Skip to main content
Answer

Prompt/defer for restart on 2020 M1 MacBook

  • November 8, 2021
  • 18 replies
  • 56 views
K
Forum|alt.badge.img+6

I've been taking a look at about a dozen restart scripts that have been shared with the community over the last several years.  Unfortunately it's looking like forcing a restart on a MacBook with an M1 processor is no longer a viable option?  Is there a new way to do this through JAMF with a simply policy, or with a script compatible with the new macs?

What we find is students rarely restart their devices, and sometimes we need them to (to force quit certain apps for instance so policy changes can be made).  We aren't talking about post software updates, just a way to scope a policy to prompt the user to restart their device, and offer some sort of short deferral, but ultimately enforce the restart with an automatic shutdown, if the last deferral expires.

I've tried the one from @m_donovan at https://community.jamf.com/t5/jamf-pro/jamf-helper-reboot-script-with-deferral/td-p/188511#responseChild164611%3Cbr%3E but that does not seem to work anymore.  If anyone has any thoughts, please let me know!  I would greatly appreciate the help!

Thanks!

Keith

Best answer by bwoods

1. Create a policy with user interaction and a recurring check-in trigger.

2. In the Files and Processes payload run "sudo shutdown -r now"

3. Use an extension attribute to track Uptime, to see if it actually rebooted.

 

or you could just create a luanch daemon that activates at a specific time and day of the week.

    bwoods

    18 replies

    bwoods
    Forum|alt.badge.img+14
    • bwoods
    • Honored Contributor
    • Answer
    • November 8, 2021

    1. Create a policy with user interaction and a recurring check-in trigger.

    2. In the Files and Processes payload run "sudo shutdown -r now"

    3. Use an extension attribute to track Uptime, to see if it actually rebooted.

     

    or you could just create a luanch daemon that activates at a specific time and day of the week.

    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 8, 2021

    Thanks for the reply!  I was able to see what you were talking about in the policy options.  This will hopefully work for what we need!

     

    Thanks again!

    Keith

    bwoods
    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 9, 2021

    1. Create a policy with user interaction and a recurring check-in trigger.

    2. In the Files and Processes payload run "sudo shutdown -r now"

    3. Use an extension attribute to track Uptime, to see if it actually rebooted.

     

    or you could just create a luanch daemon that activates at a specific time and day of the week.


    After further testing, I'm wondering if we may benefit from using "sudo shutdown -h +1 &" in order to provide enough time to submit the policy results to JAMF.  I have noticed some devices do not appear to be submitting their info after the policy has run.  Do you see any issues with using the above command?

     

    Thanks!

    Keith

    bwoods
    bwoods
    Forum|alt.badge.img+14
    • bwoods
    • Honored Contributor
    • November 9, 2021

    After further testing, I'm wondering if we may benefit from using "sudo shutdown -h +1 &" in order to provide enough time to submit the policy results to JAMF.  I have noticed some devices do not appear to be submitting their info after the policy has run.  Do you see any issues with using the above command?

     

    Thanks!

    Keith


    Correct, that will give your machine enough time to update inventory. 

    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 9, 2021

    Correct, that will give your machine enough time to update inventory. 


    Thank you!  By the way, being new to terminal commands, exactly what is the difference between -h and -r?  I understand -r is to indicate recursion for paths?

    bwoods
    bwoods
    Forum|alt.badge.img+14
    • bwoods
    • Honored Contributor
    • November 9, 2021

    Thank you!  By the way, being new to terminal commands, exactly what is the difference between -h and -r?  I understand -r is to indicate recursion for paths?


    @KAndrews5725  here's a pro tip: whenever you need to know what the flags of a specific command do...you can open terminal and type "man + the command you need to learn more about"

    In this case you would run "man shutdown" to learn more about the shutdown command. 

    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 9, 2021

    @KAndrews5725  here's a pro tip: whenever you need to know what the flags of a specific command do...you can open terminal and type "man + the command you need to learn more about"

    In this case you would run "man shutdown" to learn more about the shutdown command. 


    Ok great!  Thanks again!

    bwoods
    bwoods
    Forum|alt.badge.img+14
    • bwoods
    • Honored Contributor
    • November 9, 2021

    @KAndrews5725  here's a pro tip: whenever you need to know what the flags of a specific command do...you can open terminal and type "man + the command you need to learn more about"

    In this case you would run "man shutdown" to learn more about the shutdown command. 


     

    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 9, 2021

     


    I was looking at that, thanks!  So +1 indicates one minute.  So ideally I'd probably want "sudo shutdown -r +1 &"

    bwoods
    Forum|alt.badge.img+14
    • bwoods
    • Honored Contributor
    • November 9, 2021

    I was looking at that, thanks!  So +1 indicates one minute.  So ideally I'd probably want "sudo shutdown -r +1 &"


    Correct. Good luck on the you scripting journey! It gets easier with time and practice.

