Jamf Nation Community

ryonriley · ‎01-21-2021

I've updated this Python script to work on Big Sur, using all of the python3 modules instead. Admittedly, I'm not a Python expert by any means, so this could be an issue with the code. The new, python3 version of the script can be found: here.

In any case, I'm receiving the error Script result: macOS 11 or later required ! with exit code 134 upon executing the script on my machine via a policy invoked in Self Service.

My environment:

Python ver 3.9.1
Xcode command line tools installed
macOS Big Sur 11.1

I couldn't find much about this online or on Jamf Nation. Has anyone run into this error before?

ryonriley · ‎01-22-2021

@tlarkin Great point, and your reply ultimately helped me figure out the solution. I'm starting to think that we should ship our own as well. I finally got this script to work after a ton of iterations. What I had to do was:

Change python env on the script to my local, #!/usr/local/bin/python3
Install the pyobjc module and import it into my script, import objc
Import the SSL module, import ssl
Allow untrusted certs for the Jamf API calls by adding this to my httplib requests: context=ssl._create_unverified_context()

After all of that, success:

Thank you (and everyone else) for helping me figure this out!

View solution in original post

lucas_lenard · ‎01-21-2021

There was an issue reported similar to this for the 11.1 beta when using tkinter: https://bugs.python.org/issue42480

Seems like the resolution to the Python discussion was feedback being filed with Apple.

tlarkin · ‎01-21-2021

Are you shipping your own Python? How is your Python env configured?

ryonriley · ‎01-21-2021

@tlarkin Python3: ver 3.9.1 installed from https://www.python.org/downloads/

ryon@MBP ~ % python3 --version
Python 3.9.1

Tcl/Tk: ver 8.6 (recommended in https://www.python.org/download/mac/tcltk)

PATH: /Library/Frameworks/Python.framework/Versions/3.9/bin

tlarkin · ‎01-21-2021

gotcha so that installs Python into the system path, which we avoid here. when you call your code you have to ensure you are using the env you mean vs system defaults. So, we ship our own py3 env to /opt/myorg/bin/python3 and keep it out of standard path. This may not even be an issue for you, but thought it was worth to at least bring up

ryonriley · ‎01-22-2021

@tlarkin Great point, and your reply ultimately helped me figure out the solution. I'm starting to think that we should ship our own as well. I finally got this script to work after a ton of iterations. What I had to do was:

Change python env on the script to my local, #!/usr/local/bin/python3
Install the pyobjc module and import it into my script, import objc
Import the SSL module, import ssl
Allow untrusted certs for the Jamf API calls by adding this to my httplib requests: context=ssl._create_unverified_context()

After all of that, success:

Thank you (and everyone else) for helping me figure this out!

tlarkin · ‎01-25-2021

@ryonriley yeah that httplib thing can be annoying but this is due to trust stores, and Python has its own trust store. Just like java does, macOs does, Windows does, and some browsers do as well. You can add root certs to your env's trust store but not sure I would go that route personally. I feel there are risks in that regard.

For what it is worth I wrote a blog post on how we ship our own py3 env here at my org, found here

ryonriley · ‎01-26-2021

@tlarkin Amazing. I was just talking to my team about shipping our own py3 this morning, so that was going to be my next question. Thank you!

tlarkin · ‎01-26-2021

@ryonriley I have been shipping my own for about 2 years now. Python 3 objc bridge xattr + request. we also keep our py3 env out of standard $PATH on purpose

Python script error: "Script result: macOS 11 or later required !"