Jamf Nation Community

davelb20 · ‎06-29-2010

Hello,

We currently are using Casper 7.2.1 with a Mac OS 10.5.2 client computer.
I am having problems deploying bash scripts we created for use through Casper policies. The purpose of the scripts are to check whether a reboot is required by the an apple update, and if a reboot is required run an applescript which displays a custom graphic for our organization and give the user a notification that the computer will reboot in 1 minute after they click the ok button. I know that this capability is available through casper policy, but we wanted to display an alert dialog box with our organization graphic so the user may trust it more and not think its a virus or some other malware. I tested the scripts and they run fine locally on the machine. However when they are run through policy we get an error like below. We had a script that worked successfully on a separate policy, however when we added the two scripts I have attached to the email that script stopped working. Then we removed those two scripts from the policy and the script that was working still does not work. The script that was working was named test1.sh.

The errors we get when using the jamf -policy trigger command to manually trigger the policy

Mounting afp://tray.arl.army.mil/CasperShare to /Volumes/CasperShare... Running Script test1.sh... Script Exit Code:127 Script Result: sh: /private/tmp/test1.sh: No such file or directory

Running Script preRebootScript.sh... Script Exit Code:127 Script Result: sh: /private/tmp/preRebootScript.sh: No such file or directory

Running Script postRebootScript.sh... Script Exit Code:127 Script Result: sh: /private/tmp/postRebootScript.sh: No such file or directory

Here are the contents of each script.

preRebootScript.sh 1 #!/bin/sh 2 #This script should run prior to the updated 3 4 wc /var/log/jamf.log | awk '{ print $1 }' > /tmp/lineCount 5 6 #echo "I created the linecount File"
postRebootScript.sh 1 #!/bin/bash 2 #This script should run prior to the updated 3 4 lineCount=cat /tmp/lineCount | awk '{ print $1 }' 5 flag="" 6 7 8 flag=`sed -n "$lineCount,$ s~reboot was required~&~p" /var/log/jamf.log | a wk '{ print $8 }' | head -n 1` 9 10 11 12 if [ "$flag" = "reboot" ] 13 then 14 #echo "I am running the reboot app" 15 open /usr/local/AppleScript/reboot_really_1.app 16 fi

This script used to work
test1.sh 1 #!/bin/sh 2 3 touch /tmp/script_ran

Also I tested the scripts by running locally on the machine using the jamf runScript command and everything worked fine. But when the scripts are initiated through casper policy we get the errors like above.

Any help would be appreciated.

-- David Bruno

tlarkin · ‎06-29-2010

How are you running the script? Through a manual trigger policy?

This line here: Script Result: sh: /private/tmp/test1.sh: No such file or directory

tells me something is trying to be ran from that local directory, is that where you are stashing the script?

davelb20 · ‎06-29-2010

Well we tested it both ways with a manual trigger and we also used the every15 trigger so it would run by itself every 15 minutes. The scripts were copied into Casper Admin and then in policy management they were activated for the specific policy we were working with. So that one script would run prior to the patch being installed and the other would be applied after the install is complete. If I understand it correctly when the policy is run, it mounts the casper admin server, runs the scripts as needed then unmounts the server. I'm not sure why it keeps looking for the scripts in /private/tmp/ instead of in the CasperShare mount in the Casper Admin server.

David Bruno

tlarkin · ‎06-29-2010

Here is what I would look at doing...

add all three scripts, and create a policy to run the first script and set the other two as manual triggers. Then if you get desired output use /usr/sbin/jamf policy -trigger myscript1 if desired output is not the results, then exit with an error. Then the policy will execute the scripts and Casper knows exactly where they are, and they will all be in your Casper Share

sean · ‎06-30-2010

David,

Don't see how this would normally work manually or otherwise if the titles are anything to go by.

preRebootScript.sh

is placing data into file in /tmp/linecount

postRebootScript.sh

is tyring to read /tmp/linecount

So unless you have changed the way the OS naturally removes files from tmp, there wont be a file to read in /tmp as everything is normally deleted from /tmp on a reboot.

You need to figure out why the scripts are being called from /tmp/. Is this a feature of Casper? Seeing as we don't currently have Casper I can't really offer any more.

Sean

davelb20 · ‎06-30-2010

Sean,

Thank you for the responses, I was not aware of logger, we'll have to try that. Also the postRebootScript.sh doesn't actually run after the computer reboots. I guess the name is misleading. postRebootScript.sh is meant to run after the casper policy is complete, this has an advantage specifically because the linecount file will be wiped out after reboot, also I might just delete it at the end of postRebootScript.sh. When running casper you have the option to have a script run before the policy and after. So what my scripts are doing are, the preRebootScript runs before the policy starts, checks the line count for the jamf.log file and outputs it into a linecount text file in /tmp. After the policy completes, postRebootScript runs and reads in the number in lineCount and searches between the previous end of line in jamf.log and any new entries in jamf.log file for this line:

Thu Jun 17 12:47:44 localComputer.army.mil jamf[5496]: A reboot was required with one or more of the installed updates.

If this line is found then it will call the applescript and notify the use that the computer should be rebooted and after they press the ok button, the computer will reboot after 1 minute. I didn't include my applescript in previous email. If the line is not found then nothing happens.

Dave

Jamf Nation Community

Problems with running bash scripts through Casper Policy