Jamf Nation Community

mucgyver-old · ‎03-19-2019

Dear mates.

I created a backup script that should rsync all local user home folder with exceptions (exception file in /etc/rsync) to the smb network share of this user (subfolder: Backup).

However, I get this error message in the log:
Script result: 0:54: execution error: An error of type -5014 has occurred. (-5014)
/Library/Application Support/JAMF/tmp/backup_smbhome.sh: line 43: /usr/local/bin/rsync: Permission denied
Unmount failed for /Volumes/firstname.lastname

This rsync version is the newer version (3.1.3) than the built-in one and has been successfully installed before to /usr/local/bin .

And here is the script itself:

*#!/bin/bash

create Backup log folder if not existent

if [[ ! -e "/var/log/rsync" ]]; then /bin/mkdir -p "/var/log/rsync" # /usr/sbin/chown user:group"/var/log/backup" && /bin/chmod 775 "/var/log/backup"
fi

generate timestamp for log file and deletion folder (if applicable)

d=$(date +%Y-%m-%d_%H-%M-%S)

define log location and name

touch /var/log/rsync/$d.log
LOG="/var/log/rsync/$d.log"

get current User

currentUser=$(stat -f %Su /dev/console)
echo "Current User is $currentUser" >> $LOG

if [[ ! -e "/Volumes/currentUser" ]]
then ## determine path to network share homeLoc=$( dscl . -read /Users/$currentUser SMBHome | cut -c 10- | sed 's../.g' ) ## mount the share /usr/bin/osascript -e "mount volume "smb:$homeLoc"" echo "$currentUser 's home share has been successfully mounted." >> $LOG
else echo "$currentUser 's home share is already mounted." >> $LOG
fi

create Backup folder if not existent

if [[ ! -e "/Volumes/$currentUser/Backup" ]]; then /bin/echo "Backup folder not found." >> $LOG /bin/echo "Creating Backup folder." >> $LOG /bin/mkdir -p "/Volumes/$currentUser/Backup" # /usr/sbin/chown user:group"/Volumes/$currentUser/Backup" && /bin/chmod 775 "/Volumes/$currentUser/Backup" /bin/echo "The Backup folder has been created." >> $LOG
fi

sleep 2

actual rsync command (archive, verbose, logging)

/usr/local/bin/rsync -av --exclude-from '/etc/rsync/exclusions.txt' --delete-after /Users/$currentUser/ /Volumes/$currentUser/Backup --log-file=$LOG

unmount the share

diskutil umount force /Volumes/$currentUser
/bin/echo "$currentUser's home share has been successfully unmounted." >> $LOG

exit*

As it might be a permission thing, here is the payload of the rsync 3.1.3 package I created within composer:

Does anyone has an idea what might be the issue and how to resolve this?

I try hard to get better in scripting, but I am still some kind of beginner...

Thank you and best regards
Christian

ryan_ball · ‎03-19-2019

@cbednarzwd It is incredibly hard to determine what you are doing when the script is not posted with the ">_" button which puts the code in a code block of the post. I'm taking a look at this but the script has several things commented out.

Are you attempting to mount the user's SMB Home to /Volumes/username? There is some code to mount that, but it appears to be commented out. If your plan is to backup the user's home folder to their SMB home, then I can work that into the script for you. The addition of a different rsync is not necessary, but if that is what you want to do then that would be fine too.

ryan_ball · ‎03-19-2019

@cbednarzwd A couple of notes about your script.
- I would assume you are running this as root, if that is the case you won't be able to mount the user's SMBHome most likely, as you would not have permission, you'd have to mount it as the user
- When using osascript to mount the volume, you can't choose the volume name, so you can take the last element from the user's SMBHome field and assume that would be the share name, which would end up as the volume name. Then you can go from there assuming the volume was mounted at the share name.
- So now you have the issue of rsyncing files to a directory as root, that you don't actually own. So you have permissions issues. So you need to ignore permissions on the receivers end and you can do that in the rsync command as options like so:

--no-p --no-g --chmod=ugo=rwX

- Then, if you plan to restore later, you can chmod/chown accordingly to ensure the permissions are correct.
- Also, you might as well just include the things you want to exclude in the script itself, as your filter list is a static list, and if it was done in the script you can just modify the script rather than push out another filter list via package.

Here is my own version of what I think you are attempting to do:

#!/bin/bash

# Define log location and name
log="/var/log/rsync/$(date +%Y-%m-%d_%H-%M-%S).log"
# Get currently logged in user
currentUser=$(/usr/bin/python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");')
currentUserUID=$(id -u "$currentUser")
# Get SMBHome in form: //server/share
homeLoc=$(/usr/bin/dscl . -read "/Users/$currentUser" | grep SMBHome: | cut -c 10- | sed 's/\///g')
# Transoform SMBHome to form: //user:@server/share
homeLoc="${homeLoc/////smb://$currentUser:@}"
# Get the share name from the SMBHome variable
share=$(echo "$homeLoc" | /usr/bin/awk -F'/' '{print $NF}')

function writelog () {
    DATE=$(date +%Y-%m-%d %H:%M:%S)
    /bin/echo "${1}"
    /bin/echo "$DATE" " $1" >> "$log"
}

# Make sure we are root
if [[ $EUID -ne 0 ]]; then
   writelog "This script must be run as root"
   exit 1
fi

# Create backup log folder if not existent
/bin/mkdir -p "/var/log/rsync" | while read -r LINE; do writelog "$LINE"; done;

# Log the current user
writelog "Current User is $currentUser"

# Mount the user's SMBHome AS THE USER if not already mounted
if [[ ! -e "/Volumes/$share" ]]; then
    # User may receive a dialog box to enter their password for the share
    /bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e "mount volume "$homeLoc""
    writelog "$currentUser's home share has been successfully mounted."
else
    writelog "$currentUser's home share is already mounted."
fi

# Create Backup folder if not existent
/bin/mkdir -p "/Volumes/$share/Backup" | while read -r LINE; do writelog "$LINE"; done;

sleep 2

# actual rsync command (archive, verbose, logging, with compression)
/usr/bin/rsync -avz --no-p --no-g --chmod=ugo=rwX --update --delete --ignore-errors --force 
    --exclude='Library' --exclude='Microsoft User Data' --exclude='.DS_Store' --exclude='.Trash' 
    --exclude='iTunes' --exclude='Downloads' --progress --log-file="$log" 
    "/Users/$currentUser/" "/Volumes/$share/Backup/"
/usr/sbin/chown -R "$currentUser" "/Volumes/$share/Backup"

sleep 2

# unmount the share
umount "/Volumes/$share" | while read -r LINE; do writelog "$LINE"; done;
writelog "$currentUser's home share has been successfully unmounted."

exit 0

mucgyver-old · ‎03-20-2019

ryan.ball, thanks a million for all the work you put in this. Really much appreciated!
It helps me a lot to understand concepts of Jamf script much better.
I will give it a test run today! Again, kudos!