Good evening everyone,
I'm using dockutil 2.0.5 in combination with the following script:
#!/bin/bash
# ---------------------------------------------------------
# Set all Variables
# ---------------------------------------------------------
#----- Get Computer Name
CompName=$(scutil --get ComputerName)
#----- Standards
script=$"Set User Account Icons "
now=$(date +"%m-%d-%Y %H:%M:%S")
Result=$?
#----- Debugging
#bash -x ./[script_name.sh] for detailed script output
#bash -n ./[script_name.sh] for syntax checking
set -u # verbose error checking during execution
#----- Executables
mkdir=`which mkdir`
chown=`which chown`
chmod=`which chmod`
dockutil="/usr/local/bin/dockutil"
#----- User Account Variables
loggedInUser="$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ && ! /loginwindow/ { print $3 }' )"
#--- Set Logging
Log="/Users/$user/Library/Logs/Nike/"
if [ ! -d "${Log}" ];
then
mkdir $Log
chown $user:staff $Log
chmod 777 $Log
fi
exec >> "${Log}"/Test.SetDockIcons.log 2>&1
#----------------------------------------------------------
# Timestamp
#----------------------------------------------------------
echo ""
echo "##### $script"
echo "##### $now"
#----------------------------------------------------------
# Script
#----------------------------------------------------------
su -l $user -c "/usr/local/bin/dockutil --remove all --homeloc ~/Library/Preferences/com.apple.dock.plist"
echo "All icons have been removed from the dock for all users" && echo ""
if [ $user = mobile ] ; then
$dockutil --add /Applications/Test\ Tools.app --homeloc ~/Library/Preferences/com.apple.dock.plist
$dockutil --add /Applications --view grid --display folder --homeloc ~/Library/Preferences/com.apple.dock.plist
$dockutil --add /Applications/Utilities/ --view grid --display folder --homeloc ~/Library/Preferences/com.apple.dock.plist
$dockutil --add '~/Downloads' --view list --display folder --homeloc ~/Library/Preferences/com.apple.dock.plist
# rm -f ~/Desktop/*
su -l $user -c "osascript -e 'tell application "Finder" to set desktop picture to POSIX file "/Library/Desktop Pictures/Test/iMacSyncBackground.jpg"'"
else
su -l $user -c "$dockutil --add /Applications/Safari.app --homeloc ~/Library/Preferences/com.apple.dock.plist"
su -l $user -c "$dockutil --add /Applications/Google\ Chrome.app --homeloc ~/Library/Preferences/com.apple.dock.plist"
su -l $user -c "$dockutil --add /Applications/iTunes.app --homeloc ~/Library/Preferences/com.apple.dock.plist"
su -l $user -c "$dockutil --add /Applications/Test\ Tools.app --homeloc ~/Library/Preferences/com.apple.dock.plist"
su -l $user -c "$dockutil --add /Applications --view grid --display folder --homeloc ~/Library/Preferences/com.apple.dock.plist"
su -l $user -c "$dockutil --add /Applications/Utilities/ --view grid --display folder --homeloc ~/Library/Preferences/com.apple.dock.plist"
su -l $user -c "$dockutil --add '~/Downloads' --view list --display folder --homeloc ~/Library/Preferences/com.apple.dock.plist"
#US Config for BK and AC Alias for desktop
if [[ "$CompName" = RTUS* ]] && [[ $user != sysadmin ]] ; then
su -l $user -c "osascript -e 'tell application "Finder" to make new alias at (path to desktop folder) to file ((path to applications folder as text) & "BK 8.0")'"
su -l $user -c "osascript -e 'tell application "Finder" to make new alias at (path to desktop folder) to file ((path to applications folder as text) & "Apple Configurator")'"
fi
su -l $user -c "osascript -e 'tell application "Finder" to set desktop picture to POSIX file "/Library/Desktop Pictures/Test/testwallpaper.jpg"'
fi
$dockutil --add '~/Downloads' --view list --display folder --homeloc ~/Library/Preferences/com.apple.dock.plist
echo "Changed Dock & Desktop Icons and Wallpaper for the $user User"
exit 0 The script is supposed to set the dock and wallpaper for a guest account every time a user logs in. It's deployed via Jamf Pro MDM (10.35) Up until 11.6.3, the script has been working well. With the introduction of 12.2 however, the user is receiving the following prompt:
If the user selects "ok," the script runs and the wallpaper and dock items adjust accordingly. The issue is if they reject it the prompt disappears and the dock and wallpaper stay as default. These are company machines so we want to limit what's on the dock, wallpaper, etc.
I've tried creating multiple PPPC Mobileconfig files to allow osascript, sh, bash, terminal, etc. These were created by using the command I found here.
log stream --debug --predicate 'subsystem == "com.apple.TCC" AND eventMessage BEGINSWITH "AttributionChain"'I then ran the script and looked for the "responsible" strings. Here's what I found.
2022-02-16 18:23:53.574944-0800 0xdcb3 Info 0x39a57 146 0 tccd: [com.apple.TCC:access] AttributionChain: responsible={<TCCDProcess: identifier=com.apple.sh, pid=4902, auid=20
1, euid=201, responsible_path=/bin/sh, binary_path=/bin/bash>}, requesting={<TCCDProcess: identifier=com.apple.osascript, pid=5047, auid=201, euid=201, binary_path=/usr/bin/osascript>},
I went to PPPC Utility and created the following mobileconfig (I also made separate ones for .sh, .bash, and created separate configuration profiles for each of them (one payload per config profile).
I then created a Configuration profile in Jamf:
The issue still persists. Some people have recommended desktoppr and dockmaster as alternatives. However, based on hammering away at this for the past three days I don't believe the issue is dockutil but the script itself using osascript to "tell" finder what to do.
Sorry for the long post. In short, I've tried different variations of mobileconfigs, I've removed osascript tells entirely from the script, and have been on the slack channels, webpages, and forums trying to find a solution. I'm hoping someone out there can help me crack this puzzle. Any help would be greatly appreciated.