    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 9, 2021

    Correct. Good luck on the you scripting journey! It gets easier with time and practice.


    Thank you!  Yes, I am learning a little more each time, which I have enjoyed.

    bwoods
    Forum|alt.badge.img+14
    • bwoods
    • Honored Contributor
    • November 9, 2021

    Correct. Good luck on the you scripting journey! It gets easier with time and practice.


    One more thing, if you want to see that your policy actually ran in the dashboard, you would need to have a launch daemon run the shutdown command on your behalf.

     

    bwoods
    Forum|alt.badge.img+14
    • bwoods
    • Honored Contributor
    • November 9, 2021

    One more thing, if you want to see that your policy actually ran in the dashboard, you would need to have a launch daemon run the shutdown command on your behalf.

     


    #!/bin/bash # Create restartcomputer.sh echo > /tmp/restartcomputer.sh '#!/bin/bash # Sleep for 50 seconds sleep 50 # Shutdown Immediately sudo shutdown -r now' # Create and load a LaunchDaemon to fork restart echo "<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.company.restart</string> <key>UserName</key> <string>root</string> <key>ProgramArguments</key> <array> <string>sh</string> <string>/tmp/restartcomputer.sh</string> </array> <key>RunAtLoad</key> <true/> </dict> </plist>" > /tmp/restart.plist sudo chown root:wheel /tmp/restart.plist sudo chmod 755 /tmp/restart.plist sudo launchctl unload /tmp/restart.plist sudo launchctl load /tmp/restart.plist exit 0
    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 9, 2021

    One more thing, if you want to see that your policy actually ran in the dashboard, you would need to have a launch daemon run the shutdown command on your behalf.

     


    Ok, good to know.  Right now I am collecting inventory from an extension attribute called "Uptime" and that has allowed me to generate a smart group of devices that have not restarted in X number of days.  From that group I can determine how many laptops have restarted, but ultimately it doesn't tell me if the policy ran, or not.  I guess I just really want the laptops to be restarted one way or the other, and the smart group gives me a pretty good idea as to how many devices have, and how many are left to be done.

    bwoods
    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 10, 2021
    #!/bin/bash # Create restartcomputer.sh echo > /tmp/restartcomputer.sh '#!/bin/bash # Sleep for 50 seconds sleep 50 # Shutdown Immediately sudo shutdown -r now' # Create and load a LaunchDaemon to fork restart echo "<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.company.restart</string> <key>UserName</key> <string>root</string> <key>ProgramArguments</key> <array> <string>sh</string> <string>/tmp/restartcomputer.sh</string> </array> <key>RunAtLoad</key> <true/> </dict> </plist>" > /tmp/restart.plist sudo chown root:wheel /tmp/restart.plist sudo chmod 755 /tmp/restart.plist sudo launchctl unload /tmp/restart.plist sudo launchctl load /tmp/restart.plist exit 0

    Thanks again for your help!  So far I am liking the way the script works and I am seeing the log info in JAMF.  One error, that doesn't appear to be affecting the functionality:

     

    "Script result: /tmp/restart.plist: Could not find specified service
    Unload failed: 113: Could not find specified service"

     

    Anything I should try differently.  Someone suggested removing the "SUDO" command from the beginning of the command lines at the bottom of the script.  That doesn't appear to have changed the error code.

     

    Thanks again!

    Keith

    bwoods
    Forum|alt.badge.img+14
    • bwoods
    • Honored Contributor
    • November 10, 2021

    Thanks again for your help!  So far I am liking the way the script works and I am seeing the log info in JAMF.  One error, that doesn't appear to be affecting the functionality:

     

    "Script result: /tmp/restart.plist: Could not find specified service
    Unload failed: 113: Could not find specified service"

     

    Anything I should try differently.  Someone suggested removing the "SUDO" command from the beginning of the command lines at the bottom of the script.  That doesn't appear to have changed the error code.

     

    Thanks again!

    Keith


    @KAndrews5725, I predominantly use that for testing in code runner. The issue you're seeing is the unload and load near the end of the script. You should be able to remove the unload to fix the issue. 

    K
    Forum|alt.badge.img+6
    • KAndrews5725
    • Author
    • Contributor
    • November 11, 2021

    @KAndrews5725, I predominantly use that for testing in code runner. The issue you're seeing is the unload and load near the end of the script. You should be able to remove the unload to fix the issue. 


    Ok I will give that a shot! Appreciate the help!

    J
    Forum|alt.badge.img+4
    • jmdaul
    • New Contributor
    • May 3, 2022

    I'm trying to accomplish something similar, I have a script and created an extension attribute for uptime, and a script in a policy, but I'm unclear as to how it's all tied together.

    Terms & ConditionsCookie settingsAccessibility statement