Packaging Google Chrome for deployment in an enterprise environment on Mac OS X

We have about 13,000 macs in our environment so it is important that we customize browser settings for our network/environment before pushing the package out to thousands of macbooks. I will walk you through how we customize and package Google Chrome for Mac OS X.

Our goal here is to create a custom Google Chrome.pkg that installs the Google Chrome.app and sets the following preferences:

  • Set default home page to “http://www.yoursite.com/”
  • Show the home button by default
  • Stop Google Chrome from prompting the user to set it as the default browser.
  • Skip the first run welcome screen

Here is what we are going to need:

  • A folder named “Chrome” with another folder inside of it named “Default”. Inside of that Default folder is where we will put the Preferences file.
  • A blank text document named “First Run”.
  • A Google Chrome Master Preferences file.
  • A preflight script. (We will call it googleChromePreflight in this tutorial)
  • A postflight script (We will call it googleChromePostflight in this tutorial)
  • A Google Chrome Settings configuration profile.

The preferences file

This file will set some of the user default preferences for Google Chrome that don’t get set with the Google Chrome Master Preferences file for some reason. You can use the code below to create your own Preferences file. Note that this Preferences file is in JSON format.

 

{
   "browser": {
      "check_default_browser": false,
      "last_known_google_url": "http://www.google.com/",
      "last_prompted_google_url": "http://www.google.com/",
      "show_home_button": true,
      "show_update_promotion_info_bar": false,
   },
   "countryid_at_install": 21843,
   "default_apps_install_state": 3,
   "distribution": {
      "import_bookmarks": false,
      "import_history": false,
      "import_home_page": false,
      "import_search_engine": false,
      "show_welcome_page": false,
      "skip_first_run_ui": true,
      "suppress_first_run_bubble": true,
      "suppress_first_run_default_browser_prompt": true
   },
   "first_run_tabs": [ "http://www.goobersmooch.com/" ],
   "homepage": "http://www.goobersmooch.com/",
   "homepage_is_newtabpage": false,
   "hotword": {
      "previous_language": "en-US"
   },
   "intl": {
      "accept_languages": "en-US,en"
   },
   "invalidator": {
      "client_id": "NPkJsIb50XkFfjJb1lH8SQ=="
   },
   "media": {
      "device_id_salt": "qPIPmfV9u7CJGs6aXx9DxA=="
   },
   "pinned_tabs": [  ],
   "plugins": {
      "migrated_to_pepper_flash": true,
      "plugins_list": [  ],
      "removed_old_component_pepper_flash_settings": true
   },
   "profile": {
      "avatar_index": 26,
      "content_settings": {
         "clear_on_exit_migrated": true,
         "pattern_pairs": {
 
         },
         "pref_version": 1
      },
      "exit_type": "Normal",
      "exited_cleanly": true,
      "managed_user_id": "",
      "name": "",
      "password_manager_enabled": false,
      "per_host_zoom_levels": {
 
      }
   },
   "session": {
      "restore_on_startup": 4,
      "restore_on_startup_migrated": true,
      "startup_urls": [ "http://www.goobersmooch.com/" ],
      "startup_urls_migration_time": "13064995362418883"
   },
   "sync_promo": {
      "user_skipped": true
   },
   "translate_blocked_languages": [ "en" ],
   "translate_whitelists": {
 
   }
}

The First Run file

The First Run file disables the welcome screen when you open Google Chrome for the first time. The easiest way to create this file is to open terminal and type

touch "~/Desktop/First Run"

This will put the First Run file on your Desktop.

The Google Chrome Master Preferences file

This file sets the default user preferences for new users that do not have a google chrome profile. For example when users start Google Chrome for the first time, they don’t yet have a Preferences file so one is created for them using the settings in the Google Chrome Master Preferences file. Below is a working example of the Google Chrome Master Preferences file.

 

{
  "homepage" : "http://www.goobersmooch.com/",
  "homepage_is_newtabpage" : false,
  "browser" : {
    "show_home_button" : true,
    "check_default_browser" : false
  },
  "distribution" : {
    "show_welcome_page" : false,
    "skip_first_run_ui" : true,
    "import_history" : false,
    "import_bookmarks" : false,
    "import_home_page" : false,
    "import_search_engine" : false,
    "suppress_first_run_bubble": true,
    "suppress_first_run_default_browser_prompt": true
  },
  "sync_promo" : {
    "user_skipped" : true
  },
  "first_run_tabs" : [
    "http://www.goobersmooch.com/"
  ]
}

The googleChromePreflight Script

This script will run prior to installing Google Chrome on the computer.

