Solved

Custom Patch Management Workflow

7 years ago
April 13, 2018
112 replies
86 views

+16

kendalljjohnson
Valued Contributor
105 replies

With the goal of having better user interaction options that what is provided within Jamf's Patch Management Policies (not having the app quit 5 minutes later without warning) I have been testing different options with my existing update workflow and open source tools like Yo. I ended up using Alerter which will wait for user interaction within a script and allows the calling of a command with sudo permissions in order to execute a policy trigger.

I haven't deployed it to my fleet yet but figured I would see what feedback the community might have. It takes a 2 policies and 1 smart group per software title, which is a bit cumbersome, and currently never forces the update as the user could infinitely defer the installation if the app is never quit. I use a deferral counter for macOS software updates that could be integrated but I have not taken the time to do so yet.

I'm open to any and all feedback, thanks!

Setup Prior to Workflow

Script
By setting up the Script Parameters it can be adapted to any title

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation, 
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6
7
8# $4 = Title
9# $5 = ParameterID
10# $6 = Process Name
11# $7 = Jamf Policy Event
12# $8 = App Path
13
14# Define currently logged in user
15currentUser="$(ls -la /dev/console | cut -d " " -f 4)"
16
17# Look if app is open via process name
18appOpen="$(pgrep -ix "$6" | wc -l)"
19
20
21if [[ $appOpen -gt 0 ]]; then
22        updateAnswer="$(/Library/Application Support/JAMF/alerter -title "$4" -sender $5 -message "must be quit in order to update. Save all data before quitting." -closeLabel Later -actions "Quit & Update")"
23            if [[ $updateAnswer == "Quit & Update" ]]; then
24                    sudo -u $currentUser killall "$6"
25                    jamf policy -event "$7"
26                    reopenAnswer="$(/Library/Application Support/JAMF/alerter -title "$4" -sender "$5" -message "has been updated. Thank you." -closeLabel Ok -actions Reopen -timeout 60)"
27                        if [[ $reopenAnswer == Reopen ]]; then
28                                sudo -u $currentUser open "$8"
29                        fi
30            else
31                    echo "User deferred"
32            fi
33    else
34        jamf policy -event "$7"
35fi

Policy
1. Create package that installs the alerter executable to /Library/Application Support/JAMF/
2. Push pkg via policy to install Alerter pkg to All Manage Clients (or whatever scope will utilize this workflow)

Patch Management Title
Create a Patch Management Title for 'Google Chrome'. If the app you are looking to update is not available as a patch Management Title setup your smart group to have Application Version instead of Patch Reporting.

Testing Rings
To allow the update to be pushed out in rings for testing, pre-defined Static/Smart Groups are setup with the following logic:

Ring 1 - Smart Group based IT computers
Ring 2 - Static Group of manually selected group with various roles and use cases across organization, around 15-20% of computer count
Ring 3 - all computers not in Ring 1 or Ring 2

Workflow Setup

Smart Computer Group
Create a Smart Computer Group to scope to any computer with the app installed and not running the desired version
1) Smart Group name: *Google Chrome Smart Update (Asterisk to keep Smart Update groups grouped at the top of your Smart Computer Group list)
2) Application Title is Google Chrome.app
3) Patch Reporting: Google Chrome is not 65.0.3325.181

Policies
Create a Policy used to trigger the installation of the pkg
1) Policy name: Install Latest Google Chrome Trigger
2) Custom Trigger: install_googleChromeUpdate
3) Execution Frequency: Ongoing
4) Packages: GoogleChrome-65.0.3325.181.pkg
5) Scope: *Google Chrome Smart Update
6) Maintenance: Update Inventory

Create policy that will prompt user if app is open, install if it is not open
1) Policy Name: Install Latest Google Chrome Alerter
2) Scripts: Alerter App Updates
3) Parameter Values
a. Title: Google Chrome
b. Sender ID: com.google.chrome c. Process Name: Google Chrome d. Jamf Policy Event: install_googleChromeUpdate e. App Path: /Applications/Google Chrome.app
4) Scope:
a. Target: *Google Chrome Smart Update
b. Exclusions: Ring 1, Ring 2, Ring 3

Ongoing Maintenance
When a new update is release the following maintenance would be required
1) Upload new pkg release for Google Chrome
2) Change Smart Computer Group the Patch Reporting version to new release number
3) Update the pkg within Install Latest Google Chrome Trigger policy
4) Reset Ring Exclusions - Based on testing schedule remove a group from the exclusions as needed (start with Ring 2 and Ring 3 as excluded, one week later remove Ring 2, one week after that remove Ring 3)

Best answer by kendalljjohnson

Realized I never posted what I finally settled on and put in production in case others want to give it a try. Been running with it for a while and seems to be working pretty well! Thanks for all the input and testing from others in the thread.

