Jamf Nation Community

~ probably unreliable as a method of getting currently logged in user.

~ doesn't parse correctly when run from Casper I believe.

You need to specify the user.
There are a couple of methods to do it, I prefer using the LaunchAgent myself, then ~ should parse correctly.

Another way would be to use a variable to define the user

e.g.

user=`ls -l /dev/console | cut -d " " -f 4`
hdiutil create -size 75m -fs HFS+ -volname Adobe_LightRoom /Users/"$user"/Pictures/Adobe_LightRoom.dmg

Edit:
Actually, you should be able to use $3 if it's a log in policy. $3 is a pre-defined variable of the current user, I believe this only works either on log-in or from Self Service..

hdiutil create -size 75m -fs HFS+ -volname Adobe_LightRoom /Users/"$3"/Pictures/Adobe_LightRoom.dmg

Thanks for the help everyone. Ended up having to write up some Applescript and get it to run via the LaunchAgent

@SMC

When I need to perform operations like this I'd generally do something along the lines of:

CURRUSER=$(who | grep console | head -n 1 | awk '{print $1}')
sudo -u "$CURRUSER" hdiutil create -size 75m -fs HFS+ -volname Adobe_LightRoom /Users/"$CURRUSER"/Pictures/Adobe_LightRoom.dmg

This actually runs the hdiutil command as the user and so deals with permissions on the DMG at the same time.

Hi @danf_burberry

When I run that script in terminal as the logged on user, it works however I run that script as a logon script via casper as still get 'Script result: hdiutil: create failed - Invalid argument'

I tested my post above and can confirm using $3 does work.
Creating a script with

hdiutil create -size 75m -fs HFS+ -volname Adobe_LightRoom "/Users/$3/Pictures/Adobe_LightRoom.dmg"

Then adding it to the policy with a login trigger does successfully create the .dmg

@danf_burberry

So it does seem to work when I try to create that DMG on the Shared folder under Users but not working for the user's Pictures location as I have that folder as well as Movies, Music, etc all Sym linked to an AFP share.

Why would that be the case? Could it be related to permissions?

@SMC I was wondering if 'hditutil' has a problem with symlinks, but then I suddenly thought about that AFP share.

How is this being mounted and when? I suspect that it is not yet mounted by the time the script runs and therefore the symlink is broken.

You'd need to test for the share being mounted before trying to create the DMG

@danf_burberry

You're definitely correct on that one! I'm thinking I might have to incorporate that into my Applescript LaunchAgent.

@SMC Out of curiosity, why are you symlinking them? From experience symlinks can confuse the hell out of some badly coded applications (Avid for instance, although I have not tested it recently). Layer this on top of the file system being a network one and possibly 'going away' unexpectedly and you may have a slightly painful experience on your hands.

Is this a newly architected solution? Any reason not to just use network or synced mobile homes instead?

@danf_burberry I wanted to keep Microsoft and Mac data separate and I also don't have the file server capacity to support the new Mac environment data storage. I had to use an existing NAS which I've mounted as a iSCSI LUN drive to the mac server and share from that.

When considering the end users are high school students, I wanted to make the setup as easy as possible and reminding students to continually backup their data manually is pretty much out of the question.

I did initially have a few issues with some applications but I've gotten around these and so far so good for the main applications that the students use.

@SMC What happens when they use the machine offsite/offnetwork and fire up say Lightroom or iPhoto?

Anytime I need to run something as the user from Casper I use the below framework. It's worked for me in almost every case.

loggedInUser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`
declare -x LoginWindowPID="$(/bin/ps -axww | /usr/bin/grep loginwindo[w] | /usr/bin/awk '/console/{print $1;exit}')"
/bin/launchctl bsexec "${LoginWindowPID:?}" /usr/bin/sudo -u "$loggedInUser" COMMAND GOES HERE

@danf_burberry The lab machines are always connected to the network either via Ethernet or wireless.