Login policy script and current user

Missing a 'fi' at the end of your script.

@AVmcclint you can add in a echo "$currentuser" in the script and then look at the log in Policy logs to see whats returning. My guess is it might be returning loginWindow instead of the username you are expecting.

@thoule oops. My copy/paste missed the last fi but it is there in the live script. I'll fix that in the post.

@ddcdennisb I'll try that to see what it reports.

Does anyone else have scripts that run at login and refer to the current user?

I have a few. some old scripts and new ones. I get current user either by:

un=`ls -l /dev/console | cut -d " " -f4`

or by

loggedInUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");'`

Do you need to find the current logged in user? You appear to want to remove each existence of the app.

find /Users/*/Applications -maxdepth 1 -name "Google Chrome.app" -exec rm -R {} ;

or search the whole of Users

find /Users -name "Google Chrome.app" -exec rm -R {} ;

or you could use mdfind

mdfind -onlyin /Users kMDItemFSName="Google*Chrome.app"

If you really want to find user at login, there are so many threads already on here regarding this. If you use a login policy then $3 is the user logging in.

JAMF Script Parameters

You are almost certainly right that this is trying to run before the user logs in and at that point console belongs to root, so you will be trying to remove

/Users/root/Applications/Google Chrome.app/

Which probably doesn't exist.

The very simple way would be to use $3 instead of $currentuser. This will be fine if you're only running it at login.

@ddcdennisb I inserted echo $currentuser into the script and it reported "root". I ended up changing the script to do

find /Users/*/Applications -maxdepth 1 -name "Google Chrome.app" -exec rm -R {} ;

instead and that seems to accomplish my goal.

No wonder I've never had luck with $3. I had no idea it only applied during login. I've been tinkering with my scripts and I think I'm going to have to build every script I have in a way that includes elements of this so they can apply at login and in Self Service without having to write separate script files.

#!/bin/sh

#variable for storing the current users name
currentuser=`stat -f "%Su" /dev/console`

# these are just to confirm what username is being registered at the time of execution.
# it helps me troubleshoot as well because I can see the output in the policy log.
echo $currentuser
echo $3

if [ $currentuser = "root" ]
then
rm -rf /Users/$3/Library/blah/blah/blah
touch /Users/$3/Library/blah/blah/blah
whatevercommandyouneedtorun /Users/$3/path/within/home/folder/

else
# same commands as above but with the other variable
rm -rf /Users/$currentuser/Library/blah/blah/blah
touch /Users/$currentuser/Library/blah/blah/blah
whatevercommandyouneedtorun /Users/$currentuser/path/within/home/folder/

fi

Here are results of running a policy in Self Service:

Running script test.sh...
Script exit code: 0
Script result: cmcintosh
cmcintosh

And results of running at login:

Running script test.sh...
Script exit code: 0
Script result: root
cmcintosh

The IF...THEN...ELSE of the script properly determined which set of commands needed to be run at that particular moment. I still need to keep an eye on the $3 component of this method because I've had many other occasions where $3 reported "root" at login. But so far this has better results in my testing than only using $3.