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6# Quit and Open path have 2 entries for the times you are quiting/uninstalling an old version of an app that is replaced by a new name (for example quiting Adobe Acrobat Pro, which is replaced by Adobe Acorbat.app)
7
8################################DEFINE VARIABLES################################
9
10# $4 = Title
11# $5 = App ID
12# $6 = Process Name
13# $7 = Jamf Policy Event
14# $8 = Quit App Path
15# $9 = Open App Path
16
17#Defining the Sender ID as self service due to setting the Sender ID as the actual app being updated would often cause the app to crash
18sender="com.jamfsoftware.selfservice.mac"
19#Jamf parameters can't be passed into a function, redefining the app path to be used within the funciton
20quitPath="$8"
21openPath="$9"
22
23################################SETUP FUNCTIONS TO CALL################################
24
25fGetCurrenUser (){
26currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
27");'`
28
29  # Identify the UID of the logged-in user
30  currentUserUID=`id -u "$currentUser"`
31}
32
33fQuitApp (){
34cat > /private/tmp/quit_application.sh <<EOF
35#!/bin/bash
36
37/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
38EOF
39
40/bin/chmod +x /private/tmp/quit_application.sh
41/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
42/bin/rm -f "/private/tmp/quit_application.sh"
43}
44
45fOpenApp (){
46  cat > /private/tmp/open_application.sh <<EOF
47#!/bin/bash
48
49/usr/bin/open "$openPath"
50EOF
51
52/bin/chmod +x /private/tmp/open_application.sh
53/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
54/bin/rm -f "/private/tmp/open_application.sh"
55}
56
57################################SETUP TIMER FILE################################
58
59## Set up the software update time if it does not exist already
60if [ ! -e /Library/Application Support/JAMF/.$5.timer.txt ]; then
61  echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
62fi
63
64## Get the timer value
65timer=`cat /Library/Application Support/JAMF/.$5.timer.txt`
66
67################################ALERTER MESSAGE OPTIONS################################
68
69saveQuitMSG="must be quit in order to update. Save all data before quitting."
70updatedMSG="has been updated. Thank you."
71
72################################START 'UPDATE WITH ALERTER' PROCESS################################
73
74# Look if app is open via process name
75appOpen="$(pgrep -ix "$6" | wc -l)"
76
77# if the app is open and the defer timer is not zero
78if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
79    fGetCurrenUser
80    updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -closeLabel "Defer ($timer)" -actions "Quit & Update" -timeout 3600)"
81    if [[ $updateAnswer == "Quit & Update" ]]; then
82        #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
83        fQuitApp
84        /usr/local/bin/jamf policy -event "$7"
85        reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
86        if [[ $reopenAnswer == Reopen ]]; then
87            fOpenApp
88        fi
89        #reset timer after updating
90        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
91
92    else
93        let CurrTimer=$timer-1
94        echo "User chose to defer"
95        echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer.txt
96        echo "Defer count is now $CurrTimer"
97        exit 0
98    fi
99# if app is open and defer timer has run out
100elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
101    fGetCurrenUser
102    /bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -actions "Quit & Update" -closeLabel "No Deferrals Left " -timeout 3600
103    fQuitApp
104    /usr/local/bin/jamf policy -event "$7"
105    reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
106    if [[ $reopenAnswer == Reopen ]]; then
107        fOpenApp
108    fi
109    #reset timer after updating
110    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
111
112else
113    # app is not open, reset timer and run updates
114    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
115    /usr/local/bin/jamf policy -event "$7"
116fi

View original

Did this topic help you find an answer to your question?

Show first post

Page 4 / 5

Rikky
New Contributor
6 replies
5 years ago
June 4, 2020

Make sure the 'Later -actions "Quit & Update"' is correct in your script.

1    updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /usr/local/bin/alerter -title "$4" -sender com.jamfsoftware.selfservice.mac -message "Update Required. Please save your work and close the application." -closeLabel Later -actions "Quit & Update" )"

Captainamerica
Contributor
142 replies
5 years ago
June 4, 2020

This is the script

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6# Quit and Open path have 2 entries for the times you are quiting/uninstalling an old version of an app that is replaced by a new name (for example quiting Adobe Acrobat Pro, which is replaced by Adobe Acorbat.app)
7
8################################DEFINE VARIABLES################################
9
10# $4 = Title
11# $5 = App ID
12# $6 = Process Name
13# $7 = Jamf Policy Event
14# $8 = Quit App Path
15# $9 = Open App Path
16
17#Defining the Sender ID as self service due to setting the Sender ID as the actual app being updated would often cause the app to crash
18sender="com.jamfsoftware.selfservice.mac"
19#Jamf parameters can't be passed into a function, redefining the app path to be used within the funciton
20quitPath="$8"
21openPath="$9"
22
23################################SETUP FUNCTIONS TO CALL################################
24
25fGetCurrenUser (){
26currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
27");'`
28
29  # Identify the UID of the logged-in user
30  currentUserUID=`id -u "$currentUser"`
31}
32
33fQuitApp (){
34cat > /private/tmp/quit_application.sh <<EOF
35#!/bin/bash
36
37/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
38EOF
39
40/bin/chmod +x /private/tmp/quit_application.sh
41/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
42/bin/rm -f "/private/tmp/quit_application.sh"
43}
44
45fOpenApp (){
46  cat > /private/tmp/open_application.sh <<EOF
47#!/bin/bash
48
49/usr/bin/open "$openPath"
50EOF
51
52/bin/chmod +x /private/tmp/open_application.sh
53/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
54/bin/rm -f "/private/tmp/open_application.sh"
55}
56
57################################SETUP TIMER FILE################################
58
59## Set up the software update time if it does not exist already
60if [ ! -e /Library/Application Support/JAMF/.$5.timer.txt ]; then
61  echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
62fi
63
64## Get the timer value
65timer=`cat /Library/Application Support/JAMF/.$5.timer.txt`
66
67################################ALERTER MESSAGE OPTIONS################################
68
69saveQuitMSG="must be quit in order to update. Save all data before quitting."
70updatedMSG="has been updated. Thank you."
71
72################################START 'UPDATE WITH ALERTER' PROCESS################################
73
74# Look if app is open via process name
75appOpen="$(pgrep -ix "$6" | wc -l)"
76
77# if the app is open and the defer timer is not zero
78if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
79    fGetCurrenUser
80    updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -closeLabel "Defer ($timer)" -actions "Quit & Update" -timeout 3600)"
81    if [[ $updateAnswer == "Quit & Update" ]]; then
82        #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
83        fQuitApp
84        /usr/local/bin/jamf policy -event "$7"
85        reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
86        if [[ $reopenAnswer == Reopen ]]; then
87            fOpenApp
88        fi
89        #reset timer after updating
90        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
91
92    else
93        let CurrTimer=$timer-1
94        echo "User chose to defer"
95        echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer.txt
96        echo "Defer count is now $CurrTimer"
97        exit 0
98    fi
99# if app is open and defer timer has run out
100elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
101    fGetCurrenUser
102    /bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -actions "Quit & Update" -closeLabel "No Deferrals Left " -timeout 3600
103    fQuitApp
104    /usr/local/bin/jamf policy -event "$7"
105    reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
106    if [[ $reopenAnswer == Reopen ]]; then
107        fOpenApp
108    fi
109    #reset timer after updating
110    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
111
112else
113    # app is not open, reset timer and run updates
114    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
115    /usr/local/bin/jamf policy -event "$7"
116fi

+16

kendalljjohnson
Author
Valued Contributor
105 replies
5 years ago
June 4, 2020

@Captainamerica

Not sure what is going on, I just took your exact script and ran it locally while hard coding the $4-$9 variables and it worked as expected. Are you running it via Jamf or have you tried running it locally and seen if any errors are called out? If it has only been from within Jamf, perhaps check your variable usage? Here's what I used for mine in the test just now, with Chrome:

1title="Google Chrome"
2appID="com.google.chrome"
3process="Google Chrome"
4policy="install_googleChromeUpdate"
5openpath1="/Applications/Google Chrome.app"
6quitpath1="/Applications/Google Chrome.app"

Captainamerica
Contributor
142 replies
5 years ago
June 8, 2020

hmm - it still just shows the same picture(see in botom). Script looks like below. It is been working probably before is it because some kind of files is some where hidden that it act like this and does not show defer option ?

