write 2BUA8C4S2C.com.agilebits.onepassword-osx-helper CheckForSoftwareUpdatesEnabled 0
/usr/libexec/PlistBuddy -c "Add :CheckForSoftwareUpdatesEnabled bool 0" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

rudy · February 2020

@ikaplan,

This doesn't do anything with 1Password 7

defaults write 2BUA8C4S2C.com.agilebits.onepassword-osx-helper CheckForSoftwareUpdatesEnabled 0

MDM would probably be a better approach than scripting it as that allows you to push those settings down to all user machines from your admin console.

You'd want to set the CheckForSoftwareUpdatesEnabled preference to 0 to disable from MDM.

MrCoBalt · March 2020

Giving this thread a bump as I believe I have structured a Configuration Profile that actually functions as expected when deployed at a system level.

For those out there seeking a similar solution give this a try, saving all the below text into a "1Password.mobileconfig" file (and then preferably opening it with Apple Configurator or a similar tool, signing it with your org's profile certificate, and then saving it back out so as to prevent future modifications/tampering):

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>PayloadContent</key>
    <array>
        <dict>
            <key>PayloadDescription</key>
            <string>Configures com.agilebits.onepassword7 settings</string>
            <key>PayloadDisplayName</key>
            <string>com.agilebits.onepassword7</string>
            <key>PayloadIdentifier</key>
            <string>org.yourco.FD4844FE-B509-4AEA-908A-8E50928388F4.com.agilebits.onepassword7.CA94A7E3-12F9-4DEA-9895-D264F8C64CBB</string>
            <key>PayloadOrganization</key>
            <string></string>
            <key>PayloadType</key>
            <string>com.agilebits.onepassword7</string>
            <key>PayloadUUID</key>
            <string>CA94A7E3-12F9-4DEA-9895-D264F8C64CBB</string>
            <key>PayloadVersion</key>
            <integer>1</integer>
            <key>CheckForSoftwareUpdatesEnabled</key>
            <false/>
            <key>AutoInstallSoftwareUpdatesEnabled</key>
            <false/>
        </dict>
    </array>
    <key>PayloadDescription</key>
    <string>Disables 1Password autoupdate services</string>
    <key>PayloadDisplayName</key>
    <string>1Password</string>
    <key>PayloadIdentifier</key>
    <string>org.yourco.FD4844FE-B509-4AEA-908A-8E50928388F4</string>
    <key>PayloadOrganization</key>
    <string>Company Name</string>
    <key>PayloadScope</key>
    <string>System</string>
    <key>PayloadType</key>
    <string>Configuration</string>
    <key>PayloadUUID</key>
    <string>FD4844FE-B509-4AEA-908A-8E50928388F4</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
</dict>
</plist>

Also be sure to update the org.yourco. identifier / PayloadOrganization company name, and PayloadDescription lines as you see fit!

EDIT - yikes, this forum made a total hash of the line spacing and indents despite using the code tag… I've put a copy up for download here in txt format if anybody wants that vs trying to unmangle the forum's version…

ag_ana · March 2020

@MrCoBalt:

I have unmangled the code display for you ;)

MrCoBalt · March 2020

Many thanks!

ag_tommy · March 2020

:+1: :)

RafaelN · May 2020

@ag_tommy how would I determine the identifier, company name & description lines, out of curiosity?

Ben · May 2020

Hey @RafaelN

Those lines are specific to your organization, not 1Password. :) It is really entirely up to you what they say.

Ben

RafaelN · May 2020

@Ben No, I get that part :-).

I guess what I'm asking is whether this string in the config above FD4844FE-B509-4AEA-908A-8E50928388F4 changes with my company, or not. Similarly, whether I'd just be substituting my company name for PayloadOrganization.

Sorry, I'm brand-new to doing stuff like this.

MrCoBalt · May 2020

@RafaelN That UUID was auto-generated when I made the original profile in ProfileCreator and I doubt it overlaps with any other MobileConfig Profiles you may have on your system so I think it would be safe to re-use while just changing "org.yourco" and the PayloadDisplayName / PayloadOrganization / PayloadDescription portions to whatever you wish.

RafaelN · May 2020

@MrCoBalt thank you! I'll do that; I'm still struggling with what I'd change PayloadDescription to, TBH.

Ben · May 2020

You don't have to change it. :) All it does is describe what the purpose of the file is to people who might view it. Most people will never see the description.

Ben

Disable Automatic Update Check via Script or Command

Comments