Difference between revisions of "ITunes"

From WPKG | Open Source Software Deployment and Distribution
Jump to: navigation, search
(neue Version von itunes)
(Full ITunes installation 10.3.0.54)
Line 19: Line 19:
 
* There is a 64bit version of ITunes available too. As of version 10.3.0.54 the 64bit installer contains 64bit versions of ITunes itself and Apple Mobile Device Support and 32bit versions of Quicktime and Apple Application Support. The package definitions for the 64bit versions look basically the same as below, just the paths and GUIDs are different.
 
* There is a 64bit version of ITunes available too. As of version 10.3.0.54 the 64bit installer contains 64bit versions of ITunes itself and Apple Mobile Device Support and 32bit versions of Quicktime and Apple Application Support. The package definitions for the 64bit versions look basically the same as below, just the paths and GUIDs are different.
  
= Full ITunes installation 10.3.0.54 =
+
= Full ITunes installation 10.3.1.55 =
 
''If you update this code, please remember the GUIDs change on each new version installed!''
 
''If you update this code, please remember the GUIDs change on each new version installed!''
  

Revision as of 12:37, 30 June 2011

General Information

Apple iTunes is primarily a program to play different types of media, but it is also required if you want to backup an IPhone or sync your emails, notes, bookmarks etc over USB with your PC. ITunes comes bundled with multiple sub programs that are all automatically installed when running the regular ITunes setup wizard. However depending on your use case you don't actually need all of them. Therefore this page is divided into two subparts: On the one hand a full blown ITunes installation (excluding Apple Software Update) when you actually want to use ITunes and Quicktime as an audio and video player, image viewer, podcast streamer, etc and on the other hand a minimal ITunes installation if you only want to use it to snc/backup an IPhone.

ITunes is one of the programs that are more difficult to package, since Apple is using it as a vehicle to distribute their other software. To get rid of at least some of those "extra" programs additional configuration steps are necessary to perform.

Pre-Setup Process

The ITunes installer consists of multiple MSI packages for each of its sub programs and a runtime that executes those MSI packages one after the other. To extract the MSI files do the following:

  • Download the ITunes setup file from Apple (usually called iTunesSetup.exe)
  • Open the file with 7zip or another file archiver
  • Extract iTunes.msi, QuickTime.msi, AppleApplicationSupport.msi and AppleMobileDeviceSupport.msi

Notes

  • Apple Mobile Device Support is only necessary if you want to connect an Ipod or IPhone. Quicktime and Apple Application Support are mandatory to be able to run ITunes.
  • Each sub-application has its own version. When a new version for ITunes comes out, you will need to extract the MSI packages from the EXE installer, right click on the MSI files and check their version to see which sub-applications have updated. Each sub-applications has its own WPKG package definition with separate install, upgrade and uninstall commands.
  • To also get the latest available version of Apple Application Support you'll have to download every installer from the Apple website and check which one contains the latest version of the Apple Application Support.
  • Apple sometimes updates the MSI packages inside the EXE installer without changing the version number on the website. So do not take it for granted that there are no new packages available just because the version number on the website is still the same.
  • Apple is also known to sometimes modify the setup packages of their programs even at minor version changes, so do not blindly assume that a new ITunes installer will work the same way as the old one did!
  • Warning: The version of Quicktime that is bundled with ITunes is not necessarily the newest version available and may contain known security flaws. For example ITunes 9.2.1.5 contained Quicktime 7.66, although Quicktime 7.67 had already been released since weeks at that time. Quicktime 7.66 has a highly critical security flaw that allows for remote execution of arbitrary code, simply by visiting a webpage (secunia.com). If you encounter such a scenario, you will have to download the standalone Quicktime installer from Apple and extract the file QuickTime.msi from there. Alternatively you can use the minimal ITunes installation method below, which removes the Quicktime browser plugin and thereby mitigates the attack surface.
  • There is a 64bit version of ITunes available too. As of version 10.3.0.54 the 64bit installer contains 64bit versions of ITunes itself and Apple Mobile Device Support and 32bit versions of Quicktime and Apple Application Support. The package definitions for the 64bit versions look basically the same as below, just the paths and GUIDs are different.

Full ITunes installation 10.3.1.55

If you update this code, please remember the GUIDs change on each new version installed!

