Help

Allow Terminal to update or delete other applications

SKizale
New Contributor III

Posted on ‎04-03-2023 11:51 AM

Hi all,

Has anyone figured out how to allow Terminal to update or delete other applications (see screenshot) using Jamf Pro? I recently noticed this needed permission when deploying a bash script to update the Egnyte Desktop Core app with Jamf Pro. I tried using Privacy Preferences Policy Control to enable this automatically with no success. 

 

4-3-23 at 2.45PM.png

0 Kudos
3 REPLIES 3

AJPinto
Honored Contributor II

Posted on ‎04-03-2023 12:34 PM

You should not need to give terminal permissions to modify other applications. 

  • What is the result of your script?
  • Can you share the script you are using to update the application?
0 Kudos

SKizale
New Contributor III

Posted on ‎04-03-2023 12:43 PM

My script fails when deploying it automatically on reoccurring check-in, but it works fine through the Self-Service app or if I enable Terminal to modify or delete applications. The script also works if no previous version of Egnyte is installed, but when trying to update the app to a newer version using the same script, it fails. Here is my script,

#!/bin/bash

#Kill running app
pkill Egnyte

# Download the Egnyte DMG file
curl -o ~/Downloads/Egnyte_0.5.0_2028.dmg https://egnyte-cdn.egnyte.com/desktopapp/mac/en-us/0.5.0/Egnyte_0.5.0_2028.dmg?_ga=2.162962236.10346...

# Mount the Egnyte DMG file
hdiutil attach ~/Downloads/Egnyte_0.5.0_2028.dmg

# Copy the Egnyte app to the Applications folder
cp -R "/Volumes/Install Egnyte/Egnyte.app" /Applications/

# Unmount the Egnyte DMG file
hdiutil detach "/Volumes/Install Egnyte"

# Delete .dmg file
rm ~/Downloads/Egnyte_0.5.0_2028.dmg

# Launch Egnyte.app
open /Applications/Egnyte.app

0 Kudos

AJPinto
Honored Contributor II
In response to SKizale

‎04-03-2023 01:16 PM - edited ‎04-03-2023 01:23 PM

 

I dont think JAMF uses Terminal to run scripts. JAMF dumps scripts in /Library/Application Support/JAMF/tmp and JAMF invokes the interpreter directly to run the script. 

 

Using ~/ in JAMF scripts usually does not work very well as JAMF run scripts as Root. If you want it to go in to the users download folder I would suggest using a variable for that. Granted this would fail if no one is logged in, so coming up with your own temp directory or using macOS's temp directory /tmp (or echo $TMPDIR if you are feeling brave) would be best.

 

#!/bin/bash

loggedInUser=$(/usr/bin/who | awk '/console/{ print $1 }')

#Kill running app
pkill Egnyte

# Download the Egnyte DMG file
curl -o /Users/$loggedInUser/Downloads/Egnyte_0.5.0_2028.dmg https://egnyte-cdn.egnyte.com/desktopapp/mac/en-us/0.5.0/Egnyte_0.5.0_2028.dmg?_ga=2.162962236.10346...

# Mount the Egnyte DMG file
hdiutil attach /Users/$loggedInUser/Downloads/Egnyte_0.5.0_2028.dmg

# Copy the Egnyte app to the Applications folder
cp -R "/Volumes/Install Egnyte/Egnyte.app" /Applications/

# Unmount the Egnyte DMG file
hdiutil detach "/Volumes/Install Egnyte"

# Delete .dmg file
rm /Users/$loggedInUser/Downloads/Egnyte_0.5.0_2028.dmg

# Launch Egnyte.app
open /Applications/Egnyte.app

 

 

 

0 Kudos