Hi gang We re running into an issue over here with what seem osquery #fleet

Hi gang! We're running into an issue over here wit...

Billy H

07/28/2025, 1:19 PM

Hi gang! We're running into an issue over here with what seems like a bug in the MacOS Setup experience. When users onboard their new device, there are a number of software pieces that get installed through Fleet (Chrome, Slack, and some default apps) in addition to a bootstrap sh script. There is about a 10% chance that when the script finishes, the Fleet progress window will never show that the script finishes, despite us seeing the script finish from the portal side. Any ideas what might be happening or what to look for in the ECS logs?

Unthread

07/28/2025, 2:09 PM

Hey @Billy H ! What happens on the device when that script gets “stuck”? Is it continuing through the process, or hanging?

Billy H

07/28/2025, 2:10 PM

hello! It just hangs, the screen just shows that it is still running the script forever

Billy H

07/29/2025, 7:41 PM

hey gang! this is a bit of a more urgent request now, it seems to be affecting more devices than we thought

Unthread

07/30/2025, 4:08 PM

So sorry @Billy H ! Is it always the same script getting "stuck"?

Billy H

07/30/2025, 4:09 PM

that is correct. its just the bootstrap script that does this

Unthread

07/30/2025, 4:10 PM

Can you share that script?

Billy H

07/30/2025, 4:38 PM

I can give you a heavily sanitized version! The script maybe takes about 7-10 minutes to run and our script timeout period

script_execution_timeout

is 3600 seconds

Copy code

#!/bin/sh
# This is the bootstrap script to get the machine to a desired state

#######################################################################

# Install EDR Endpoint Protection
# Download EDR installer
curl -o /tmp/EDR_installer.zip <https://sanitizedurlgoeshere/EDRInstall.zip>

# Unzip the installer silently
unzip /tmp/EDR_installer.zip -d /tmp/EDR_installer > /dev/null

# Run the installer
EDR_DIR="/tmp/EDR_installer"
chmod a+x $EDR_DIR/EDR\ <http://Installer.app/Contents/MacOS/EDR\|Installer.app/Contents/MacOS/EDR\> Installer
chmod a+x $EDR_DIR/EDR\ <http://Installer.app/Contents/MacOS/tools/com.EDR.bootstrap.helper|Installer.app/Contents/MacOS/tools/com.EDR.bootstrap.helper>
$EDR_DIR/EDR\ <http://Installer.app/Contents/MacOS/EDR\|Installer.app/Contents/MacOS/EDR\> Installer --quiet

# Cleanup
rm -rf /tmp/EDR_installer.zip /tmp/EDR_installer

echo "EDR installation complete!"

#######################################################################

# Install Password Manager
echo "Installing Password Manager..."
sudo /usr/local/bin/catalog -i com.password.manager -s

# Install ticket software
echo "Installing ticket software is not installed..."
sudo /usr/local/bin/catalog -i com.ticket.software -s

#######################################################################

# if arm64, install Rosetta for compatibility
arch_value=$(arch)
if [ "$arch_value" == "arm64" ]; then
    echo "ARM64 architecture detected. Installing Rosetta..."
    sudo /usr/sbin/softwareupdate --install-rosetta --agree-to-license
fi

# install cli tool from github
URL="<https://api.github.com/repos/sanitized/app/releases?q=cli/latest>"
curl -s $URL | awk -F\" '/browser_download_url.*app-cli-macos-.*\.pkg/ {print $(NF-1)}' | sort -V | tail -n 1 | xargs -I {} curl -o /tmp/app.pkg -L {}
sudo installer -pkg /tmp/app.pkg -target /
rm /tmp/app.pkg

echo "Exiting."
exit 0

Open in Slack

Previous Next