Help

Deploying or converting a bourne shell script via JAMF

rrick
New Contributor

Posted on β€Ž06-23-2021 03:13 PM

Is there a way to either deploy a bourne shell script via JAMF, or convert that bourne shell script to a *.pkg file, so I can deploy it to all my Macs?

Labels:
0 Kudos
10 REPLIES 10

sdagley
Honored Contributor III

Posted on β€Ž06-23-2021 06:29 PM

@rrick While you could create a .pkg to run your script that's not really necessary. Create a Script object in Jamf Pro (under Settings->Computer Management->Scripts) containing the script you want to run. Then create a Policy with a Script payload and add the Script object you created and scope the Policy as needed.

0 Kudos

rrick
New Contributor

Posted on β€Ž06-24-2021 05:43 AM

Thank you very much for the quick response. Is there a limitation of how many lines the script can be, as to not crash JAMF?

0 Kudos

sdagley
Honored Contributor III

Posted on β€Ž06-24-2021 08:10 AM

@rrick I don't know if there's a limit, but I have scripts in the 2000 line/80KB range and have never had a problem with them running.

0 Kudos

rrick
New Contributor

Posted on β€Ž06-24-2021 08:42 AM

My script is ~607,000 lines long, due a bunch of binary that is in it.

0 Kudos

sdagley
Honored Contributor III

Posted on β€Ž06-24-2021 08:50 AM

You might want to re-consider embedding binaries to create such a large script, and just build a .pkg for them instead. Packaging for Apple Administrators is a good resource if you're looking for a guide on creating Mac packages.

0 Kudos

mm2270
Legendary Contributor III

Posted on β€Ž06-24-2021 08:50 AM

A bunch of binary in it? Does it happen to be a McAfee install script?

0 Kudos

rrick
New Contributor

Posted on β€Ž06-24-2021 01:19 PM

No sir. It is a Digital Guardian installer. And unfortunately I cannot remove the binaries.

0 Kudos

sdagley
Honored Contributor III

Posted on β€Ž06-24-2021 01:32 PM

That's unfortunate, but it does justify your interest in creating a .pkg for deployment (I wouldn't want to have a script that large in the Jamf Pro database). Copy the script to /private/tmp/scriptname, open Composer and drag the copy into the Sources section to create a packaging project, change the Owner/Group of the script added to Compose to root/wheel and make sure the executable flag is set for Owner, add a postinstall Shell script that has the command /private/tmp/scriptname followed by a rm /private/tmp/scriptname, then build as PKG.

0 Kudos

mm2270
Legendary Contributor III

Posted on β€Ž06-24-2021 02:33 PM

Oh, great. Seems like some other security companies are taking on McAfee’s bad practice of embedded a binary package inside a script. (Who thought it was a good idea to do this?)
Anyway, following @sdagley’s instructions should set you on the right track. It’s the same process we need to do for McAfee’s nonsense install script, for the same reason. Even if it was practical to include the entire script into the Jamf db, I can tell you that it likely wouldn’t work that way anyway. But including it in a package that drops it into /tmp/ and installs it from there should work.

sdagley
Honored Contributor III

Posted on β€Ž06-24-2021 07:18 PM

@mm2270 One gets the feeling the last refuge of unix greybeards is writing "security" tools for macOS considering the propensity of that industry to do stupid @#$%^ like creating ginormous encoded shell scripts because that's the way one did it in the old days.