Image: Jesus Vigo/TechRepublic

When it comes to updating Macs, Software Update, which is built in to Apple’s App Store, makes it a pretty straightforward process. A couple of clicks, and a full listing of pending updates display. One or only a few more clicks, and the selected entries are downloaded and installed. Simple, isn’t it?

But what happens when you’re tasked with managing multiple Macs across a network? Can you really trust your end users to not forget to run updates in a timely manner? If a critical vulnerability is patched, and the update needs to be deployed immediately, how is that handled?

If you answered via Apple Remote Desktop or any other third-party management suite, then you’ve got a solution available to you. However, if you don’t have a go-to management console, then your trusty pal Terminal and SSH are the perfect duo to remotely execute these commands — or better yet, script them so they launch on a regular schedule.

The softwareupdate command is part of every version of OS X; it executes commands that will perform whichever update task(s) you wish to remotely manage. The requirements are: SSH is enabled and configured to allow your user account remote access, and the account used to manage software updates must have admin-level privileges on the target machines.

With that out of the way, let’s examine the softwareupdate command and some of the more commonly used arguments to control it.




-l | —list: Lists the available updates after checking Apple’s update catalog.

-i | —install: Installs updates and may include additional arguments, as found below.

-r | —recommended: Installs only updates flagged as recommended by Apple.
-a | —all: Installs all updates — critical and non-critical.

-d | —download: The software update will only download pending updates to the target computer; however, it will not install them.


softwareupdate -l: Executes software update remotely and prints a list on-screen of all the available updates pending download/installation.

softwareupdate -i -r: Executes software update remotely and installs pending updates that are flagged as recommended by Apple only. Non-critical updates are not installed.

softwareupdate -d -a: Executes software update remotely and downloads all pending updates. The downloaded updates are stored on the target machine for later installation. Critical and non-critical updates are not installed.

Also see

Link to original: 

Pro tip: Manage Apple software updates remotely via the command line