Script I execute is this

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6# Quit and Open path have 2 entries for the times you are quiting/uninstalling an old version of an app that is replaced by a new name (for example quiting Adobe Acrobat Pro, which is replaced by Adobe Acorbat.app)
7
8################################DEFINE VARIABLES################################
9
10title="Google Chrome"
11appID="com.google.chrome"
12process="Google Chrome"
13policy="install_googleChromeUpdate"
14openpath1="/Applications/Google Chrome.app"
15quitpath1="/Applications/Google Chrome.app"
16
17#Defining the Sender ID as self service due to setting the Sender ID as the actual app being updated would often cause the app to crash
18sender="com.jamfsoftware.selfservice.mac"
19#Jamf parameters can't be passed into a function, redefining the app path to be used within the funciton
20quitPath="$8"
21openPath="$9"
22
23################################SETUP FUNCTIONS TO CALL################################
24
25fGetCurrenUser (){
26currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
27");'`
28
29    # Identify the UID of the logged-in user
30    currentUserUID=`id -u "$currentUser"`
31}
32
33fQuitApp (){
34cat > /private/tmp/quit_application.sh <<EOF
35#!/bin/bash
36
37/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
38EOF
39
40/bin/chmod +x /private/tmp/quit_application.sh
41/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
42/bin/rm -f "/private/tmp/quit_application.sh"
43}
44
45fOpenApp (){
46    cat > /private/tmp/open_application.sh <<EOF
47#!/bin/bash
48
49/usr/bin/open "$openPath"
50EOF
51
52/bin/chmod +x /private/tmp/open_application.sh
53/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
54/bin/rm -f "/private/tmp/open_application.sh"
55}
56
57################################SETUP TIMER FILE################################
58
59## Set up the software update time if it does not exist already
60if [ ! -e /Library/Application Support/JAMF/.$5.timer.txt ]; then
61    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
62fi
63
64## Get the timer value
65timer=`cat /Library/Application Support/JAMF/.$5.timer.txt`
66
67################################ALERTER MESSAGE OPTIONS################################
68
69saveQuitMSG="must be quit in order to update. Save all data before quitting."
70updatedMSG="has been updated. Thank you."
71
72################################START 'UPDATE WITH ALERTER' PROCESS################################
73
74# Look if app is open via process name
75appOpen="$(pgrep -ix "$6" | wc -l)"
76
77# if the app is open and the defer timer is not zero
78if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
79        fGetCurrenUser
80        updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -closeLabel "Defer ($timer)" -actions "Quit & Update" -timeout 3600)"
81        if [[ $updateAnswer == "Quit & Update" ]]; then
82                #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
83                fQuitApp
84                /usr/local/bin/jamf policy -event "$7"
85                reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
86                if [[ $reopenAnswer == Reopen ]]; then
87                        fOpenApp
88                fi
89                #reset timer after updating
90                echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
91
92        else
93                let CurrTimer=$timer-1
94                echo "User chose to defer"
95                echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer.txt
96                echo "Defer count is now $CurrTimer"
97                exit 0
98        fi
99# if app is open and defer timer has run out
100elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
101        fGetCurrenUser
102        /bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -actions "Quit & Update" -closeLabel "No Deferrals Left " -timeout 3600
103        fQuitApp
104        /usr/local/bin/jamf policy -event "$7"
105        reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
106        if [[ $reopenAnswer == Reopen ]]; then
107                fOpenApp
108        fi
109        #reset timer after updating
110        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
111
112else
113        # app is not open, reset timer and run updates
114        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
115        /usr/local/bin/jamf policy -event "$7"
116fi

Rikky
New Contributor
6 replies
5 years ago
June 8, 2020

What version of Alerter are you using? I haven't upgraded yet. Version 2 seems to work for me.

Captainamerica
Contributor
142 replies
5 years ago
June 8, 2020

have downloaded the latest with catalina support and also worked before. I guess there must be somekind of trigger that causes this message to show instead of the defer option

+10

jameson
Contributor
194 replies
4 years ago
January 7, 2021

Anyone got this working in Big Sur ?. I see the same issue as @Captainamerica I see the notification, but there is not any defer or install button that is seen ?

+10

jameson
Contributor
194 replies
4 years ago
January 7, 2021

Update: It seems the button are now in the "option" dropdown, but the option button does not appear before hovering on it - not to smart. but I just want the buttons to be shown right away as it used to work ?!

+16

kendalljjohnson
Author
Valued Contributor
105 replies
4 years ago
January 7, 2021

@jameson Looks like is an Apple notification change, not Alerter. The same thing applies for certain native Apple notifications, but not ones like AirDrop receiving.

One project I haven't taken the time to test out but might have different results would be Notifier by dataJAR. Biggest difference I've seen so far is if you want custom logos you would have to modify the Xcode project and re-sign it since it is an App.

+10

jameson
Contributor
194 replies
4 years ago
January 8, 2021

The strange thing is that the alerter notifications does not stay active on the screen but dissapear again. Before Big Sur they stayed active until user did something. If that just could work it would be usable

+16

kendalljjohnson
Author
Valued Contributor
105 replies
4 years ago
January 8, 2021

@jameson How long until they disappear for you? I'm not having that experience, or at least yet. It's been about 20min and my test notification is still there while I continue to work.

+10

jameson
Contributor
194 replies
4 years ago
January 11, 2021

It just stay 2-3 seconds and then dissapear. Can you try and show the script you are using, so I can compare. I am on Big sur BTW.

