Jamf User/Service Account

adamberns
New Contributor III

I'm not sure if I am asking this right. But when JAMF pushes out a Policy with a Package in it, what does that run under? Does it run under a user account or at the system level. Here is why I ask. Our developers have built an application (not PKG, too long to go into here). So I built it as a PKG with a postrun script. Why? Because there is a command line argument that go along with that executable, a password for the current logged on user. Being that it is very possible that a user is not logged in, or the user logged in may not have permissions to do what the installer needs (from my understanding to a chmod command), I think we may be screwed. So if JAMF runs at a system level, I can just put in any password I think (like SCCM), or I don't know what.

2 REPLIES 2

mm2270
Legendary Contributor III

Generally speaking, policies that run on the check-in trigger get called as root or System Administrator because these are run by a LaunchDaemon, which runs in a root context. This is true for most other policy trigger types as well, although there are some exceptions, not so much for policies, but when you use an application like Jamf Remote.

As for this application, it sounds like you need the app to run as the logged in user, but also with admin privileges. If this is the case, it's possible to do this in your postinstall script. Am I understanding that correctly? If I have that wrong, perhaps you can help clarify exactly what it is you need to do here?

adamberns
New Contributor III

@mm2270 I think you answered my question. I hope that I don't have to run this under a specific user account and ran under root. If it has to run as a specific user, or the logged in user, I will need to go back to engineering and have them re-work this.