Using a Compiled Image as your parent configuration in Casper

So, I ran into a little quirk with Casper not too long ago.  Since Casper has a package priority feature, where you can set a value to any of your packages you create from 1 to 20 it tells Casper in what order to install the package.  This is an important feature if you are applying multiple updates and you need to install them in order.  That way the latter updates you can give a higher number and they will be installed chronologically by the number you give them.  1 is the first package and pretty much reserved for OSes since your OS should always be installed first, and 20 would be anything that needs to be installed last, like a final update or final setting that should be applied last.

Now when you compile all your packages plus your OS into one single compiled configuration it will obey these package priorities.  Now, if you try to add a smart configuration on top of your compiled configuration, and make your compiled a parent configuration it will not work.  This is because any package you add in the child configuration will conflict with the package priority.

However, there is a work around.  I, instead, created a parent configuration of a single shell script which invokes the asr command to block copy the image to the client and then post install packages based on this parent configuration.  So, to give an overview lets start at the beginning:

This screen shot above me here is my compiled configuration.  It is a pristine install of OS X 10.5.0 retail, the 10.5.8 combo updater, every Apple application update, security update, and every application I want standardized across my deployment on every single Mac in our enterprise.  This creates a single DMG file that can be block copied when you image your computer.  Next lets look at my parent configuration to enable me to make smart configurations off a compiled image.

Now as you can see, my parent configuration here is just a simple shell script which invokes asr to block copy the image to the client when netbooted to a netboot server and using the Casper client.  Sam Gfall Johnson from Jamf Software helped me with this script, and please note that it only works if you are running Casper because Casper has some built in variables it uses for running commands and scripts.  If you want to use this script in conjunction with a non Casper solution you will have to modify it.

#!/bin/bash
 
#Define the target - $1 to automatically get this from Casper, /Volumes/Macintosh HD otherwise
target="$1"
 
#Automatically acquire the dev entry
devEntry=$(/usr/sbin/diskutil info "$target" | /usr/bin/grep "Device Node" | /usr/bin/awk '{print $3}')
echo "The dev entry for the disk to be restored: $devEntry"
 
#Acquire the original volume label
originalName=$(/usr/sbin/diskutil info "$target" | /usr/bin/grep "Volume Name" | /usr/bin/grep -o '[^:]*$'  | /usr/bin/tr -s " " | /usr/bin/sed 's/^[ ]//g')
echo "The disk name: $originalName will be retained upon restoring."
 
#Unmount the disk to prepare it for ASR
/usr/sbin/diskutil unmount $devEntry
 
#Perform the ASR copy
echo "Initiating restore process and waiting for connection..."
/usr/sbin/asr restore --source "/Volumes/CasperShare/CompiledConfigurations/10.5.8_compiled.dmg" -target "$devEntry" -erase -noprompt -timeout 0 -puppetstrings -noverify --verbose
 
#Mount the disk again
/usr/sbin/diskutil mount $devEntry
 
#Rename the disk to ensure that it's named with it's original name
/usr/sbin/diskutil rename $devEntry "$originalName"
 
exit 0

When the client netboots to the netboot server, the Casper Imaging.app will mount the volume you have set up for the distrubtion point in /Volumes.  I mimic this set up on all my Casper Distribution Points so I know that once it is mounted, the source of my packages will always be /Volumes/CasperShare.  Thus, allowing me to write a single script for all 6 of my Netboot servers in my enterprise.  If you don't standardize your naming conventions for the distribution points I highly recommend you redo those so they all have the same name for the share point.  Now, lets take a look at my child configuration (or smart configuration) based on this parent one that installs a few building specific packages and scripts.

So, this is important that when you set auto run data for this type of set up you DO NOT select the 'Erase this Disk' option.  Otherwise it will run the preflight script with the asr command and then wipe out your hard drive undoing exactly what you were trying to accomplish.  I had to learn this the hard way the first time, so please let my mistake benefit you.

Some of you may be reading this and thinking to yourself, well what does this accompish?  Well, I can lay out the reasoning and logic behind why I did this, and you can see if this may be useful for your environment.  I have limited hard drive space on my distrubtion points as some of them are Mac Minis, depending on where they are at.  So, I want to take advantage of the Compiled Configurations with the built in instaDMG support in Casper Admin 7.  I did no longer wanted to create full blown images for the three types of users we have here at my work.  So, I wanted to create a base compiled image that would include every single application that every single user should have on every single Mac in my enterprise.  Then I could create smart configurations for user and building specific packages based on my parent configuration.  Thus allowing me to keep one base image for everything and then use post image scripts to trigger manual command Casper policies to install specific packages and set specific OS settings.   So I can save space on my hard drives on my servers, reduce the amount of packages I have to use and maintain, and have the flexibility I need to deploy packages to certain computers, groups of users, or specific locations.

Thanks for reading,

Tom