EDIT: also tried to test on catalina 10.15.7 - but then just got an message that "alerter will damage the computer". even the file is not in qurantine. So if it works for you which version of alerter do you use ? - I have downloaded the latest on the github that should support big sur

+16

kendalljjohnson
Author
Valued Contributor
105 replies
4 years ago
January 11, 2021

@jameson I haven't started deploying the newest version of Alerter, but I am running Big Sur on my computer with Alerter working without issue and a lot of our fleet is on 10.15.7 and I haven't heard or noticed any issues.

Here's what I use in my script, with variables being either defined within the policy script options or in a different section of the script:

1/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -closeLabel "Defer ($timer)" -actions "Quit & Update" -timeout 3600)

+10

jameson
Contributor
194 replies
4 years ago
January 11, 2021

Thanks - can you try and paste the hole script. Do you have any PPPC etc made ?

EDIT: I got this working now. Thanks

+16

kendalljjohnson
Author
Valued Contributor
105 replies
4 years ago
January 11, 2021

This should still be accurate, with the only difference I can think of is I now use com.apple.AppStore as the Sender ID for all alerts. I wonder if that could be part of your issue? I know at one point I was having crashing errors if I used the actual app ID of the app I was trying to update so I switched to have all use the App Store assuming that it probably wasn't open and would provide an App Icon with the impression of a legit app update being requested.

+10

jameson
Contributor
194 replies
4 years ago
January 12, 2021

I got it working with the new big sur release and did remove the quarantine flag on the file. But you write that you still use the old alerter release (and not the one that was released 3 weeks ago). But the old one will not work on big sur and is catched as malware, for me. So that wonders me you can get this working, unless of course you have disabled something on the build in spam catcher (if that is even possible to do)

+16

kendalljjohnson
Author
Valued Contributor
105 replies
4 years ago
January 12, 2021

Not doing anything special besides deploying it via a pkg that puts in in the Jamf Application Support folder, not sure what would cause the difference in behavior.

+10

jameson
Contributor
194 replies
4 years ago
March 25, 2021

Anyone still using this on big sur ?. is A PPPC needed so the alerter notification will be showed ? Actually have a strange issue, where on one big sur client the notification from alerter appear, while on another mac also on big sur the message does not appear

+16

kendalljjohnson
Author
Valued Contributor
105 replies
4 years ago
March 25, 2021

Just last week my computer started flagging Alerter for malware but I have not seen any other reports in our fleet seeing the same behavior. Even tried grabbing the more recent release and it is flagged as well. I have had it included in our Notifications payload since the beginning so there shouldn't be any connection between approving the notifications and it getting flagged.

Due to this issue, I have rewritten the process to use JamfHelper as it will be a more reliable method going forward. Definitely not the same interface I would prefer but it seems the most future proof method at this time. I haven't deployed it yet or done all my testing with it but seems to be keep the desired behavior.

The basic command structure I'm using in the script is this, note I have added a new Script variable for App Icon Path that calls on the .icns file within each app's App Bundle:

1/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "$4 must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600

+10

jameson
Contributor
194 replies
4 years ago
March 25, 2021

OK. What I think is really strange that I use the exact same policy and on one big sur it works as expected and other not?. Have you tried it on M1 mac´s, as it is actually on M1 I see the issue where the notification never show up

+10

jameson
Contributor
194 replies
4 years ago
March 26, 2021

@kendalljjohnson

I have tried to change to jamf helper - but seems something is wrong

1#!/bin/sh
2#!/bin/bash
3
4
5# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
6# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
7# Quit and Open path have 2 entries for the times you are quiting/uninstalling an old version of an app that is replaced by a new name (for example quiting Adobe Acrobat Pro, which is replaced by Adobe Acorbat.app)
8
9################################DEFINE VARIABLES################################
10
11#$4 = Title
12#$5 = App ID
13#$6 = Process Name
14#$7 = Jamf Policy Event
15#$8 = Quit App Path
16#$9 = Open App Path
17
18
19
20quitPath="$8"
21openPath="$9"
22
23################################SETUP FUNCTIONS TO CALL################################
24
25fGetCurrenUser (){
26currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
27");'`
28
29  # Identify the UID of the logged-in user
30  currentUserUID=`id -u "$currentUser"`
31}
32
33fQuitApp (){
34cat > /private/tmp/quit_application.sh <<EOF
35#!/bin/bash
36
37/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
38EOF
39
40/bin/chmod +x /private/tmp/quit_application.sh
41/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
42/bin/rm -f "/private/tmp/quit_application.sh"
43}
44
45fOpenApp (){
46  cat > /private/tmp/open_application.sh <<EOF
47#!/bin/bash
48
49/usr/bin/open "$openPath"
50EOF
51
52/bin/chmod +x /private/tmp/open_application.sh
53/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
54/bin/rm -f "/private/tmp/open_application.sh"
55}
56
57################################SETUP TIMER FILE################################
58
59## Set up the software update time if it does not exist already
60if [ ! -e /Library/Application Support/JAMF/.$5.timer.txt ]; then
61  echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
62fi
63
64## Get the timer value
65timer=$(cat /Library/Application Support/JAMF/.$5.timer.txt)
66
67################################ALERTER MESSAGE OPTIONS################################
68
69
70################################START 'UPDATE WITH ALERTER' PROCESS################################
71
72# Look if app is open via process name
73appOpen=$(pgrep -ix "Google Chrome" | wc -l)
74
75# if the app is open and the defer timer is not zero
76if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
77    fGetCurrenUser
78    updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "Micorosoft Outlook must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)
79
80    if [[ $updateAnswer == "Quit & Update" ]]; then
81        #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
82        fQuitApp
83        /usr/local/bin/jamf policy -event "$7"
84        reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "Micorosoft Outlook must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)
85        if [[ $reopenAnswer == Reopen ]]; then
86            fOpenApp
87        fi
88        #reset timer after updating
89        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
90
91    else
92        let CurrTimer=$timer-1
93        echo "User chose to defer"
94        echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer.txt
95        echo "Defer count is now $CurrTimer"
96        exit 0
97    fi
98# if app is open and defer timer has run out
99elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
100    fGetCurrenUser
101    /bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "Micorosoft Outlook must be quit order to update. Save all data before quitting" -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)
102
103    fQuitApp
104    /usr/local/bin/jamf policy -event "$7"
105    reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "Micorosoft Outlook must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)
106
107    if [[ $reopenAnswer == Reopen ]]; then
108        fOpenApp
109    fi
110    #reset timer after updating
111    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
112
113else
114    # app is not open, reset timer and run updates
115    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
116    /usr/local/bin/jamf policy -event "$7"
117fi

+16

kendalljjohnson
Author
Valued Contributor
105 replies
4 years ago
March 26, 2021

You would also have to update the if statements since JamfHelper's output is different than Alerter and I don't think it hurts having it but JamfHelper doesn't require the launchctl asuser aspect. Here's my full script that I've been playing with so far:

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6
7################################DEFINE VARIABLES################################
8
9# $4 = Title
10# $5 = App ID
11# $6 = Process Name
12# $7 = App Icon Path
13# $8 = Jamf Policy Event
14# $9 = Quit App Path
15# $10 = Open App Path
16
17#Jamf parameters can't be passed into a function, redefining the app path to be used within the funciton
18iconPath="$7"
19quitPath="$9"
20openPath="$10"
21
22################################SETUP FUNCTIONS TO CALL################################
23
24fGetCurrenUser (){
25currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
26");'`
27
28  # Identify the UID of the logged-in user
29  currentUserUID=`id -u "$currentUser"`
30}
31
32fCheckAppIconPath (){
33#Check if iconPath is still valid, use PLNU logo if not found
34if [ -f "$iconPath" ]; then
35    echo "App Icon Path still valid"
36else
37    echo "App Icon not found, use generic logo"
38    iconPath="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
39fi
40}
41
42fQuitApp (){
43cat > /private/tmp/quit_application.sh <<EOF
44#!/bin/bash
45
46/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
47EOF
48
49/bin/chmod +x /private/tmp/quit_application.sh
50/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
51/bin/rm -f "/private/tmp/quit_application.sh"
52}
53
54fOpenApp (){
55  cat > /private/tmp/open_application.sh <<EOF
56#!/bin/bash
57
58/usr/bin/open "$openPath"
59EOF
60
61/bin/chmod +x /private/tmp/open_application.sh
62/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
63/bin/rm -f "/private/tmp/open_application.sh"
64}
65
66################################SETUP TIMER FILE################################
67
68## Set up the software update time if it does not exist already
69if [ ! -e /Library/Application Support/JAMF/.$5.timer ]; then
70  echo "2" > /Library/Application Support/JAMF/.$5.timer
71fi
72
73## Get the timer value
74timer=`cat /Library/Application Support/JAMF/.$5.timer`
75
76################################ALERTER MESSAGE OPTIONS################################
77
78saveQuitMSG="must be quit in order to update. Save all data before quitting."
79updatedMSG="has been updated. Thank you."
80
81################################START 'UPDATE WITH ALERTER' PROCESS################################
82
83# Look if app is open via process name
84appOpen="$(pgrep -ix "$6" | wc -l)"
85
86
87# if the app is open and the defer timer is not zero
88if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
89    fGetCurrenUser
90    fCheckAppIconPath
91    updateAnswer="$(/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "$4 must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)"
92    if [[ $updateAnswer == "0" ]]; then
93        #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
94        fQuitApp
95        /usr/local/bin/jamf policy -event "$8"
96        reopenAnswer="$(/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -description "$4 has been updated" -button1 "Reopen" -button2 "Ok" -timeout 60)"
97        if [[ $reopenAnswer == "0" ]]; then
98            fOpenApp
99        fi
100        #reset timer after updating
101        echo "2" > /Library/Application Support/JAMF/.$5.timer
102
103    else
104        let CurrTimer=$timer-1
105        echo "User chose to defer"
106        echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer
107        echo "Defer count is now $CurrTimer"
108        exit 0
109    fi
110# if app is open and defer timer has run out
111elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
112    fGetCurrenUser
113    fCheckAppIconPath
114    /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "$4 must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "No Deferrals Left" -timeout 3600
115    fQuitApp
116    /usr/local/bin/jamf policy -event "$8"
117    reopenAnswer="$(/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -description "$4 has been updated" -button1 "Reopen" -button2 "Ok" -timeout 60)"
118    if [[ $reopenAnswer == "0" ]]; then
119        fOpenApp
120    fi
121    #reset timer after updating
122    echo "2" > /Library/Application Support/JAMF/.$5.timer
123
124else
125    # app is not open, reset timer and run updates
126    echo "2" > /Library/Application Support/JAMF/.$5.timer
127    /usr/local/bin/jamf policy -event "$8"
128fi

+10

jameson
Contributor
194 replies
4 years ago
March 28, 2021

Great thanks - I will give it a go

Anonymous
0 replies
4 years ago
March 30, 2021

Thanks a lot

+16

kendalljjohnson
Author
Valued Contributor
105 replies
4 years ago
March 31, 2021

Just discovered one issue with the script above when performing the reopen process: the $10 parameter needs to be ${10}. It was interpreting $1 and then a 0, so it it became /0.

Edit line 20 to be:

1openPath="${10}"

Page 4 / 5

I'm open to any and all feedback, thanks!

Setup Prior to Workflow

Script
By setting up the Script Parameters it can be adapted to any title

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation, 
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6
7
8# $4 = Title
9# $5 = ParameterID
10# $6 = Process Name
11# $7 = Jamf Policy Event
12# $8 = App Path
13
14# Define currently logged in user
15currentUser="$(ls -la /dev/console | cut -d " " -f 4)"
16
17# Look if app is open via process name
18appOpen="$(pgrep -ix "$6" | wc -l)"
19
20
21if [[ $appOpen -gt 0 ]]; then
22        updateAnswer="$(/Library/Application Support/JAMF/alerter -title "$4" -sender $5 -message "must be quit in order to update. Save all data before quitting." -closeLabel Later -actions "Quit & Update")"
23            if [[ $updateAnswer == "Quit & Update" ]]; then
24                    sudo -u $currentUser killall "$6"
25                    jamf policy -event "$7"
26                    reopenAnswer="$(/Library/Application Support/JAMF/alerter -title "$4" -sender "$5" -message "has been updated. Thank you." -closeLabel Ok -actions Reopen -timeout 60)"
27                        if [[ $reopenAnswer == Reopen ]]; then
28                                sudo -u $currentUser open "$8"
29                        fi
30            else
31                    echo "User deferred"
32            fi
33    else
34        jamf policy -event "$7"
35fi

Testing Rings
To allow the update to be pushed out in rings for testing, pre-defined Static/Smart Groups are setup with the following logic:

Workflow Setup

Page 4 / 5

Make sure the 'Later -actions "Quit & Update"' is correct in your script.

