Jamf Nation Community

johnsmith1950 · ‎06-21-2023

Hi

So, i have a package file i want to install, but i want to check to see if a file exists before installing this package.

If the file doesn't exist, then continue and install the package.

If the file DOES exist, then don't install the package.

Ideally i want to run a Before script in the Policy, and if Before script exit code is 0 (File doesn't exist) then it installs the package in the Policy too.

But if the before script exit code is 1, then just stop the policy there, and don't install the package.

Is this possible?

Can you stop a package installing, if the exit code matches a certain value from a before script.

Thanks

williamsad · ‎06-21-2023

Have 2 policies:

Policy 1 is on a custom trigger that simply installs the package

Policy 2 is the script that checks for the file. If the file doesn't exist, then it will execute 'jamf policy -event policy1'

----

If you want it to all be in 1 policy then you will need to cache the package instead of "Install". This package will be cached in /Library/Application Support/JAMF/Waiting Room/

Have your script run "After" that checks for the file and if it doesn't exist then run something like 'installer -pkg "/Library/Application Support/JAMF/Waiting Room/package_name.pkg" -target /' in your script. If you are not going to install the package then simply have the script delete the cached package

I don't recommend this approach due to using unnecessary bandwidth on the Macs that don't need the package.

johnsmith1950 · ‎06-21-2023

Yeah i was considering this (2 Policies)

Just wondering if i was missing something obvious, thanks for the input

Spillou · ‎06-22-2023

What about an extension attribute that checks if the file exists or not ? You then create a smartgroup that you will use to scope your policy to download the package and execute the script to install it.

If it's an app, you can make a smartgroup where you use the app title and scope it to your policy.

jwbeatty · ‎06-22-2023

I would do something like this:

Policy 1 - Has the package you want to install

Policy 2 - Script to check for the file and triggers Policy 1 if the file does not exist

Script in Policy 2:

#! /bin/sh

#variable for file path
filePath="[path to file you want to check for"

#variable for Policy 1's policy ID
policyID=[policy 1 ID]

#Checks if the file is present and triggers Policy 1 if it is not
if [[ ! -f "$filePath" ]]; then

	sudo jamf policy -id $policyID
	
fi

I use somethink like this to make sure our security client is always installed on our Macs.

Spillou · ‎06-22-2023

What about this:

- an extension attribute that checks if the file exists or not. (true / false)
- a smartgroup with the criteria that the extension attribute you just made is false
- a policy where you configure the package download, the script to install it and the maintenance for an inventory update.

The scope:
target: the smartgroup (if the file isn't on the computer, the computer is in the smartgroup thus the policy will apply)
Exclusion: no need. If the file exists, the computer is kicked off the smartgroup and the policy doesn't apply

With that, just configure the policy to run at recurrent check-in with a frequency of "ongoing". That way, if the app / file is removed, it will be installed back at the next check-in once the extension attribute is updated.

Note: I never thought of caching a package an executing a script that will install it from it's location, /Library/Application Support/JAMF/Waiting Room/. I usually download the package in the /Users/Shared/Jamf folder, run the script that will install and delete the installer once done.

Jamf Nation Community

Deploy Policy and have before script to check for something, then stop rest of policy running