Delete folder contents on logout/login - variable user

New Contributor II


Long story short, I'm trying to create a Self Service policy that will "opt" the computer in to a policy that will wipe the specified user data upon logout/logon. Here is how I've been going about it.

  1. Create an Automator app called "". Self Service installs this to /Applications/Utilities. The app does nothing except act as a scoping mechanism.
  2. Create a second Automator app that asks the technician for a home folder name, then writes that name to a hidden text file located at /Users/Shared/.Config/HomeFolderName.txt. This app is also installed as part of the Self Service policy, and auto-launches after install.
  3. Create a script that grabs the home folder name from the hidden text file, then deletes the contents of the folders within that home folder:

var=$( cat /Users/Shared/.Config/HomeFolderName.txt)

rm -Rf /Users/$var/Applications/* /Users/$var/Desktop/* /Users/$var/Documents/* /Users/$var/Downloads/* /Users/$var/Movies/* /Users/$var/Music/* /Users/$var/Pictures/* /Users/$var/Public/*

3. Include the script in a policy that triggers every login or logout.

If I'm already logged into the machine and run "sudo jamf policy -trigger login", it totally works (even if I'm logged in with a different user account). But if I actually logout/login, it doesn't work. All logs just say that it completed successfully.

Any ideas on how to make this work?




We saw where the login/logout hooks were getting stomped on by the networkstatechange trigger. If this isn't a trigger you're using, it might be worth disabling this. You can find this under Computer Management - Management Framework > Check-In.


Valued Contributor

Throw this at the bottom of the script, login/logout and see if the file even gets created to see if the script is running or not.

touch /Users/Shared/.Config/Finished.txt

if [ -f /Users/Shared/.Config/Finished.txt ]; then
    echo "File exists"
    exit 0
    echo "File does not exist"
    exit 1

New Contributor II

@ryan.ball, strange thing.. the Finished.txt file was not created, but the policy log says "File exists".

At any rate, I added Startup as a trigger and that seems to do the trick. No idea why it makes a difference but it's working now.. with Finished.txt and all.