1    updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /usr/local/bin/alerter -title "$4" -sender com.jamfsoftware.selfservice.mac -message "Update Required. Please save your work and close the application." -closeLabel Later -actions "Quit & Update" )"

This is the script

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6# Quit and Open path have 2 entries for the times you are quiting/uninstalling an old version of an app that is replaced by a new name (for example quiting Adobe Acrobat Pro, which is replaced by Adobe Acorbat.app)
7
8################################DEFINE VARIABLES################################
9
10# $4 = Title
11# $5 = App ID
12# $6 = Process Name
13# $7 = Jamf Policy Event
14# $8 = Quit App Path
15# $9 = Open App Path
16
17#Defining the Sender ID as self service due to setting the Sender ID as the actual app being updated would often cause the app to crash
18sender="com.jamfsoftware.selfservice.mac"
19#Jamf parameters can't be passed into a function, redefining the app path to be used within the funciton
20quitPath="$8"
21openPath="$9"
22
23################################SETUP FUNCTIONS TO CALL################################
24
25fGetCurrenUser (){
26currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
27");'`
28
29  # Identify the UID of the logged-in user
30  currentUserUID=`id -u "$currentUser"`
31}
32
33fQuitApp (){
34cat > /private/tmp/quit_application.sh <<EOF
35#!/bin/bash
36
37/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
38EOF
39
40/bin/chmod +x /private/tmp/quit_application.sh
41/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
42/bin/rm -f "/private/tmp/quit_application.sh"
43}
44
45fOpenApp (){
46  cat > /private/tmp/open_application.sh <<EOF
47#!/bin/bash
48
49/usr/bin/open "$openPath"
50EOF
51
52/bin/chmod +x /private/tmp/open_application.sh
53/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
54/bin/rm -f "/private/tmp/open_application.sh"
55}
56
57################################SETUP TIMER FILE################################
58
59## Set up the software update time if it does not exist already
60if [ ! -e /Library/Application Support/JAMF/.$5.timer.txt ]; then
61  echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
62fi
63
64## Get the timer value
65timer=`cat /Library/Application Support/JAMF/.$5.timer.txt`
66
67################################ALERTER MESSAGE OPTIONS################################
68
69saveQuitMSG="must be quit in order to update. Save all data before quitting."
70updatedMSG="has been updated. Thank you."
71
72################################START 'UPDATE WITH ALERTER' PROCESS################################
73
74# Look if app is open via process name
75appOpen="$(pgrep -ix "$6" | wc -l)"
76
77# if the app is open and the defer timer is not zero
78if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
79    fGetCurrenUser
80    updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -closeLabel "Defer ($timer)" -actions "Quit & Update" -timeout 3600)"
81    if [[ $updateAnswer == "Quit & Update" ]]; then
82        #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
83        fQuitApp
84        /usr/local/bin/jamf policy -event "$7"
85        reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
86        if [[ $reopenAnswer == Reopen ]]; then
87            fOpenApp
88        fi
89        #reset timer after updating
90        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
91
92    else
93        let CurrTimer=$timer-1
94        echo "User chose to defer"
95        echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer.txt
96        echo "Defer count is now $CurrTimer"
97        exit 0
98    fi
99# if app is open and defer timer has run out
100elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
101    fGetCurrenUser
102    /bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -actions "Quit & Update" -closeLabel "No Deferrals Left " -timeout 3600
103    fQuitApp
104    /usr/local/bin/jamf policy -event "$7"
105    reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
106    if [[ $reopenAnswer == Reopen ]]; then
107        fOpenApp
108    fi
109    #reset timer after updating
110    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
111
112else
113    # app is not open, reset timer and run updates
114    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
115    /usr/local/bin/jamf policy -event "$7"
116fi

@Captainamerica

1title="Google Chrome"
2appID="com.google.chrome"
3process="Google Chrome"
4policy="install_googleChromeUpdate"
5openpath1="/Applications/Google Chrome.app"
6quitpath1="/Applications/Google Chrome.app"

