Im looking to create a script to add to a new policy. I would like the script to prompt the user to restart their machine after the policy runs. I would also like the user to be able to have the option to restart the machine now or later. in other words, I don't want their machines to restart without the users permission. This could cause a ton of trouble with information loss etc. I have no experience in scripting at all. I could somewhat follow some things. I am unable to right scripts on my own at this point. Would be very helpful if someone can assist me.
Page 1 / 1
What is it you are needing to change/install that requires a restart. Not everything in macOS actually needs a restart. Maybe start there?
Im having an issue with Jamf Remote. I cant control any machines without resetting our management account password. i created a policy to reset the passwords. The policy seems to only work half of the time. I also realized that it wont work without me restarting the machine. I wanted to create a script in the policy that prompts the user to restart the machine after it runs.
I have a two script process (modified from a jamfHelper delay script) that presents a jamfHelper popup if the computer has not restarted in 4 days. It gives the user the option of an immediate restart, 2 minute, 5 minute or 1 hour delay. It then presents another jamfHelper popup 1 min before restart. The second script (for clean up) runs at login and checks for the presence of the files and removes them if they are there.
Script One:
#!/bin/bash
#######################################################################################
#
# Copyright (c) 2016, JAMF Software, LLC. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# * Neither the name of the JAMF Software, LLC nor the
# names of its contributors may be used to endorse or promote products
# derived from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY JAMF SOFTWARE, LLC "AS IS" AND ANY
# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL JAMF SOFTWARE, LLC BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
#######################################################################################
#
#######################################################################################
#
# Rewrite Description
#
#######################################################################################
# jss.jhp.delay.sh
# ©2016 brock walters jamf
#
# Modified for KISD by Mike Donovan September 8, 2017
#
# the information in the jamfhelper pop-up window can be modified by changing the following below:
#
# -title
# -heading
# -description
# -icon (eg, a .b64 encoded .png or .icns file in the script or a reference to a graphics file)
# -button1 (limited characters in field)
# -button2 (limited characters in field)
# -showDelayOptions (in seconds)
#
# for other jamfHelper options see:
#
# /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -help
#
# the case statement takes input from the jamfHelper button exit code variable "$result"
#
lastBootRaw=$(sysctl kern.boottime | awk -F'[= |,]' '{print $6}')
lastBootFormat=$(date -jf "%s" "$lastBootRaw" +"%m-%d-%Y")
today=$(date +%s)
#today=$(date -v+4d +%s) ###########For Testing #############################################
diffDays=$(( (today - lastBootRaw) / 86400 ))
#echo $diffDays
if [ $diffDays -ge 4 ];then
#echo "4 days or more Running Reboot script"
# Check for district icons
file=$(find /Library/Application Support/JAMF/bin/KISDColorseal.png)
if [ ! -z "$file" ]
then
useIcon=/Library/Application Support/JAMF/bin/KISDColorseal.png
#echo "found"
else
useIcon=/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/AlertCautionIcon.icns
#echo "not found"
fi
else
#echo "3 days or less Exiting"
exit 0
fi
jamfhelper()
{
/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper
-windowType utility
-title "KISD Mac Systems Admin"
-heading "It's time to reboot"
-description "This computer has not restarted since $lastBootFormat. Restart now or choose a delay option."