#!/bin/bash
 
#Google Chrome version
Ver="51.0.2704.106"
 
#Logfile
logfile=/var/log/LISD-GoogleChromeInstaller.log
if [[ ! -r $logfile ]]
then
	touch $logfile
fi
 
echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "****************" >> $logfile
echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Beginning Install" >> $logfile
 
# Remove Existing Google Chrome app if it exists
if [ -d "/Applications/Google Chrome.app" ]; then
	echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Removing existing Google Chrome application." >> $logfile
	rm -rf "/Applications/Google Chrome.app"
fi
 
# Remove Existing Master Preferences File if it exists
if [ -a "/Library/Google/Google Chrome Master Preferences" ]; then
	echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Removing existing Google Chrome Master Preferences file." >> $logfile
	rm -rf "/Library/Google/Google Chrome Master Preferences"
fi
 
# Remove Existing User Template Preferences if the directory exists
if [ -d "/System/Library/User Template/English.lproj/Library/Application Support/Google/Chrome" ]; then
	echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Removing existing Google Chrome folder from the user template." >> $logfile
	rm -rf "/System/Library/User Template/English.lproj/Library/Application Support/Google/Chrome"
fi

The googleChromePostflight Script

This script runs after the package has put our payload files into place. It makes quite a few changes, creates directories and moves files into place. The code below is pretty well commented so you can understand what exactly it is doing.

#!/bin/bash
 
##############################################
#
#	Creates Google Chrome profiles if none exist
#
##############################################
 
#Google Chrome version
Ver="51.0.2704.106"
 
#Logfile
logfile=/var/log/LISD-GoogleChromeInstaller.log
if [[ ! -r $logfile ]]
then
	touch $logfile
fi
 
# Get a list of users
echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Getting list of users." >> $logfile
Users=($(find /Users -maxdepth 1 | grep -v -e ".localized" -e "Shared" -e "Deleted Users" -e ".DS_Store" | tail +2 | awk -F "/" '{print $3}'))
 
# Test if we have the Google Chrome folder already, if not create it.
if [ ! -d "/System/Library/User Template/English.lproj/Library/Application Support/Google/Chrome" ]; then
	echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Creating /System/Library/User Template/English.lproj/Library/Application Support/Google/Chrome directory." >> $logfile
	mkdir -p "/System/Library/User Template/English.lproj/Library/Application Support/Google/Chrome"
fi
 
# Copy Chrome folder into the User Template
echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Copying our Chrome folder to /System/Library/User Template/English.lproj/Library/Application Support/Google/." >> $logfile
cp -R Chrome "/System/Library/User Template/English.lproj/Library/Application Support/Google/"
 
# Set the permissions appropriately
chown -R root:wheel "/System/Library/User Template/English.lproj/Library/Application Support/Google"
chmod 755 "/System/Library/User Template/English.lproj/Library/Application Support/Google"
 
# Loop through our users and create the Google folder if they don't have it.
for P in "${Users[@]}"
do
	if [ ! -d "/Users/$P/Library/Application Support/Google/Chrome" ]; then
			echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Creating /Users/$P/Library/Application Support/Google/Chrome directory." >> $logfile
			mkdir -p "/Users/$P/Library/Application Support/Google/Chrome"
			echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "Copying our Chrome folder to /Users/$P/Library/Application Support/Google/" >> $logfile
			cp -R Chrome "/Users/$P/Library/Application Support/Google/"
			chown -R $P "/Users/$P/Library/Application Support/Google"
			chmod -R 755 "/Users/$P/Library/Application Support/Google"
		else
			echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "$P already has a Google Chrome folder." >> $logfile
	fi
done
 
echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "End Install" >> $logfile
echo "$(date +'%Y-%m-%d %H:%M:%S')" ":" "Google Chrome $Ver Installer" ":" "****************" >> $logfile
 
exit 0

The Google Chrome Settings Configuration Profile

The profile settings below set the following policies:

  • Turns off the ability to turn on incognito mode.
  • Sets Google Chrome to not be the default browser.
  • Enable Google Cloud Print proxy.
  • Disable print preview.
  • Sets default search provider to be google.
  • Disable add person in profile manager.
  • Enable submission of documents to Google Cloud Print.
  • Adds Kerberos server to delegation server whitelist.
  • Disable guest mode browsing.
  • Disable ability to add new users.

