Posted on 09-26-2017 04:16 PM
Hi all
I'm trying to create a policy in self service which displays a dialogue box with the computer's current IP address or addresses.
Having done a bit of reading around, the way JAMF runs AppleScript as the root user can cause issues getting the results to the currently logged-in user.
My script below runs the script in bash as the currently logged in user, and I have tested it to work fine in Mac OSX as a script.sh file, but when I try to run it in JAMF I get nothing, the JAMF log simply says:
Executing Policy Network Status
Wed Sep 27 11:58:29 MacBook Pro jamf[18349]: Checking for policy ID 852...
#!/bin/sh
currentUser=$( ls -l /dev/console | cut -d " " -f4 )
sudo -u $currentUser osascript <<EOD
tell application "System Events"
delay 0
set myIPAddress to (do shell script "ifconfig | grep 'inet ' | grep -v 'inet 127' | cut -c1-21")
display dialog "IP Address Details: " & myIPAddress
end tell
EOD
Am I missing something obvious here? Any help would be greatly appreciated.
Thanks,
Sebastian.
Solved! Go to Solution.
Posted on 09-26-2017 09:18 PM
I wrote this years and years ago as a POC for someone else when at a previous job. Your post reminded me of it. Note it isn't very pretty and I would probably rewrite it, but I just ran it on my 10.12.6 box as root and it worked.
bash-3.2# whoami
root
bash-3.2# bash /Users/tlarkin/Documents/scripts/network_info.sh
button returned:OK
artisan shell script:
#!/bin/bash
# dispaly information to end user
# set IFS for new line
# use unset IFS to reset it to default value
IFS=$'
'
# get list of networkservices exlcuding disabled services
NetServices=$(networksetup -listallnetworkservices | grep -v '*')
for service in ${NetServices} ; do
netservinfo=$(networksetup -getinfo ${service} | awk '/IP address:/ { gsub("[a-z]", ""); print $3 }' | sed 's/://g')
if [[ "${netservinfo}" != '' ]]
then echo "${service} is currently assigned: ${netservinfo}" >> /tmp/netinfo.txt
fi
done
# applescript to display dialog
osascript <<AppleScript
tell application "Finder"
activate
display dialog "Your Network Information is:
$(cat /tmp/netinfo.txt)" buttons {"OK"} default button 1
end tell
AppleScript
unset IFS
# clean our temp file
rm /tmp/netinfo.txt
Note that this probably isn't the right or even an elegant solution but hopefully it can maybe help you kick around some ideas. I have not tested this in the Jamf Pro Server either, but only locally as the root
user on my box.
edit - forgot good old screen shot
Posted on 09-27-2017 07:12 AM
Yeah, no issue with the way the script is set up. It's totally valid to use a bash script with Applescript (osascript) inside it. Just as it's possible to call shell commands inside an Applescript.
@sebastiannz I don't think it's necessary to call the Applescript display dialog portion as the user. The only time I've seen it necessary to run AS stuff as the user is if the dialog mode requires user interaction, such as a choose from list or enter text field style window. If it's a standard window with a message and some buttons, it usually works fine when run as root. I say *usually* because there doesn't seem to be an exact science to this, so test that out and don't just take my word for it.
The only other thing I would change is to get the IP address in the shell portion and simply echo that back in the Applescript to create an Applescript variable. For example.
#!/bin/bash
CurrentIP=$(ipconfig getifaddr $(/usr/sbin/netstat -rn -f inet | awk '/default/{print $NF; exit}'ipaddr))
/usr/bin/osascript <<EOF
set myIPAddress to do shell script "echo $CurrentIP"
tell app "System Events"
activate
display dialog "IP Address Details: " & myIPAddress buttons {"OK"} default button 1
end tell
EOF
You can swap out the shell command for CurrentIP
above for the one you have if you want. There's not a big difference in them. The above is just something I picked up from another script I wrote a while back.
