When it comes to updating Macs, Software Update, which is built in to Apple's App Store, makes it a pretty straightforward process. A couple of clicks, and a full listing of pending updates display. One or only a few more clicks, and the selected entries are downloaded and installed. Simple, isn't it?
But what happens when you're tasked with managing multiple Macs across a network? Can you really trust your end users to not forget to run updates in a timely manner? If a critical vulnerability is patched, and the update needs to be deployed immediately, how is that handled?
If you answered via Apple Remote Desktop or any other third-party management suite, then you've got a solution available to you. However, if you don't have a go-to management console, then your trusty pal Terminal and SSH are the perfect duo to remotely execute these commands — or better yet, script them so they launch on a regular schedule.
The softwareupdate command is part of every version of OS X; it executes commands that will perform whichever update task(s) you wish to remotely manage. The requirements are: SSH is enabled and configured to allow your user account remote access, and the account used to manage software updates must have admin-level privileges on the target machines.
With that out of the way, let's examine the softwareupdate command and some of the more commonly used arguments to control it.
-l | —list: Lists the available updates after checking Apple's update catalog.
-i | —install: Installs updates and may include additional arguments, as found below.
-r | —recommended: Installs only updates flagged as recommended by Apple.
-a | —all: Installs all updates — critical and non-critical.
-d | —download: The software update will only download pending updates to the target computer; however, it will not install them.
softwareupdate -l: Executes software update remotely and prints a list on-screen of all the available updates pending download/installation.
softwareupdate -i -r: Executes software update remotely and installs pending updates that are flagged as recommended by Apple only. Non-critical updates are not installed.
softwareupdate -d -a: Executes software update remotely and downloads all pending updates. The downloaded updates are stored on the target machine for later installation. Critical and non-critical updates are not installed.
Jesus Vigo is a Network Administrator by day and owner of Mac|Jesus, LLC, specializing in Mac and Windows integration and providing solutions to small- and medium-size businesses. He brings 19 years of experience and multiple certifications from several vendors, including Apple and CompTIA.