Skip to main content

Hi there,


I'm working on a policy that should be able to deploy a launchdaemon plist to all machines. The below script I found 
here https://communithttps://community.jamf.com/t5/jamf-pro/remote-management-active-extension-attempt/m-p/119717y.jamf.com/t5/jamf-pro/remote-management-active-extension-attempt/m-p/119717 


 


#!/bin/bash

cat << 'EOF' > /Library/Scripts/jamf-Restart.sh
#!/bin/bash
sudo killall jamf
sleep 10
sudo jamf policy
EOF

chmod 644 /Library/Scripts/jamf-Restart.sh
chown root:wheel /Library/Scripts/jamf-Restart.sh

cat << EOF > /Library/LaunchDaemons/jamf-Restart.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>jamf.restart</string>
<key>ProgramArguments</key>
<array>
<string>sh</string>
<string>/Library/Scripts/jamf-Restart.sh</string>
</array>
<key>RunAtLoad</key>
<false/>
<key>StartInterval</key>
<integer>86400</integer>
</dict>
</plist>
EOF

chmod 644 /Library/LaunchDaemons/jamf-Restart.plist
chown root:wheel /Library/LaunchDaemons/jamf-Restart.plist

launchctl load -w /Library/LaunchDaemons/jamf-Restart.plist

 
And I have an extension attribute setup that should check if the 'jamf-Restart.plist' is loaded correctly.


#!/bin/sh

agentloaded=$(sudo launchctl list | grep "jamf.restart")


if [ -n "${agentloaded}" ]; then
echo "<result>Loaded</result>"
else
echo "<result>Not Loaded</result>"
fi


Couple of issues though. When I use "launchctl start jamf.restart" the "jamf-Restart.sh" script doesn't actually run. The other issue I'm having is that the extension attribute reports back 'Loaded' on some devices that don't have the 'jamf.restart' plist loaded up in launchdaemon.

I've made some changes to the above. Seems it's working. I'll test a bit more and report back. In case anyone else is interested:


#!/bin/sh

cat << 'EOF' > /private/var/tmp/JamfRestart.sh
#!/bin/sh
sudo killall jamf
sleep 10
sudo jamf policy
EOF

chmod 644 /private/var/tmp/JamfRestart.sh
chown root:wheel /private/var/tmp/JamfRestart.sh

cat << EOF > /Library/LaunchDaemons/JamfRestart.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>EnvironmentVariables</key>
<dict>
<key>PATH</key>
<string>/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Apple/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/usr/local/sbin:/opt/local/bin</string>
</dict>
<key>Label</key>
<string>JamfRestart</string>
<key>ProgramArguments</key>
<array>
<string>/bin/sh</string>
<string>/private/var/tmp/JamfRestart.sh</string>
</array>
<key>RunAtLoad</key>
<false/>
<key>StartInterval</key>
<integer>86400</integer>
</dict>
</plist>
EOF

chmod 644 /Library/LaunchDaemons/JamfRestart.plist
chown root:wheel /Library/LaunchDaemons/JamfRestart.plist
launchctl load -w /Library/LaunchDaemons/JamfRestart.plist

Good work. I've been trying something similar that I found on Jamf Nation but it would never work. I'm going to give yours a try and let you know. 

Good work. I've been trying something similar that I found on Jamf Nation but it would never work. I'm going to give yours a try and let you know. 


I've just done  a few tests now. Seems so far so good. Hopefully someone is able to assist with the extension attribute. Just need it to look for the 'JamfRestart' label with 'launchctl list | grep JamfRestart' or something similar. Then we can deploy based on whether or not devices have the .plist loaded. 

cool, working actually on one machine which have some trouble connecting back to our cloud.


Re-Deploy Jamf Framework via api has worked fine, but not really solved the issue on this machine. Will test your script the next days.


Thanks for it in advance :)

Reply


Terms & ConditionsCookie settings