Script I execute is this

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6# Quit and Open path have 2 entries for the times you are quiting/uninstalling an old version of an app that is replaced by a new name (for example quiting Adobe Acrobat Pro, which is replaced by Adobe Acorbat.app)
7
8################################DEFINE VARIABLES################################
9
10title="Google Chrome"
11appID="com.google.chrome"
12process="Google Chrome"
13policy="install_googleChromeUpdate"
14openpath1="/Applications/Google Chrome.app"
15quitpath1="/Applications/Google Chrome.app"
16
17#Defining the Sender ID as self service due to setting the Sender ID as the actual app being updated would often cause the app to crash
18sender="com.jamfsoftware.selfservice.mac"
19#Jamf parameters can't be passed into a function, redefining the app path to be used within the funciton
20quitPath="$8"
21openPath="$9"
22
23################################SETUP FUNCTIONS TO CALL################################
24
25fGetCurrenUser (){
26currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
27");'`
28
29    # Identify the UID of the logged-in user
30    currentUserUID=`id -u "$currentUser"`
31}
32
33fQuitApp (){
34cat > /private/tmp/quit_application.sh <<EOF
35#!/bin/bash
36
37/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
38EOF
39
40/bin/chmod +x /private/tmp/quit_application.sh
41/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
42/bin/rm -f "/private/tmp/quit_application.sh"
43}
44
45fOpenApp (){
46    cat > /private/tmp/open_application.sh <<EOF
47#!/bin/bash
48
49/usr/bin/open "$openPath"
50EOF
51
52/bin/chmod +x /private/tmp/open_application.sh
53/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
54/bin/rm -f "/private/tmp/open_application.sh"
55}
56
57################################SETUP TIMER FILE################################
58
59## Set up the software update time if it does not exist already
60if [ ! -e /Library/Application Support/JAMF/.$5.timer.txt ]; then
61    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
62fi
63
64## Get the timer value
65timer=`cat /Library/Application Support/JAMF/.$5.timer.txt`
66
67################################ALERTER MESSAGE OPTIONS################################
68
69saveQuitMSG="must be quit in order to update. Save all data before quitting."
70updatedMSG="has been updated. Thank you."
71
72################################START 'UPDATE WITH ALERTER' PROCESS################################
73
74# Look if app is open via process name
75appOpen="$(pgrep -ix "$6" | wc -l)"
76
77# if the app is open and the defer timer is not zero
78if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
79        fGetCurrenUser
80        updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -closeLabel "Defer ($timer)" -actions "Quit & Update" -timeout 3600)"
81        if [[ $updateAnswer == "Quit & Update" ]]; then
82                #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
83                fQuitApp
84                /usr/local/bin/jamf policy -event "$7"
85                reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
86                if [[ $reopenAnswer == Reopen ]]; then
87                        fOpenApp
88                fi
89                #reset timer after updating
90                echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
91
92        else
93                let CurrTimer=$timer-1
94                echo "User chose to defer"
95                echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer.txt
96                echo "Defer count is now $CurrTimer"
97                exit 0
98        fi
99# if app is open and defer timer has run out
100elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
101        fGetCurrenUser
102        /bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -actions "Quit & Update" -closeLabel "No Deferrals Left " -timeout 3600
103        fQuitApp
104        /usr/local/bin/jamf policy -event "$7"
105        reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$updatedMSG" -closeLabel Ok -actions Reopen -timeout 60)"
106        if [[ $reopenAnswer == Reopen ]]; then
107                fOpenApp
108        fi
109        #reset timer after updating
110        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
111
112else
113        # app is not open, reset timer and run updates
114        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
115        /usr/local/bin/jamf policy -event "$7"
116fi

What version of Alerter are you using? I haven't upgraded yet. Version 2 seems to work for me.

have downloaded the latest with catalina support and also worked before. I guess there must be somekind of trigger that causes this message to show instead of the defer option

Anyone got this working in Big Sur ?. I see the same issue as @Captainamerica I see the notification, but there is not any defer or install button that is seen ?

@jameson Looks like is an Apple notification change, not Alerter. The same thing applies for certain native Apple notifications, but not ones like AirDrop receiving.

@jameson How long until they disappear for you? I'm not having that experience, or at least yet. It's been about 20min and my test notification is still there while I continue to work.

It just stay 2-3 seconds and then dissapear. Can you try and show the script you are using, so I can compare. I am on Big sur BTW.

Here's what I use in my script, with variables being either defined within the policy script options or in a different section of the script:

1/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/alerter -title "$4" -sender "$sender" -message "$saveQuitMSG" -closeLabel "Defer ($timer)" -actions "Quit & Update" -timeout 3600)

Thanks - can you try and paste the hole script. Do you have any PPPC etc made ?

EDIT: I got this working now. Thanks

Not doing anything special besides deploying it via a pkg that puts in in the Jamf Application Support folder, not sure what would cause the difference in behavior.

The basic command structure I'm using in the script is this, note I have added a new Script variable for App Icon Path that calls on the .icns file within each app's App Bundle:

1/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "$4 must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600

@kendalljjohnson

I have tried to change to jamf helper - but seems something is wrong

1#!/bin/sh
2#!/bin/bash
3
4
5# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
6# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
7# Quit and Open path have 2 entries for the times you are quiting/uninstalling an old version of an app that is replaced by a new name (for example quiting Adobe Acrobat Pro, which is replaced by Adobe Acorbat.app)
8
9################################DEFINE VARIABLES################################
10
11#$4 = Title
12#$5 = App ID
13#$6 = Process Name
14#$7 = Jamf Policy Event
15#$8 = Quit App Path
16#$9 = Open App Path
17
18
19
20quitPath="$8"
21openPath="$9"
22
23################################SETUP FUNCTIONS TO CALL################################
24
25fGetCurrenUser (){
26currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
27");'`
28
29  # Identify the UID of the logged-in user
30  currentUserUID=`id -u "$currentUser"`
31}
32
33fQuitApp (){
34cat > /private/tmp/quit_application.sh <<EOF
35#!/bin/bash
36
37/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
38EOF
39
40/bin/chmod +x /private/tmp/quit_application.sh
41/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
42/bin/rm -f "/private/tmp/quit_application.sh"
43}
44
45fOpenApp (){
46  cat > /private/tmp/open_application.sh <<EOF
47#!/bin/bash
48
49/usr/bin/open "$openPath"
50EOF
51
52/bin/chmod +x /private/tmp/open_application.sh
53/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
54/bin/rm -f "/private/tmp/open_application.sh"
55}
56
57################################SETUP TIMER FILE################################
58
59## Set up the software update time if it does not exist already
60if [ ! -e /Library/Application Support/JAMF/.$5.timer.txt ]; then
61  echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
62fi
63
64## Get the timer value
65timer=$(cat /Library/Application Support/JAMF/.$5.timer.txt)
66
67################################ALERTER MESSAGE OPTIONS################################
68
69
70################################START 'UPDATE WITH ALERTER' PROCESS################################
71
72# Look if app is open via process name
73appOpen=$(pgrep -ix "Google Chrome" | wc -l)
74
75# if the app is open and the defer timer is not zero
76if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
77    fGetCurrenUser
78    updateAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "Micorosoft Outlook must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)
79
80    if [[ $updateAnswer == "Quit & Update" ]]; then
81        #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
82        fQuitApp
83        /usr/local/bin/jamf policy -event "$7"
84        reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "Micorosoft Outlook must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)
85        if [[ $reopenAnswer == Reopen ]]; then
86            fOpenApp
87        fi
88        #reset timer after updating
89        echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
90
91    else
92        let CurrTimer=$timer-1
93        echo "User chose to defer"
94        echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer.txt
95        echo "Defer count is now $CurrTimer"
96        exit 0
97    fi
98# if app is open and defer timer has run out
99elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
100    fGetCurrenUser
101    /bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "Micorosoft Outlook must be quit order to update. Save all data before quitting" -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)
102
103    fQuitApp
104    /usr/local/bin/jamf policy -event "$7"
105    reopenAnswer="$(/bin/launchctl asuser "$currentUserUID" /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "Micorosoft Outlook must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)
106
107    if [[ $reopenAnswer == Reopen ]]; then
108        fOpenApp
109    fi
110    #reset timer after updating
111    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
112
113else
114    # app is not open, reset timer and run updates
115    echo "2" > /Library/Application Support/JAMF/.$5.timer.txt
116    /usr/local/bin/jamf policy -event "$7"
117fi

