Extension Attribute for Bynder Version

brian_eybs
New Contributor III

I'm having an issue (new to Jamf, Mac and bash) in getting an extension attribute to populate from a script that searches for a file that lives in a properties file under the user folder. I have tried a couple ways to get the info from the file from a script, but when I get to putting the script into the extension attribute it seems to fall apart. Currently I have the following

#!/bin/sh

bverpath=$(find . -type f -name "SiliconConnectorBynderVer.properties")
source "$bverpath"
echo $VERSION

If i run this directly on the PC in terminal I get version returned. $bverpath is:
./library/preferences/siliconconnector/siliconconnectorbynderver.properties

but that is under /users/*user. Seems like most templates are looking under /applications or /library, not /users, so I'm stuck.

Thanks for any assistance.

4 REPLIES 4

tlarkin
Honored Contributor

Just a small piece of advice, but extension attributes run at recon, on all systems. Jamf threads the process now so it can run multiple at a time to build the inventory report, but you would effectively be performing a recursive search with find on every Mac, at every inventory update. If this file lives in user space you may find yourself with different hurdles to get over, things like TCC. You cannot even stat or du some files in user space anymore. TCC disallows it.

I am not familiar with this app, but I would recommend you go get Suspicious Package, and toss the PKG file into that and pull it apart. Look for where everything payloads, and see if there is an Info.plist file anywhere that we can scrape the version from. Even a versions.txt file would suffice probably. Running that find command in user space is probably going to be halted on 10.14.x devices due to TCC.

I did a very quick test with this command:

find ~/ -type f -name "*.csv" -print

and I saw these errors in terminal:

find: /Users/tlarkin//Library/Application Support/CallHistoryTransactions: Operation not permitted
find: /Users/tlarkin//Library/Application Support/com.apple.TCC: Operation not permitted
find: /Users/tlarkin//Library/Application Support/CallHistoryDB: Operation not permitted
find: /Users/tlarkin//Library/IdentityServices: Operation not permitted
find: /Users/tlarkin//Library/Messages: Operation not permitted
find: /Users/tlarkin//Library/HomeKit: Operation not permitted
find: /Users/tlarkin//Library/Mail: Operation not permitted
find: /Users/tlarkin//Library/Safari: Operation not permitted
find: /Users/tlarkin//Library/Suggestions: Operation not permitted
find: /Users/tlarkin//Library/Containers/com.apple.VoiceMemos: Operation not permitted
find: /Users/tlarkin//Library/Containers/com.apple.Home: Operation not permitted
find: /Users/tlarkin//Library/Containers/com.apple.Safari: Operation not permitted
find: /Users/tlarkin//Library/Containers/com.apple.iChat: Operation not permitted
find: /Users/tlarkin//Library/Containers/com.apple.mail: Operation not permitted
find: /Users/tlarkin//Library/Containers/com.apple.news: Operation not permitted
find: /Users/tlarkin//Library/Containers/com.apple.stocks: Operation not permitted
find: /Users/tlarkin//Library/PersonalizationPortrait: Operation not permitted
find: /Users/tlarkin//Library/Metadata/CoreSpotlight: Operation not permitted
find: /Users/tlarkin//Library/Metadata/com.apple.IntelligentSuggestions: Operation not permitted

So, your script is probably going to definitely flag as a non exit 0, which also may cause an issue with an Extension Attribute.

brian_eybs
New Contributor III

Thanks. I am trying a different road but this one doesn't seem to working either. We don't have any shared devices so it should mostly be a single user that logs in and has the binder plugin. So I was thinking I could get the last user and then put that into into the source path so that I'm not doing a find.

#!/bin/bash

lastuser=`/usr/bin/last -1 -t console | awk '{print $1}'`
source "/users/$lastuser/Library/Preferences/SiliconConnector/SiliconConnectorBynderVer.properties" &>/dev/null
if [ $? == "0" ]; then
    echo $VERSION
else
    echo "0"
fi

This kind of works when I run the script on the device. If the file exists I get the version, but problem 1: if it doesn't find the file, it does not return a 0. And problem 2 is that if i put this script into an extension attribute it does not return the version. Is that because of TCC?

Any other ideas about how i could tackle this?

mm2270
Legendary Contributor III
And problem 2 is that if i put this script into an extension attribute it does not return the version. Is that because of TCC?

No, it's because Extension Attributes need to be formatted for output in the following way

echo "<result>$VERSION</result>"

Essentially only the item between the <result> and </result> tags becomes the string uploaded for the EA to the computer record.

But going back a step, I agree with @tlarkin that you should try to see if there is some other plist or file you can get the version info from. If that properties file is the only place it lives, then you'll need to go with something like the above, but it may not be 100% reliable, just so you know. In the least, change the script so it has those result tags surrounding the $VERSION variable and you should see some results back.

brian_eybs
New Contributor III

Thanks to you both. I have data coming in. I know it isn't going to be 100% but it is something.