Help

Built Date / Exclusions

jeremy_spolande
New Contributor

Posted on ‎11-13-2013 02:42 AM

Apologies if this is a duplicate, i remember seeing something but cant find it now.

We have a process to build via configurations (10.9 or 10.8) then after a reboot we have a set of policies that we trigger based on naming so that departments get the right apps (this cant all be done in imaging as policies are needed). What i need to do is stop these apps applying to existing machines with smilar names. I would like an exclusion for all of my "build process" policies that says something like "if the machine or OS was built more than 2 days ago dont apply these policies"

Is there some way of doing this?

0 Kudos
4 REPLIES 4

stevewood
Honored Contributor II
Honored Contributor II

Posted on ‎11-13-2013 06:28 AM

How are the builds being triggered, manually by a tech, or via a policy? And are these rebuilds of machines, or are they brand new out of the box?

If doing it via policy, like for a rebuild, I would probably use a dummy file and some logic in the policy to determine date.

In my original build of the machine, I would make sure to "touch" a file somewhere on the machine, perhaps in a hidden directory where you place other resources, that had the build date as the name of the file. So in your first run script, you'd have something along these lines:

osVersion=`sw_vers | grep 'ProductVersion:' | grep -o '[0-9]*.[0-9]*.[0-9]*' | cut -c 1-4`
modelName=`system_profiler SPHardwareDataType | grep 'Model Name:' | awk '{ print $3 }'`
TODAY=`date +"%Y-%m-%d"`
touch /Library/Application Support/JAMF/Receipts/$modelName Imaged $TODAY.pkg

I put the osVersion in there in case you wanted to add that to the file name. Now create a new script that reads in the name of that package, trims the date out, and checks to see if that date is greater than 2 days from today. If the date is greater, then the script sets the startup disk to a NetBoot image, and reboots the machine. The machine record in the JSS would need to have AutoRun data, of course, but that would allow you to re-image/rebuild a machine.

This was a test script I threw together to check if a date was greater than the imaged date. I used the epoch date of the filename and todays date to check:

#!/bin/sh
osVersion=`sw_vers | grep 'ProductVersion:' | grep -o '[0-9]*.[0-9]*.[0-9]*' | cut -c 1-4`
modelName=`system_profiler SPHardwareDataType | grep 'Model Name:' | awk '{ print $3 }'`
TODAY=`date +"%Y-%m-%d"`
imagedDate=`date -v-2m +"%Y-%m-%d"` #setting to twom months ago for testing

touch /Users/swood/Test/$modelName Imaged $imagedDate.pkg #test file

myFile=`ls /Users/swood/Test/ | grep Imaged | awk '{ print $3 }'`
fileDate=`basename $myFile .pkg`

t1=`date -j -f "%Y-%m-%d" $fileDate +%s`
t2=`date -j -f "%Y-%m-%d" $TODAY +%s`
let days=$t2-$t1

if [[ ("$days" -gt 172800)]]; then
    echo "It's greater"
    # now set the startup disk and reboot
else
    echo "It's not"
fi

echo $t1
echo $t2
echo $days

Hope that is clear and it helps point you in the right direction. I'm sure there are other ways to skin this cat.

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎11-13-2013 07:23 AM

You could also get the creation date of a file using Spotlight, or more accurately, mdls, one of Spotlight's command line tools.
One possible file you could look at is the jamf.log itself, since that would be created new on a Mac that was imaged or re-imaged, assuming a re-image is wiping the HDD that is. It might be a little dangerous to use a log file though, so you could look at other files or even touch a new file like @stevewood][/url mentions doing.
Once you've figured out which file you want to use for the date, use something like this-

mdls -name kMDItemFSCreationDate  /path/to/file/or/folder/ | awk '{if ($3 != "(null)") print $3,$4}'

This gives you output like this:
2013-11-08 18:24:40

@stevewood][/url in your script, just wanted to mention you could shorten the whole line for pulling the OS version to this-

sw_vers -productVersion | cut -d. -f1,2

Also, the line pulling the model name only pulls "MacBook" for me, not the full MacBook Pro or MacBook Air, etc. Not sure if that's what you intended or not, but just thought I'd mention it. You could try this instead to pull the full name, no matter how many columns its contained in:

system_profiler SPHardwareDataType | awk -F': ' '/Model Name/{print $NF}'
0 Kudos

stevewood
Honored Contributor II
Honored Contributor II

Posted on ‎11-13-2013 07:40 AM

Hey, good catch @mm2270! And thanks for the OS shortening. :-)

0 Kudos

Kumarasinghe
Valued Contributor

Posted on ‎11-13-2013 07:10 PM

We write the date into a plist file at imaging and read it from an EA.
https://jamfnation.jamfsoftware.com/discussion.html?id=4120#responseChild19546

0 Kudos