Posted on 09-26-2017 09:18 PM
I wrote this years and years ago as a POC for someone else when at a previous job. Your post reminded me of it. Note it isn't very pretty and I would probably rewrite it, but I just ran it on my 10.12.6 box as root and it worked.
bash-3.2# whoami
root
bash-3.2# bash /Users/tlarkin/Documents/scripts/network_info.sh
button returned:OK
artisan shell script:
#!/bin/bash
# dispaly information to end user
# set IFS for new line
# use unset IFS to reset it to default value
IFS=$'
'
# get list of networkservices exlcuding disabled services
NetServices=$(networksetup -listallnetworkservices | grep -v '*')
for service in ${NetServices} ; do
netservinfo=$(networksetup -getinfo ${service} | awk '/IP address:/ { gsub("[a-z]", ""); print $3 }' | sed 's/://g')
if [[ "${netservinfo}" != '' ]]
then echo "${service} is currently assigned: ${netservinfo}" >> /tmp/netinfo.txt
fi
done
# applescript to display dialog
osascript <<AppleScript
tell application "Finder"
activate
display dialog "Your Network Information is:
$(cat /tmp/netinfo.txt)" buttons {"OK"} default button 1
end tell
AppleScript
unset IFS
# clean our temp file
rm /tmp/netinfo.txt
Note that this probably isn't the right or even an elegant solution but hopefully it can maybe help you kick around some ideas. I have not tested this in the Jamf Pro Server either, but only locally as the root
user on my box.
edit - forgot good old screen shot
Posted on 09-27-2017 12:19 AM
The obvious thing I see is that you have a shell script in which you are using a mix of shell and applescript commands. I don't think the shell knows about 'tell' and 'display'. You should make up your mind whether you want to use a shell script (#!/bin/sh; shell commands) or an applescript (#!/usr/bin/osascript; applescript commands).
Hope this helps,
Matthias
Posted on 09-27-2017 06:02 AM
@mschroder They way he's doing it is fine. He's using bash to get the current logged in user and then telling bash to use applescript until it sees EOD in the file.
Posted on 09-27-2017 07:12 AM
Oops, you are right, I did not see the redirection. I blame it on massive lack of coffee.
Posted on 09-27-2017 07:12 AM
Yeah, no issue with the way the script is set up. It's totally valid to use a bash script with Applescript (osascript) inside it. Just as it's possible to call shell commands inside an Applescript.
@sebastiannz I don't think it's necessary to call the Applescript display dialog portion as the user. The only time I've seen it necessary to run AS stuff as the user is if the dialog mode requires user interaction, such as a choose from list or enter text field style window. If it's a standard window with a message and some buttons, it usually works fine when run as root. I say *usually* because there doesn't seem to be an exact science to this, so test that out and don't just take my word for it.
The only other thing I would change is to get the IP address in the shell portion and simply echo that back in the Applescript to create an Applescript variable. For example.
#!/bin/bash
CurrentIP=$(ipconfig getifaddr $(/usr/sbin/netstat -rn -f inet | awk '/default/{print $NF; exit}'ipaddr))
/usr/bin/osascript <<EOF
set myIPAddress to do shell script "echo $CurrentIP"
tell app "System Events"
activate
display dialog "IP Address Details: " & myIPAddress buttons {"OK"} default button 1
end tell
EOF
You can swap out the shell command for CurrentIP
above for the one you have if you want. There's not a big difference in them. The above is just something I picked up from another script I wrote a while back.
Posted on 09-27-2017 08:32 PM
Thank you everyone for all your responses! @mm2270 your alterations to my script worked a treat, thank you!
Also @tlarkin thankyou for your sophisticated script. I gave it a go and it worked a treat, all I'll need to do is remove interfaces such as Bluetooth DUNs or iPhone USB interfaces that might be present on some machines with grep and it'll be perfect for my needs.
Everyone's time has been very much appreciated.
Thanks again,
Sebastian.