-icon "$useIcon"
-iconSize 110
-button1 "Delay"
-button2 "Restart Now"
-showDelayOptions "120, 300, 3600" # 2 minutes, 5 minutes, 1 hour
}
# variables
result=$(jamfhelper)
delayint=$(echo "$result" | /usr/bin/sed 's/.$//')
warndelayint=$(expr $delayint - 60)
#echo $delayint
#echo $warndelayint
defercal=$(($(/bin/date +%s) + delayint))
hour=$(/bin/date -j -f "%s" "$defercal" "+%H")
minute=$(/bin/date -j -f "%s" "$defercal" "+%M")
#echo $hour
#echo $minute
warndefercal=$(($(/bin/date +%s) + warndelayint))
warnhour=$(/bin/date -j -f "%s" "$warndefercal" "+%H")
warnminute=$(/bin/date -j -f "%s" "$warndefercal" "+%M")
#echo $warnhour
#echo $warnminute
# write launch daemon populated with variables from jamfHelper output
delay()
{
/bin/cat <<EOF > /Library/LaunchDaemons/org.your.rebootdelay.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>org.your.rebootdelay</string>
<key>ProgramArguments</key>
<array>
<string>reboot</string>
</array>
<key>StartCalendarInterval</key>
<dict>
<key>Hour</key>
<integer>$hour</integer>
<key>Minute</key>
<integer>$minute</integer>
</dict>
</dict>
</plist>
EOF
}
warndelay()
{
/bin/cat <<EOF > /Library/LaunchDaemons/org.your.rebootdelaywarning.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>org.your.rebootdelaywarning</string>
<key>ProgramArguments</key>
<array>
<string>sh</string>
<string>/Library/Scripts/rebootwarning.sh</string>
</array>
<key>StartCalendarInterval</key>
<dict>
<key>Hour</key>
<integer>$warnhour</integer>
<key>Minute</key>
<integer>$warnminute</integer>
</dict>
</dict>
</plist>
EOF
}
warnScript()
{
/bin/cat <<EOF > /Library/Scripts/rebootwarning.sh
#!/bin/bash
/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper
-windowType utility
-title "KISD Systems Admin"
-heading "It's time to reboot"
-description "This computer is set to reboot in 1 minute."
-icon "$useIcon"
-iconSize 110
-button1 "Ok"
EOF
}
finalPrep()
{
# unload launchd for testing
#launchctl unload /Library/LaunchDaemons/org.your.rebootdelay.plist
#launchctl unload /Library/LaunchDaemons/org.your.rebootdelaywarning.plist
# set ownership on delay launch daemon
chown root:wheel /Library/LaunchDaemons/org.your.rebootdelay.plist
chmod 644 /Library/LaunchDaemons/org.your.rebootdelay.plist
# set ownership on delaywarning launch daemon
chown root:wheel /Library/LaunchDaemons/org.your.rebootdelaywarning.plist
chmod 644 /Library/LaunchDaemons/org.your.rebootdelaywarning.plist
#load launchd
launchctl load /Library/LaunchDaemons/org.your.rebootdelay.plist
launchctl load /Library/LaunchDaemons/org.your.rebootdelaywarning.plist
}
# select action based on user input
#### Script Execution Starts Here #######
#### 1 runs functions
#### 2 runs reboot command
case "$result" in
*1 ) delay
warndelay
warnScript
finalPrep
;;
*2 ) reboot
echo "Reboot Called"
;;
esac
exit 0```
Script two:!/bin/bash
file=$(find /Library/LaunchDaemons/org.your.rebootdelay.plist)
if [ ! -z "$file" ]
then
echo "Found"
rm /Library/LaunchDaemons/org.your.rebootdelay.plist
rm /Library/LaunchDaemons/org.your.rebootdelaywarning.plist
rm /Library/Scripts/rebootwarning.sh
launchctl remove org.your.rebootdelay
launchctl remove org.your.rebootdelaywarning
fi
exit 0
```
I need one that I can attach to specific policies. I would like it to inform the user that the computer is going to restart/has to restart. I want the user to be able choose if he would like to restart now or later.
@kadams I think the script posted above can get you there, but will obviously need some tweaking for your purposes.
If you want, you can also take a look at something I put together a while ago now that uses a similar approach, but was intended more to be run after critical updates were installed on a device. reboot_scheduler
@m.donovan , I tried putting this script into a text editor. I cant get it to run in terminal. Is there anything else I supposed to change for this to work?. Am I supposed to put both of these scripts in the text editor at once?
Anyone knows how to modify the script above. I need it to trigger after running a policy. For instance, one policy runs and the script triggers. 4 days is too much time. I would like it to run instantly after running a policy. Also can both of those scripts be combined? Do I need them both for the script tor run.
I think the original script Brock posted may be closer to what you have in mind.
I would be sure to test it thoroughly for your needs.
Am I missing something??
Why not just use the 'allow deferral' in the user interaction tab of the policy??
I used the script above, but the delay portion of it isnt working. I delay for 2 minutes and nothing happens. Also is script 2 combined into one script?
I'm not sure if your reply was directed at me but the script I linked to is meant to only be 1 script. It also doesnt have logic built into it about last reboot time.
Additionally regarding the script you tried I noticed the script has logic based on the last reboot time. Which means if the system you tested on was rebooted less than 4 days ago you may not see any results of the above script.
Thanks
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.