Deploy File/Folder Structure 

 %SOFTWARE%\itunes\iTunes.msi
 %SOFTWARE%\itunes\QuickTime.msi
 %SOFTWARE%\itunes\AppleMobileDeviceSupport.msi
 %SOFTWARE%\itunes\AppleApplicationSupport.msi

<?xml version="1.0" encoding="UTF-8"?>
<package id='appleapplicationsupport' name='Apple Application Support' revision='1.5.2' reboot='false' priority='10'>
	<check type='registry' condition='equals' path='HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B3575D00-27EF-49C2-B9E0-14B3D954E992}\DisplayVersion' value='1.5.2' />
 
	<install cmd='msiexec /i "%SOFTWARE%\itunes\AppleApplicationSupport.msi" /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</install>
 
 
	<upgrade cmd='msiexec /i "%SOFTWARE%\itunes\AppleApplicationSupport.msi" /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</upgrade>
 
	<remove cmd='msiexec /x{B3575D00-27EF-49C2-B9E0-14B3D954E992} /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='1605' />
		<exit code='3010' reboot='postponed' />
	</remove>
</package>

<package id='applemobilesupport' name='Apple Mobile Device Support' revision='3.4.1.2' reboot='false' priority='10'>
	<check type='registry' condition='equals' path='HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C23CD6DA-1958-43A5-ADD0-59396572E02E}\DisplayVersion' value='3.4.1.2' />
 
	<install cmd='msiexec /i "%SOFTWARE%\itunes\AppleMobileDeviceSupport.msi" /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</install>
 
	<upgrade cmd='msiexec /i "%SOFTWARE%\itunes\AppleMobileDeviceSupport.msi" /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</upgrade>
	<remove cmd='msiexec /x{C23CD6DA-1958-43A5-ADD0-59396572E02E} /passive /norestart' timeout='300'>		
		<exit code='0' />
		<exit code='1605' />
		<exit code='3010' reboot='postponed' />
	</remove>
</package>

<package id='quicktime' name='Apple QuickTime' revision='7.69.80.9' reboot='false' priority='10'>
	<check type='uninstall' condition='exists' path='QuickTime' />
	<check type='file' condition='versiongreaterorequal' path='%PROGRAMFILES%\QuickTime\QuickTimePlayer.exe' value='7.69.80.9' />
 
	<install cmd='msiexec /i "%SOFTWARE%\itunes\QuickTime.msi" SCHEDULE_ASUW=0 /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</install>
 
	<upgrade cmd='msiexec /i "%SOFTWARE%\itunes\QuickTime.msi" SCHEDULE_ASUW=0 /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</upgrade>
 
	<remove cmd='msiexec /x{57752979-A1C9-4C02-856B-FBB27AC4E02C} /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='1605' />
		<exit code='3010' reboot='postponed' />
	</remove>
</package>


<package id='itunes' name='Apple iTunes' revision='10.3.1.55' reboot='false' priority='9'>
	<check type='uninstall' condition='exists' path='iTunes' />
	<check type='file' condition='versiongreaterorequal' path='%PROGRAMFILES%\iTunes\iTunes.exe' value='10.3.1.55' />
 
	<install cmd='msiexec.exe /i "%SOFTWARE%\itunes\iTunes.msi" SCHEDULE_ASUW=0 /passive' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</install>
	<install cmd='reg add "HKLM\SOFTWARE\Apple Computer, Inc.\iTunes\Parental Controls\Default" /v "AdminFlags" /t REG_DWORD /d "0x101" /f' timeout='60' />
 
	<upgrade cmd='msiexec.exe /i "%SOFTWARE%\itunes\iTunes.msi" SCHEDULE_ASUW=0 /passive' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</upgrade>
	<upgrade cmd='reg add "HKLM\SOFTWARE\Apple Computer, Inc.\iTunes\Parental Controls\Default" /v "AdminFlags" /t REG_DWORD /d "0x101" /f' timeout='60' />
 
	<remove cmd='msiexec.exe /x{C897FCB3-2F8B-4185-8035-79E2AF3A92A4} /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='1605' />
		<exit code='3010' reboot='postponed' />
	</remove>
</package>

Minimal ITunes installation 10.3.0.54

The goal of this setup is to get

  1. a working installation of ITunes which allows you to activate, backup and sync an IPhone or Ipod, download and install new iOS versions and optionally get songs/apps from the Apple Store,
  2. but does otherwise interfere with the PC as little as possible. Specifically this means: No Quicktime browser plugins, no Quicktime Java libraries, no automatic update checks, no desktop shortcuts, no automatic file type associations with Quicktime or ITunes, no ITunes CD grabbing, no unecessary background services, no autostart entries, no Quicktime picture viewer, no task icons.

