Skip to main content

I have a custom script that I cobbled together to determine if the PolicyBanner file is in place. This is then scoped against to install the PolicyBanner via a package.
http://support.apple.com/kb/HT4788



The original version of this script works just fine. As soon as I added the <result> brackets and input it into the Extension Attribute (data type=string, populated by script) it doesn't seem to work.



Testing the logic by removing/renaming the file does not update in the Inventory report.
Anybody care to tell me what I did wrong? :)



#!/bin/bash
ls -alh /Library/Security/ | grep PolicyBanner
if [ "$?" = 0 ]
then
echo <result>Yes_PolicyBanner</result>
else
echo <result>No_PolicyBanner</result>
fi

Looks like you are missing the quotes in your <result> statements:



echo "<result>Yes_PolicyBanner</result>"
echo "<result>No_PolicyBanner</result>"



Steve

Steve,



Thanks for the help.



Here is the updated version. This does the trick.



#!/bin/bash
ls -alh /Library/Security/ | grep PolicyBanner
if [ "$?" = 0 ]
then
echo "<result>Yes_PolicyBanner</result>"
else
echo "<result>No_PolicyBanner</result>"
fi

Don't make a habit of parsing ls. Also, there are much better ways to test if something exists etc.



This is what you want:



#!/bin/bash



if [[ -e /Library/Security/PolicyBanner.txt ]]; then

    echo "<result>Yes_PolicyBanner</result>"

else

    echo "<result>No_PolicyBanner</result>"

fi


And if you truly do not know if it will be a .txt, .rtf, or an .rtfd and you don't care then this will tell you if anything called PolicyBanner exists



#!/bin/bash



shopt -s nullglob

bannerfiles=(/Library/Security/PolicyBanner.*)



if [[ ${#bannerfiles[@]} -gt 0 ]]; then

    echo "<result>Yes_PolicyBanner</result>"

else

    echo "<result>No_PolicyBanner</result>"

fi


Why you shouldn't parse the output of ls(1)
http://mywiki.wooledge.org/ParsingLs



Tests and Conditionals
http://mywiki.wooledge.org/BashGuide/TestsAndConditionals



Also, for future cases where you really need it grep -q will do what you were kinda trying to do by checking the exit status.



Start Here.
http://mywiki.wooledge.org/BashGuide



The LDP "Bash Guide for Beginners" and ABS aren't the greatest.

Yes, bash has a lot of built in functions to check if files exist, if something is a directory, if it is a file and so forth. These require less code and run with in the shell itself, so they should technically also be more efficient.

YEP!



mine run in .006 and .007 seconds respectively. The one with the "| grep" takes .012!



lol. :D



In all seriousness though spawning subshells, using pipes and external programs will add up in really big scripts. They also tend to be more fragile.

Haha, but hey you'll never get those 0.05 seconds back!

This thread helped me figure out building an extension attribute I needed in a rush, thanks for posting.

Terms & ConditionsCookie settings