Image: Jesus Vigo/TechRepublic

When it comes to updating Macs, Software Update, which is built in to Apple’s App Store, makes it a pretty straightforward process. A couple of clicks, and a full listing of pending updates display. One or only a few more clicks, and the selected entries are downloaded and installed. Simple, isn’t it?

But what happens when you’re tasked with managing multiple Macs across a network? Can you really trust your end users to not forget to run updates in a timely manner? If a critical vulnerability is patched, and the update needs to be deployed immediately, how is that handled?

If you answered via Apple Remote Desktop or any other third-party management suite, then you’ve got a solution available to you. However, if you don’t have a go-to management console, then your trusty pal Terminal and SSH are the perfect duo to remotely execute these commands — or better yet, script them so they launch on a regular schedule.

The softwareupdate command is part of every version of OS X; it executes commands that will perform whichever update task(s) you wish to remotely manage. The requirements are: SSH is enabled and configured to allow your user account remote access, and the account used to manage software updates must have admin-level privileges on the target machines.

With that out of the way, let’s examine the softwareupdate command and some of the more commonly used arguments to control it.

Command

softwareupdate


Arguments

-l | —list: Lists the available updates after checking Apple’s update catalog.

-i | —install: Installs updates and may include additional arguments, as found below.

-r | —recommended: Installs only updates flagged as recommended by Apple.
-a | —all: Installs all updates — critical and non-critical.

-d | —download: The software update will only download pending updates to the target computer; however, it will not install them.

Examples

softwareupdate -l: Executes software update remotely and prints a list on-screen of all the available updates pending download/installation.

softwareupdate -i -r: Executes software update remotely and installs pending updates that are flagged as recommended by Apple only. Non-critical updates are not installed.

softwareupdate -d -a: Executes software update remotely and downloads all pending updates. The downloaded updates are stored on the target machine for later installation. Critical and non-critical updates are not installed.

Also see

Link to original: 

Pro tip: Manage Apple software updates remotely via the command line