These package definitions are suited for someone who has to roll out ITunes in a corporate environment because the employees are using IPhones, but otherwise has no use case for ITunes and/or Quicktime at all. Of course all steps in this section is optional, if you don't want to leave a certain feature out, then simply omit the corresponding step.

Configuration

Not all necessary changes to the setup packages can be made at the command line level, therefore the MSI files have to be modified. For this the Microsoft tool Orca (freeware) is necessary. If you don't have Orca yet, download it from Microsoft.

ITunes

  • Open iTunes.msi, select New Transform from the main menu.
  • Drop the component itms.js from the table Component. This file is responsible for registering ITunes as a trusted application in Firefox.
  • Drop the argument Launch_iTunesHelper in the table ControlEvent. This prevents iTunesHelper.exe from being started after the setup finishes. ITunes Helper is responsible for automatically starting ITunes when an iPhone or iPod is being connected to the PC.
  • Open the table Registry and drop the keys Registry415 (adds iTunesHelper.exe to the Windows autorun) and Registry835 to Registry843 (adds the ITunes detector plugin to Firefox and other browsers). Of course the registry IDs may change in future ITunes versions, you can instead search for CurrentVersion\Run and MozillaPlugins in the column Key of the Registry table.
  • Drop the file ITDetector.ocx from the table SelfReg. This prevents the ITunes detector ActiveX component from being registered, which is otherwise added as a plugin to Internet Explorer.
  • Click Generate Transform and save the resulting file into the same folder as the MSI.

You can disable certain ITunes features via the registry. Apple has a list of almost everything that you can disable: How to manage iTunes control features (kParentalFlags_DisablePing = 0x00800000 is missing in Apple's list). In the XML code below, only the update check in ITunes is disabled. If you want to disable other features too, look up their hexadecimal numbers at the above link, add them up and write the result as a DWORD value to HKLM\SOFTWARE\Apple Computer, Inc.\iTunes\Parental Controls\Default\AdminFlags. Be aware that you always need to include the "Locked" flag (1) for the settings to take effect.

After ITunes is removed, it does not delete the files in %APPDATA%\Apple Computer\iTunes, %USERPROFILE%\Local Settings\Application Data\Apple Computer\iTunes and %ALLUSERSPROFILE%\Anwendungsdaten\Apple Computer\iTunes. If you want to remove those directories, you have to specify additional remove commands for WPKG. The same is true for the registry key HKCU\Software\Apple Computer, Inc.\iTunes. The backups of IPhones, songs and applications from the Apple Store are stored outside of those directores!

Quicktime

  • Open QuickTime.msi with Orca, select New Transform from the main menu.
  • Edit the table FeatureComponents and drop the component QuickTimeEssentials.qtx. This gets rid of the installation of the Quicktime Firefox plugin. The rationale behind this is that the Quicktime plugin is of almost no use anymore because hardly anyone except Apple embeds Quicktime media files into websites. However nowadays one of the main attack vectors and primary source of drive-by installs are security holes in webbrowser plugins (for example ITunes 10.0 contained a Quicktime version that has two known and highly critical security holes #1 #2). Therefore it is strongly advisable to install as few plugins as possible.
  • Drop the condition NOT BNEWERPRODUCTISINSTALLED from the LaunchCondition table. This allows you the roll out the MSI via WPKG even if the user already installed a newer version of Quicktime manually.
  • Click Generate Transform and save the resulting file into the same folder as the MSI.

