upgrade and restart symantec services silently

When installing a Symantec Endpoint Protection 12 package, a reboot is usually required somewhere within the workflow in order to ensure that services are restarted properly, etc. Necessity is the mother of invention, as they say however, and I like to have as little end user interaction as possible – within reason, of course. I find that the more you interact with the end user, the more “things” can go wrong – the human factor if you will – so I prefer to tightly, and silently, control all aspects of an install or upgrade if I can.

We are currently deploying the SEP 12.1.2015 package and this upgrade claims to require a user log out at the very least, to restart some daemons that are running in the background. Allowing this restart prompt requires that we communicate to every end user how the system will prompt them to logout, and I’ve been tasked with reducing the number of helpdesk calls received during this project.

As luck would have it, I’ve been able to successfully suppress the prompt to log out at the same time as stopping the necessary Symantec services and then restarting them. I even found time to add in some post-flight code to force live update to run all updates immediately before restarting services, so when the client once again checks in to the SEPM after upgrade, it reports as fully up-to-date. The code I used to accomplish this is below. I’ve added this code to a post-flight script in the package. As always, feel free to use this code at your own risk. I offer no warranty of any kind if you choose to use it on your own Mac(s).

## Find out if any user is logged in. If no one is logged in, the user will be root
loggedInUser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`
if [ "$loggedInUser" != "root" ] ; then
## Kill the two daemons that Symantec spawns
 killall SymQuickMenu
 killall SymSecondaryLaunc
 cd /
## Restart these two daemons
 su $loggedInUser -c "/Library/Application\ Support/Symantec/SymQuickMenu/SymQuickMenu.app/Contents/MacOS/SymQuickMenu &"
 su $loggedInUser -c "/Library/Application\ Support/Norton\ Solutions\ Support/Scheduler/SymSecondaryLaunch.app/Contents/MacOS/SymSecondaryLaunch &"
 fi
## Get the current date in YYYYMMDD. This will be used as a starting point to download the latest definitions
CurrDate=`date +%Y%m%d`
## A flag to signal the script when the update has been found and downloaded
UpdateFound=0
while [ $UpdateFound -eq 0 ]
do
 ## The filename is static except for the date it is released, so store this name in a variable
 ## to change if necessary
 DesiredUpdate="NavM_Intel_Installer_"$CurrDate"_US.zip"
## Use curl to generate a listing of the files on the Symantec website. Grep out the file that most
 ## closely resembles the desired update, then clean it up so we have just the filename
 RawFileListing=`curl -l ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus_mac/ | grep $DesiredUpdate`
 ##CleanFileListing=`echo "$RawFileListing" | cut -d \" -f2`
## Compare the file curl found to the desired update filename. If they match, we've found the latest
 ## update, download it. If not, try again with the previous days' date
 if [ "$RawFileListing" == "$DesiredUpdate" ]; then
 UpdateFound=1
 curl ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus_mac/$DesiredUpdate > /Users/Shared/$DesiredUpdate
 else
 ## If we haven't found the update with $CurrDate, it must be for a previous date. Decrease the day by 1 to
 ## check again for an update file from the day prior
 CurrDate=$(( $CurrDate - 1 ))
 fi
done
## Install the latest update package
unzip /Users/Shared$DesiredUpdate
installer -pkg installer -verbose -pkg /Users/Shared/SymantecAVDefs_Intel.pkg -target /
## Clean up after the updates are finished
rm -rf /Users/Shared/$DesiredUpdate /Users/Shared/SymantecAVDefs_Intel.pkg