Title
#macos
a

allister

11/08/2022, 1:57 PM
I could very easily be mistaken that the checkbox in (now as of Ventura) System Settings isn't actually defaults (or otherwise) directly read-able
defensivedepth

defensivedepth

11/11/2022, 3:24 PM
your saying there is no plist that can be read to figure out the state of that checkbox?
a

allister

11/14/2022, 2:41 AM
All detection methods I've heard of so far have been unable to directly detect this without shelling out to the wonderfully unreliable softwareupdate binary https://macops.ca/os-x-admins-your-clients-are-not-getting-background-security-updates/ /cc @frogor
2:41 AM
heck I'll mention @groob too, but I'm pretty sure it's a private framework/lost cause
2:42 AM
could be slurped into the keychain like mobileconfig profiles
g

groob

11/14/2022, 10:33 AM
There was a private framework I used in Launcher once that was reading all those checkboxes. @seph might know if it still works.
defensivedepth

defensivedepth

11/14/2022, 8:18 PM
Alternatively could check the os version and compare it against https://gdmf.apple.com/v2/pmv, and
PostingDate
... and if the latest update for the OS has been out > x days, and its not installed, let me know etc. For my use case, I just need to know that updates are being regularly applied - doesn't matter to me if it is set to autoupdate or not. (though it would be ideal if it was)
s

seph

11/15/2022, 3:49 PM
I don’t remember which ones groob wrote, but Kolide Launcher has a handful of tables for macos security updaters. Some use internal frameworks. It’s all a bit unclear.