For a full list of available policies that can be set with a configuration profile see https://www.chromium.org/administrators/policy-list-3. To turn the code below into a configuration profile just save it as a text document with the .mobileconfig extension.

<!--?xml version="1.0" encoding="UTF-8"?-->
 
 
 
	ABT_AllowSaveToDisk
 
	ABT_ConfigurationType
	4
	ABT_DevicePlatform
	1
	ABT_PayloadVersion
	1
	ABT_RemovalOption
	Never
	ConsentText
 
		default
 
 
	PayloadContent
 
 
			ABT_PayloadVersion
			1
			ABT_PreferenceDomain
			com.google.Chrome
			PayloadContent
 
				com.google.Chrome
 
					Forced
 
 
							mcx_preference_settings
 
								AuthNegotiateDelegateWhitelist
								domain.name
								AuthServerWhitelist
								*.domain.name*
								BrowserAddPersonEnabled
 
								BrowserGuestModeEnabled
 
								CloudPrintProxyEnabled
 
								CloudPrintSubmitEnabled
 
								DefaultBrowserSettingEnabled
 
								DefaultSearchProviderEnabled
 
								DefaultSearchProviderName
								Google
								DeviceAllowNewUsers
 
								DisablePrintPreview
 
								ForceMaximizeOnFirstRun
 
								IncognitoModeAvailability
								1
 
 
 
 
 
			PayloadDisplayName
			Custom: (com.google.Chrome)
			PayloadEnabled
 
			PayloadIdentifier
			0893E159-CBAB-4441-9BD2-5007D6AE2F9D.customsettings
			PayloadOrganization
			Your Org Goes Here
			PayloadType
			com.apple.ManagedClient.preferences
			PayloadUUID
			46BE1404-9F79-4AB5-BEC5-118710ED6C2F
			PayloadVersion
			1
 
 
	PayloadDescription
	Sets default google chrome settings.
	PayloadDisplayName
	Google Chrome Settings
	PayloadIdentifier
	profile.DE3E721C-DEBC-4101-87BF-DDC86AD888E9
	PayloadOrganization
	Your Org Goes Here
	PayloadRemovalDisallowed
 
	PayloadScope
	System
	PayloadType
	Configuration
	PayloadUUID
	5F2259A3-8574-438D-BA1A-4488722CC751
	PayloadVersion
	1

 

Putting Everything Together

Before you create the package, you need to gather and organize the files listed above. The most important is the structure and contents of the Chrome folder. First, create a folder called Chrome. Then put the First Run file you created earlier in the Chrome folder. Now create a new folder called Default inside of the Chrome folder. And finally, put the Preferences file you created earlier inside of this Default folder. When you are finished, your folder structure should look like the image below, but you may or may not see the .DS_Store files. They show up in mine because I have hidden files shown.

chromeFolder

Now we can begin to package everything together so that we can deploy it to your machines.

How to create our Google Chrome Deployment package using the Packages app.

Open Packages and choose Raw Package.

packagesNewProject

 

Choose a name for the package and location to store the package and then click the finish button. In this tutorial it will be called Google Chrome Deployment Settings.

packagesNewProjectName

On the settings tab, change the identifier to suit your needs and put the version of Google Chrome you are installing in the version box.

packagesNewProjectSettings

 

On the payload tab, right-click the Applications folder and choose add files. Navigate to the Google Chrome app you are installing and click add.

packagesAddChromeApp

When you see the prompt to keep owner and group, uncheck that box and click add.

packagesKeepOwnerAndGroup

 

Right-click on the Library folder and choose New Folder. Name the folder Google.

packagesNewGoogleFolder

 

Right-click the Google folder that you just created and choose Add Files. Navigate to your Google Chrome Master Preferences and click add.

packagesGoogleMasterPrefs

 

Click the Scripts tab and then click the set button under Pre-Installation. Navigate to the googleChromePreflight script and click add. Do the same under the Post-Installation and point to the googleChromePostflight script. Now click the + button in the bottom left corner under Additional Resources, navigate to the Chrome folder, and click the add button. When you are finished, your packages project should look like the image below.

packagesScriptsTab

Now save your project by  clicking file then save or use the keyboard shortcut cmd + s. And finally build the package by clicking build then build or using the keyboard shortcut cmd + B. Congratulations! You have your very own customized Google Chrome installer for mac.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*