Disable Automatic Update Check via Script or Command

We manage updates with Munki and need to stay on older Safari. 1Password 7.2.1 requires Safari 12. I want to disable Automatic Update across our fleets to maintain compatibility, this trick does not appear to work on version 7. Any suggestions?


1Password Version: 7
Extension Version: Not Provided
OS Version: macOS 10+
Sync Type: Teams

Comments

  • chadseld
    edited October 2018

    The preference domain and domain precedence has changed.

    Try this instead:

    /usr/libexec/PlistBuddy -c "Add :CheckForSoftwareUpdatesEnabled bool 0" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

    If you want to change the value back to the default, you can...

    /usr/libexec/PlistBuddy -c "Delete :CheckForSoftwareUpdatesEnabled" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

  • ctyjiuh
    ctyjiuh
    Community Member
    edited February 2019

    edited
    ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

    this value

    <key>CheckForSoftwareUpdatesEnabled</key>
    <true/>
    

    to

    <key>CheckForSoftwareUpdatesEnabled</key>
    <false/>
    

    and it worked for me

  • Lars
    Lars
    1Password Alumni

    @ctyjiuh - excellent! Glad you figured it out. Let us know if you need any further assistance. :)

  • kginger
    kginger
    Community Member
    edited May 2019

    .

  • Lars
    Lars
    1Password Alumni

    @kginger - I'm going to guess you figured out the issue on your own? ;)

  • kginger
    kginger
    Community Member
    edited May 2019

    This worked.
    defaults write ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits CheckForSoftwareUpdatesEnabled false
    I am now experimenting with making this a system mobileconfig profile, is there a System preference or is it only user sandboxed?

  • Hi @kginger ,

    In the next update, you will be able to simply override that preference in a mobileconfig. It will accept the value you put in the config, and disable the checkbox in the Preferences.

    Cheers,
    Kevin

  • MrCoBalt
    MrCoBalt
    Community Member

    Hi @ag_kevin do you have any existing system-wide mobileconfig examples for setting CheckForSoftwareUpdatesEnabled ? I see that v7.3 had "Check For Updates can now be disabled by Mobile Device Management profiles. {#3430}" in the release notes but I have yet to find an MDM profile example that works… Thanks!

  • ikaplan
    ikaplan
    Community Member

    We're trying to disable the automatic updates on 1Password 7.4.1 stand alone (not through app store) through command line/scripting, so far non of the options from the forums have worked for us. Looking for other suggestions.

    Tried the following:
    defaults write ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits CheckForSoftwareUpdatesEnabled false
    defaults write 2BUA8C4S2C.com.agilebits.onepassword-osx-helper CheckForSoftwareUpdatesEnabled 0
    /usr/libexec/PlistBuddy -c "Add :CheckForSoftwareUpdatesEnabled bool 0" ~/Library/Group\ Containers/2BUA8C4S2C.com.agilebits/Library/Preferences/2BUA8C4S2C.com.agilebits.plist

  • @ikaplan,

    This doesn't do anything with 1Password 7

    defaults write 2BUA8C4S2C.com.agilebits.onepassword-osx-helper CheckForSoftwareUpdatesEnabled 0

    MDM would probably be a better approach than scripting it as that allows you to push those settings down to all user machines from your admin console.

    You'd want to set the CheckForSoftwareUpdatesEnabled preference to 0 to disable from MDM.

  • MrCoBalt
    MrCoBalt
    Community Member
    edited March 2020

    Giving this thread a bump as I believe I have structured a Configuration Profile that actually functions as expected when deployed at a system level.

    For those out there seeking a similar solution give this a try, saving all the below text into a "1Password.mobileconfig" file (and then preferably opening it with Apple Configurator or a similar tool, signing it with your org's profile certificate, and then saving it back out so as to prevent future modifications/tampering):

    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
        <key>PayloadContent</key>
        <array>
            <dict>
                <key>PayloadDescription</key>
                <string>Configures com.agilebits.onepassword7 settings</string>
                <key>PayloadDisplayName</key>
                <string>com.agilebits.onepassword7</string>
                <key>PayloadIdentifier</key>
                <string>org.yourco.FD4844FE-B509-4AEA-908A-8E50928388F4.com.agilebits.onepassword7.CA94A7E3-12F9-4DEA-9895-D264F8C64CBB</string>
                <key>PayloadOrganization</key>
                <string></string>
                <key>PayloadType</key>
                <string>com.agilebits.onepassword7</string>
                <key>PayloadUUID</key>
                <string>CA94A7E3-12F9-4DEA-9895-D264F8C64CBB</string>
                <key>PayloadVersion</key>
                <integer>1</integer>
                <key>CheckForSoftwareUpdatesEnabled</key>
                <false/>
                <key>AutoInstallSoftwareUpdatesEnabled</key>
                <false/>
            </dict>
        </array>
        <key>PayloadDescription</key>
        <string>Disables 1Password autoupdate services</string>
        <key>PayloadDisplayName</key>
        <string>1Password</string>
        <key>PayloadIdentifier</key>
        <string>org.yourco.FD4844FE-B509-4AEA-908A-8E50928388F4</string>
        <key>PayloadOrganization</key>
        <string>Company Name</string>
        <key>PayloadScope</key>
        <string>System</string>
        <key>PayloadType</key>
        <string>Configuration</string>
        <key>PayloadUUID</key>
        <string>FD4844FE-B509-4AEA-908A-8E50928388F4</string>
        <key>PayloadVersion</key>
        <integer>1</integer>
    </dict>
    </plist>
    

    Also be sure to update the org.yourco. identifier / PayloadOrganization company name, and PayloadDescription lines as you see fit!

    EDIT - yikes, this forum made a total hash of the line spacing and indents despite using the code tag… I've put a copy up for download here in txt format if anybody wants that vs trying to unmangle the forum's version…

  • ag_ana
    ag_ana
    1Password Alumni

    @MrCoBalt:

    I have unmangled the code display for you ;)

  • MrCoBalt
    MrCoBalt
    Community Member

    Many thanks!

  • :+1: :)

  • RafaelN
    RafaelN
    Community Member

    @ag_tommy how would I determine the identifier, company name & description lines, out of curiosity?

  • Hey @RafaelN

    Those lines are specific to your organization, not 1Password. :) It is really entirely up to you what they say.

    Ben

  • RafaelN
    RafaelN
    Community Member

    @Ben No, I get that part :-).

    I guess what I'm asking is whether this string in the config above FD4844FE-B509-4AEA-908A-8E50928388F4 changes with my company, or not. Similarly, whether I'd just be substituting my company name for PayloadOrganization.

    Sorry, I'm brand-new to doing stuff like this.

  • MrCoBalt
    MrCoBalt
    Community Member

    @RafaelN That UUID was auto-generated when I made the original profile in ProfileCreator and I doubt it overlaps with any other MobileConfig Profiles you may have on your system so I think it would be safe to re-use while just changing "org.yourco" and the PayloadDisplayName / PayloadOrganization / PayloadDescription portions to whatever you wish.

  • RafaelN
    RafaelN
    Community Member

    @MrCoBalt thank you! I'll do that; I'm still struggling with what I'd change PayloadDescription to, TBH.

  • Ben
    Ben
    edited May 2020

    You don't have to change it. :) All it does is describe what the purpose of the file is to people who might view it. Most people will never see the description.

    Ben

This discussion has been closed.