Skip to main content
Question

Delete folder contents on logout/login - variable user


Forum|alt.badge.img+5

Hello,

Long story short, I'm trying to create a Self Service policy that will "opt" the computer in to a policy that will wipe the specified user data upon logout/logon. Here is how I've been going about it.

  1. Create an Automator app called "EmptyFolders-optin.app". Self Service installs this to /Applications/Utilities. The app does nothing except act as a scoping mechanism.
  2. Create a second Automator app that asks the technician for a home folder name, then writes that name to a hidden text file located at /Users/Shared/.Config/HomeFolderName.txt. This app is also installed as part of the Self Service policy, and auto-launches after install.
  3. Create a script that grabs the home folder name from the hidden text file, then deletes the contents of the folders within that home folder:
#!/bin/sh

var=$( cat /Users/Shared/.Config/HomeFolderName.txt)

rm -Rf /Users/$var/Applications/* /Users/$var/Desktop/* /Users/$var/Documents/* /Users/$var/Downloads/* /Users/$var/Movies/* /Users/$var/Music/* /Users/$var/Pictures/* /Users/$var/Public/*

3. Include the script in a policy that triggers every login or logout.

If I'm already logged into the machine and run "sudo jamf policy -trigger login", it totally works (even if I'm logged in with a different user account). But if I actually logout/login, it doesn't work. All logs just say that it completed successfully.

Any ideas on how to make this work?

Thanks

3 replies

Forum|alt.badge.img+7
  • New Contributor
  • 65 replies
  • August 10, 2018

We saw where the login/logout hooks were getting stomped on by the networkstatechange trigger. If this isn't a trigger you're using, it might be worth disabling this. You can find this under Computer Management - Management Framework > Check-In.


Forum|alt.badge.img+18
  • Contributor
  • 475 replies
  • August 10, 2018

Throw this at the bottom of the script, login/logout and see if the file even gets created to see if the script is running or not.

touch /Users/Shared/.Config/Finished.txt

if [ -f /Users/Shared/.Config/Finished.txt ]; then
    echo "File exists"
    exit 0
else
    echo "File does not exist"
    exit 1
fi

Forum|alt.badge.img+5
  • Author
  • New Contributor
  • 6 replies
  • August 10, 2018

@ryan.ball, strange thing.. the Finished.txt file was not created, but the policy log says "File exists".

At any rate, I added Startup as a trigger and that seems to do the trick. No idea why it makes a difference but it's working now.. with Finished.txt and all.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings