Anyone using chocolatey

Hello Just want to ask around about https://chocolatey.org/

I just wanted to know if anyone is using chocolatey and bigfix together
It should be pretty easy to install chocolatey; there is a fixlet already;
https://bigfix.me/fixlet/details/6080
It didn’t install correctly in my Windows 10 VM so I coudln’t use this fixlet
so I’m working on an installer myself.

I just think it would be great for people doing image deployments and want Free apps to install or upgrade.

Was thinking of doing something like this; call for a upgrade

Then do a upgrade; and if the app isn’t there install it. Just like one super action but the more actions the more room for issues; here is what I was thinking of doing.

choco upgrade chocolatey

choco upgrade -y vlc googlechrome Firefox notepadplusplu flashplayerplugin jre8 flashplayeractivex 7zip.install ccleaner adobeshockwaveplayer

cinst -y vlc googlechrome Firefox notepadplusplu flashplayerplugin jre8 flashplayeractivex 7zip.install ccleaner adobeshockwaveplayer

This could automate apps I want on my machines like
VCL Media Player, Browser,s Flash and JRE and Zip

So Far I’m close but have not gotten it to work yet;
I need to work on an installer that runs with Bigfix and then a action so I can run it

here is what I have but this doesn’t work
Script Type BigFix Action Script

waithidden “C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe” -ExecutionPolicy Bypass -command “choco install vlc 7zip.install ccleaner adobeshockwaveplayer -y --no-progress”

This doesn’t work; says runs and complete; I’ll have to run a log file and see whats going on

I then tried to run as adminisator with cmd with thhis

waithidden cmd /c “choco upgrade notepadplusplu flashplayerplugin jre8 flashplayeractivex -y --no-progress”

Call to run it in power shell; this will fail.

I have only been playing with this for a bit; if anyone has this up and running and you could share with me a solution that would be great. Otherwise I will grind this out in my spare time and work on a solution to share

May be another wow64 thing - since besclient is 32-bit it also launches 32-bit powershell.exe.

Try adding
action uses wow64 redirection false
to your actionscript somewhere before launching powershell.

I got it to work great to install; just need to figure out how to get it run correctly

Chocolatey Install that works

action uses wow64 redirection false
prefetch b610ca034d9a98daec460469f502eb2339c90139 sha1:b610ca034d9a98daec460469f502eb2339c90139 size:167592 myserver:Uploads/b610ca034d9a98daec460469f502eb2339c90139/BabyTiara.JPG.tmp sha256:ef80def89980ad99131d1883e135e6943a7af004f7dfe6e33d1554a1551ed7d1
extract b610ca034d9a98daec460469f502eb2339c90139
wait cmd.exe /c @“%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe” -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command “iex ((New-Object System.Net.WebClient).DownloadString(‘https://chocolatey.org/install.ps1’))” && SET “PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin” *>$null

Just need to figure how to get it run my commands correctly now

You need to be careful with chocolatey in general.

Installs and updates pulled with it will not go through the BigFix relays, so you can overwhelm the network if you push software with it to many systems at once.

I also don’t know if the scripts that chocolatey run are signed and validated in any way to ensure they aren’t modified.

The other issue is that not all of the chocolatey scripts that do the actual installation and updates actually validate the downloads using size & hash like bigfix content generally should. You need to make sure they are doing validation so that they are not susceptible to man in the middle attacks.

You really need to carefully review what each one is doing, otherwise you can’t be certain you are installing what you think you are installing.

Most of the fixlets for chocolatey installs I’ve published in the past are outdated.