Looking to run PFCTL command on login/boot

beeboo
Contributor

So I have tried the gamut to try to get PFCTL command to run on start up.

  1. since im not editing/turning off SIP for any machines (especially remote users), its not possible for my to edit com.apple.pfctl
  2. since PFCTL exists in /system/library/launchdeamon and it does NOT have the switch to enable, copying the file to /library/launchdaemon, creating a slightly different name, then appending the switch, does nothing.
  3. i have that process fleshed out, but its always a pid of 1
  4. its been chowned and chmod to hell and back ensuring root:wheel access along with everything up to 755 access.
  5. launchagent is out of the question since it needs SUDO
  6. trying the same thing but calling a script that ive put in the JAMF folder also yields the same results
  7. i keep reading that JAMFs login/logout hook integration with apple isnt working since Apple deprecated the login/logout hook - i assume that means that all scripts that target "at login" no longer actually do that. can someone confirm?
  8. i was thinking of being cheeky and editing the jamfmanagement login hook script itself - it contains about 4 commands, 1 of which is just to check the jssconnection - would that be a possibility?
  9. since its not an app i cant force the "app" to launch on start 😞

or maybe someone here has a creative idea on this process.
if i cant use launchd/launcha and jamf/apple login hook, then im utterly lost as to what else i can try.

0 REPLIES 0