Besides the periodic update checks via Apple Software Update, Quicktime additionally performs update checks on its own when you launch it. To disable that behaviour install Quicktime on a test computer, delete the file %USERPROFILE%\Local Settings\Application Data\Apple Computer\QuickTime\QuickTime.qtp if it exists (adapt the path to your locale), then open the Quicktime settings in the Windows control panel, go to Update, uncheck Check for updates automatically and click OK. Now copy the recreated file %USERPROFILE%\Local Settings\Application Data\Apple Computer\QuickTime\QuickTime.qtp (should be below 1kB) to %SOFTWARE%\itunes. To deploy this file the package quicktimesettings is used. It copies QuickTime.qtp into %ALLUSERSPROFILE%\Application Data\Apple Computer\QuickTime and adds a registry key HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\LocalUserPreferences\FolderPath which points to this directory. Caution: Quicktime only checks that registry key if the key HKCU\SOFTWARE\Apple Computer, Inc.\QuickTime\LocalUserPreferences does not exist! If Quicktime is or was ever run without the HKLM-key present, it automatically creates the HKCU-key and then never checks the HKLM-key again.

After Quicktime is removed, it does not delete the files in %APPDATA%\Apple Computer\QuickTime, %USERPROFILE%\Local Settings\Application Data\Apple Computer\QuickTime and %ALLUSERSPROFILE%\Application Data\Apple Computer\QuickTime. If you want to remove those directories, you have to specify additional remove commands for WPKG. The same is true for the registry key HKCU\Software\Apple Computer, Inc.\QuickTime.

Package definitions

Apple Application Support and Apple Mobile Device Support

Copy the package definitions from the full ITunes installation above and use the original MSI files as extracted from iTunesSetup.exe. These packages don't require any modifications.

ITunes

<?xml version="1.0" encoding="UTF-8"?>
<package id='itunes' name='Apple iTunes' revision='10.3.0.54' reboot='false' priority='1'>
	<depends package-id='appleapplicationsupport' />
	<depends package-id='quicktime' />

	<check type='uninstall' condition='exists' path='iTunes' />
	<check type='file' condition='versiongreaterorequal' path='%PROGRAMFILES%\iTunes\iTunes.exe' value='10.3.0.54' />
	
	<!-- DESKTOP_SHORTCUTS=0: Don't create desktop shortcuts
	MEDIA_DEFAULTS=0: Don't make ITunes the default program for Audio CDs and various audio filetypes
	SCHEDULE_ASUW=0: Don't create a scheduled task to automatically search for ITunes updates
	REENABLEAUTORUN=0: Don't try to re-enable Windows autorun feature for CDs 
	OUTLOOK_LOAD_BEHAVIOR=0: Don't load ITunes-Calendar-Addin in Outlook -->
	<install cmd='msiexec.exe /i "%SOFTWARE%\itunes\iTunes.msi" TRANSFORMS="%SOFTWARE%\itunes\itunes-transform-from-above.mst" DESKTOP_SHORTCUTS=0 MEDIA_DEFAULTS=0 SCHEDULE_ASUW=0 REENABLEAUTORUN=0 OUTLOOK_LOAD_BEHAVIOR=0 /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</install>
	<!-- Disable update feature in ITunes via parental controls -->
	<install cmd='reg add "HKLM\SOFTWARE\Apple Computer, Inc.\iTunes\Parental Controls\Default" /v "AdminFlags" /t REG_DWORD /d "0x101" /f' timeout='60' />
	
	<upgrade cmd='msiexec.exe /i "%SOFTWARE%\itunes\iTunes.msi" TRANSFORMS="%SOFTWARE%\itunes\itunes-transform-from-above.mst" DESKTOP_SHORTCUTS=0 MEDIA_DEFAULTS=0 SCHEDULE_ASUW=0 REENABLEAUTORUN=0 OUTLOOK_LOAD_BEHAVIOR=0 /passive /norestart'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</upgrade>
	<upgrade cmd='reg add "HKLM\SOFTWARE\Apple Computer, Inc.\iTunes\Parental Controls\Default" /v "AdminFlags" /t REG_DWORD /d "0x101" /f' timeout='60' />
	
	<remove cmd='msiexec.exe /x{D6B5B017-7643-46A5-AC4D-E58A7B4798A0} /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='1605' />
		<exit code='3010' reboot='postponed' />
	</remove>
</package>

Quicktime

The Quicktime installer package is grouped into multiple features (categories). For reasons that are left to the imagination of the reader, Apple prevents the user from deselecting any of those features through the GUI. However by using the ADDLOCAL switch, it is possible to specify which features should be installed. To use the audio and video playback capabilites of Quicktime, only the feature QuickTimeEssentials is necessary. The other features as of version 7.69 are: QuickTimeInternet, QuickTimeImage, QuickTimeEffects, QuickTimeMusic, QuickTimeAuthoring, QuickTimeCapture, QuickTimeForJava, QuickTimeDiagnostics, QuickTimeProResDecoder. None of them is necessary to run ITunes, therefore they are all excluded. Be aware that QuickTimeInternet includes the Quicktime plugin for the Internet Explorer (see above for possible security implications when installing this feature). 

