Extension Attributes for SSHD

yuenhongtang
New Contributor III

Hi all,

I will like the help some help in getting Extension Attributes up to grep SSHD. 

/bin/launchctl print-disabled system | grep sshd

com.openssh.sshd => true

Sorry that scripting is new to me.

So the <result>True<result/> or False. Please help. 

1 ACCEPTED SOLUTION

sdagley
Esteemed Contributor II

@yuenhongtang If you want True when sshd is enabled, and False when not this will do it:

 

 

#!/bin/sh

# EA to check status for com.openssh.sshd
#	Returns True if enabled
#			False if disabled

sshdStatus=$(/bin/launchctl print-disabled system | /usr/bin/grep sshd | /usr/bin/grep enabled)

if [ -n "$sshdStatus" ]; then
	result="True"
else
	result="False"
fi

echo "<result>$result</false>"

 

 

View solution in original post

6 REPLIES 6

sdagley
Esteemed Contributor II

@yuenhongtang If you want True when sshd is enabled, and False when not this will do it:

 

 

#!/bin/sh

# EA to check status for com.openssh.sshd
#	Returns True if enabled
#			False if disabled

sshdStatus=$(/bin/launchctl print-disabled system | /usr/bin/grep sshd | /usr/bin/grep enabled)

if [ -n "$sshdStatus" ]; then
	result="True"
else
	result="False"
fi

echo "<result>$result</false>"

 

 

yuenhongtang
New Contributor III

Hi, I tried but result false or true. it returned True.

sdagley
Esteemed Contributor II

@yuenhongtang Apologies, there was a typo in my original post. Please try the EA script now.

yuenhongtang
New Contributor III
Thanks sdagley. I changed abit and it works now.
 
sshdStatus=$(/bin/launchctl print-disabled system | /usr/bin/grep sshd)

if [[ ${sshdStatus} == *"true"* ]];then
echo "YES, system is true"
result="True"

else

echo "No"
result="False"
fi
echo "<result>$result</result>"

sdagley
Esteemed Contributor II

@yuenhongtang You don't want to have extraneous echo command in an EA. The script in my original post has been corrected, and now returns False when appropriate.

mm2270
Legendary Contributor III

Wouldn't running /usr/sbin/systemsetup -getremotelogin | /usr/bin/awk '{print $NF}' get the same results and possibly be easier? Not that there's any real problem with using launchctl print-disabled system. Just sort of thinking out loud.