It amazes me to see how some some big companies do try to stay away from what I call standard practices when it comes to operating system software, specially OS X.
I mean, I can understand that an semi-open source like VirtalBox installs stuff in the wrong places or uses old mechanisms to launch at startup and so on. But McAfee, had it being bought by Intel, I’d say should have a
couple dozen engineers to read the manuals.
In any case, if you work managing OS X computers in an organization that uses McAfee ePO + Endpoint protection, and you have played around with the ePO server policies you might have noticed that you cannot manage when the Endpoint protection checks for updates. By default the software will be configured to check for virus definitions (DATs in McAfee’s terms) updates once a day at 16:45hs. This is cool if you don’t also have hundreds of school students that leave at 4pm.
After investigating how the thing stores and uses a preference that the user can change it turns out the application stores the data in an sqlite file in /usr/local/McAfee/AntiMalware/var/ , it is stored in cron style aaaaaand it is added to the root’s crontab.
Why not just do a plist? this is done from the same company that provides their installer in a 16MB bash file with the binary embedded (insert link to previous post). This looks to me like they have linux people doing the OS X stuff. It ain’t necessary a bad thing, but again “stick to known good standards whenever possible mr. owner of a Fortune 50 company”
After so much trashing here is how you can manage this. Written in bash you can run this as a post flight and deploy it with your favorite tool
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
PS: and I have not even complained about how they store the product version or what’s with renaming their products. Sometimes I feel I’m only complaining in this blog :s