<?xml version="1.0" encoding="UTF-8"?>
<package id='quicktime' name='Apple QuickTime' revision='7.69.80.9' reboot='false' priority='2'>
	<chain package-id='quicktimesettings' />
	
	<check type='uninstall' condition='exists' path='QuickTime' />
	<check type='file' condition='versiongreaterorequal' path='%PROGRAMFILES%\QuickTime\QuickTimePlayer.exe' value='7.69.80.9' />
	
	<!-- ADDLOCAL=QuickTimeEssentials: Only install the main feature of Quicktime -->
	<install cmd='msiexec /i "%SOFTWARE%\itunes\QuickTime.msi" TRANSFORMS="%SOFTWARE%\itunes\quicktime-transform-from-above.mst" ADDLOCAL=QuickTimeEssentials DESKTOP_SHORTCUTS=0 SCHEDULE_ASUW=0 /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</install>
		
	<upgrade cmd='msiexec /i "%SOFTWARE%\itunes\QuickTime.msi" TRANSFORMS="%SOFTWARE%\itunes\quicktime-transform-from-above.mst" ADDLOCAL=QuickTimeEssentials DESKTOP_SHORTCUTS=0 SCHEDULE_ASUW=0 /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='3010' reboot='postponed' />
	</upgrade>
	
	<remove cmd='msiexec /x{57752979-A1C9-4C02-856B-FBB27AC4E02C} /passive /norestart' timeout='300'>
		<exit code='0' />
		<exit code='1605' />
		<exit code='3010' reboot='postponed' />
	</remove>
</package>

<package id='quicktimesettings' name='Apple QuickTime settings' revision='1' notify='false' reboot='false' priority='1'>
	<!-- Adapt the paths to your locale -->
	<check type='registry' condition='equals' path='HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\LocalUserPreferences\FolderPath' value='C:\Documents and Settings\All Users\Application Data\Apple Computer\QuickTime\' />
	<check type='file' condition='exists' path='%ALLUSERSPROFILE%\Application Data\Apple Computer\QuickTime\QuickTime.qtp' />

	<install cmd='%COMSPEC% /C if exist "%ALLUSERSPROFILE%\Application Data" xcopy /y /v "%SOFTWARE%\itunes\QuickTime.qtp" "%ALLUSERSPROFILE%\Application Data\Apple Computer\QuickTime\"' timeout='60' />
	<install cmd='%COMSPEC% /C if exist "%ALLUSERSPROFILE%\Application Data" reg.exe add "HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\LocalUserPreferences" /v "FolderPath" /d "%ALLUSERSPROFILE%\Application Data\Apple Computer\QuickTime\\" /f' timeout='60' />

	<upgrade cmd='%COMSPEC% /C if exist "%ALLUSERSPROFILE%\Application Data" xcopy /y /v "%SOFTWARE%\itunes\QuickTime.qtp" "%ALLUSERSPROFILE%\Application Data\Apple Computer\QuickTime\"' timeout='60' />
	<upgrade cmd='%COMSPEC% /C if exist "%ALLUSERSPROFILE%\Application Data" reg.exe add "HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\LocalUserPreferences" /v "FolderPath" /d "%ALLUSERSPROFILE%\Application Data\Apple Computer\QuickTime\\" /f' timeout='60' />

	<remove cmd='%COMSPEC% /C del "%ALLUSERSPROFILE%\Application Data\Apple Computer\QuickTime\QuickTime.qtp"' timeout='60'>
		<exit code='0' />
		<exit code='1' />
	</remove>
	<remove cmd='reg.exe delete "HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\LocalUserPreferences" /f' timeout='60'>
		<exit code='0' />
		 <exit code='1' />
	</remove>
</package>
Retrieved from "https://wpkg.org/index.php?title=ITunes&oldid=9666"