1#!/bin/bash
2
3
4# If app is open, alert user with the option to quit the app or defer for later. If user chooses to install it will quit the app, trigger the installation,
5# then alert the user the policy is complete with the option to reopen the app. If the app is not open it will trigger the installation without alerting
6
7################################DEFINE VARIABLES################################
8
9# $4 = Title
10# $5 = App ID
11# $6 = Process Name
12# $7 = App Icon Path
13# $8 = Jamf Policy Event
14# $9 = Quit App Path
15# $10 = Open App Path
16
17#Jamf parameters can't be passed into a function, redefining the app path to be used within the funciton
18iconPath="$7"
19quitPath="$9"
20openPath="$10"
21
22################################SETUP FUNCTIONS TO CALL################################
23
24fGetCurrenUser (){
25currentUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
26");'`
27
28  # Identify the UID of the logged-in user
29  currentUserUID=`id -u "$currentUser"`
30}
31
32fCheckAppIconPath (){
33#Check if iconPath is still valid, use PLNU logo if not found
34if [ -f "$iconPath" ]; then
35    echo "App Icon Path still valid"
36else
37    echo "App Icon not found, use generic logo"
38    iconPath="/Applications/App Store.app/Contents/Resources/AppIcon.icns"
39fi
40}
41
42fQuitApp (){
43cat > /private/tmp/quit_application.sh <<EOF
44#!/bin/bash
45
46/bin/launchctl asuser "$currentUserUID" /usr/bin/osascript -e 'tell application "$quitPath" to quit'
47EOF
48
49/bin/chmod +x /private/tmp/quit_application.sh
50/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/quit_application.sh"
51/bin/rm -f "/private/tmp/quit_application.sh"
52}
53
54fOpenApp (){
55  cat > /private/tmp/open_application.sh <<EOF
56#!/bin/bash
57
58/usr/bin/open "$openPath"
59EOF
60
61/bin/chmod +x /private/tmp/open_application.sh
62/bin/launchctl asuser "$currentUserUID" sudo -iu "$currentUser" "/private/tmp/open_application.sh"
63/bin/rm -f "/private/tmp/open_application.sh"
64}
65
66################################SETUP TIMER FILE################################
67
68## Set up the software update time if it does not exist already
69if [ ! -e /Library/Application Support/JAMF/.$5.timer ]; then
70  echo "2" > /Library/Application Support/JAMF/.$5.timer
71fi
72
73## Get the timer value
74timer=`cat /Library/Application Support/JAMF/.$5.timer`
75
76################################ALERTER MESSAGE OPTIONS################################
77
78saveQuitMSG="must be quit in order to update. Save all data before quitting."
79updatedMSG="has been updated. Thank you."
80
81################################START 'UPDATE WITH ALERTER' PROCESS################################
82
83# Look if app is open via process name
84appOpen="$(pgrep -ix "$6" | wc -l)"
85
86
87# if the app is open and the defer timer is not zero
88if [[ $appOpen -gt 0 && $timer -gt 0 ]]; then
89    fGetCurrenUser
90    fCheckAppIconPath
91    updateAnswer="$(/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "$4 must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "Defer ($timer)" -timeout 3600)"
92    if [[ $updateAnswer == "0" ]]; then
93        #quit app, install the update, then prompt the user when complete and ask if they want to reopen the app. Message will time out after 60 secs.
94        fQuitApp
95        /usr/local/bin/jamf policy -event "$8"
96        reopenAnswer="$(/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -description "$4 has been updated" -button1 "Reopen" -button2 "Ok" -timeout 60)"
97        if [[ $reopenAnswer == "0" ]]; then
98            fOpenApp
99        fi
100        #reset timer after updating
101        echo "2" > /Library/Application Support/JAMF/.$5.timer
102
103    else
104        let CurrTimer=$timer-1
105        echo "User chose to defer"
106        echo "$CurrTimer" > /Library/Application Support/JAMF/.$5.timer
107        echo "Defer count is now $CurrTimer"
108        exit 0
109    fi
110# if app is open and defer timer has run out
111elif [[ $appOpen -gt 0 && $timer == 0 ]]; then
112    fGetCurrenUser
113    fCheckAppIconPath
114    /Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -heading "Update Available" -description "$4 must be quit in order to update. Save all data before quitting." -button1 "Quit & Update" -button2 "No Deferrals Left" -timeout 3600
115    fQuitApp
116    /usr/local/bin/jamf policy -event "$8"
117    reopenAnswer="$(/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -windowPosition ur -icon "$iconPath" -iconSize 50 -description "$4 has been updated" -button1 "Reopen" -button2 "Ok" -timeout 60)"
118    if [[ $reopenAnswer == "0" ]]; then
119        fOpenApp
120    fi
121    #reset timer after updating
122    echo "2" > /Library/Application Support/JAMF/.$5.timer
123
124else
125    # app is not open, reset timer and run updates
126    echo "2" > /Library/Application Support/JAMF/.$5.timer
127    /usr/local/bin/jamf policy -event "$8"
128fi

Great thanks - I will give it a go

Thanks a lot

Just discovered one issue with the script above when performing the reopen process: the $10 parameter needs to be ${10}. It was interpreting $1 and then a 0, so it it became /0.

Edit line 20 to be:

1openPath="${10}"

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Reply

Related topics

ZEMAX unable to handle light sources 10^15 away.icon

FAQ of volume hologram model in OpticStudio

Simulation partially coherent laser sourceicon

Ansys Zemax OpticStudio 2024 R2 Release Notes

Mie scattering from a single water dropleticon

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings