Posted on 07-24-2013 01:56 PM
Hello,
I'm working on a script which will allow you to copy files/folders to an end user's Mac. I've noticed that scripts which error out are flagged in red in the logs for the policy. What determines if a script errored out and is there anyway to force that?
In this script I run a check to see if the destination path exists. If it does not, the script terminates with a non-zero exit code. When such an event occurs I'd like it highlighted as a Problem so that I can see which machines did not successfully copy a file. After testing it a few times on a machine where I knew the destination path did not exist, the logs were marked as successful even though the exit code was non-zero.
Solved! Go to Solution.
Posted on 07-24-2013 02:04 PM
This question came up recently in a Feature Request thread. While I don't know all the keywords the jamf binary will look for to determine a failure, I know "error" is one of them. These get read from stdout, which would include anything that gets echoed back in a shell script, as an example.
So the trick then is to use that exit status of your script, and if its not "0", do something like:
echo "error: script failed"
As long as its being echoed out with a keyword the jamf binary will see, it should correctly identify it as an unsuccessful script run.
Edit: I just ran a couple of quick tests with a bogus script that simply echoed out a variable $4 assigned to the script. "failed" and "failure" also both get picked up by the policy as a problem. When I enter "passed" as the variable to echo, it shows as a successful run.
So so far, error, failed, and failure are 3 keywords you can use when checking exit status and reporting it back. I'm not sure what other keywords it might look for though, but those 3 should be enough.
Posted on 07-24-2013 02:04 PM
This question came up recently in a Feature Request thread. While I don't know all the keywords the jamf binary will look for to determine a failure, I know "error" is one of them. These get read from stdout, which would include anything that gets echoed back in a shell script, as an example.
So the trick then is to use that exit status of your script, and if its not "0", do something like:
echo "error: script failed"
As long as its being echoed out with a keyword the jamf binary will see, it should correctly identify it as an unsuccessful script run.
Edit: I just ran a couple of quick tests with a bogus script that simply echoed out a variable $4 assigned to the script. "failed" and "failure" also both get picked up by the policy as a problem. When I enter "passed" as the variable to echo, it shows as a successful run.
So so far, error, failed, and failure are 3 keywords you can use when checking exit status and reporting it back. I'm not sure what other keywords it might look for though, but those 3 should be enough.
Posted on 07-24-2013 02:29 PM
Another option using logging....
Add variable to script:
packagename="mypackage"
...and...
#-------------------------------------------------------
# Logging
#-------------------------------------------------------
logFile="/private/var/log/"$packagename".log"
log () {
echo $1
echo $(date "+%Y-%m-%d %H:%M:%S: ") $1 >> $logFile
}
Add log commands to capture the errors...then peruse /private/var/log/mypackage.log file for errors.
Don
Posted on 07-24-2013 02:33 PM
or write to syslog
logger "my message"
tail -1 /var/log/system.log
Jul 24 15:32:17 HPES-nesstodd nesstodd[60009]: my message
Posted on 07-24-2013 02:42 PM
mm2270's suggestion worked.
I liked the other two as well, something to keep handy for future use, but in this instance they wouldn't work since logging to a local file would then require going into each machine individually and reviewing the log or running an additional script to fetch the log and store it on a central server.
Thanks everyone!
Posted on 07-24-2013 02:59 PM
Here is the script if anyone's interested.
#!/bin/sh
##############################################################
# NAME
# fileCopy.sh -- Copy files and folders from CasperShare/Files to end user's hard drive.
#
# SCRIPT PARAMETERS
#
# $1 - mountPoint $2 - Computer Name $3 - Username
# -------
# $4 - Name of the file/directory to copy
# $5 - Path that you're copying to
#
##############################################################
#
# VARIABLES & PARAMETERS
#
##############################################################
sourceFile=$4
destPath=$5
sourcePath="/Volumes/CasperShare/Files"
##############################################################
#
# SCRIPT CONTENTS
#
##############################################################
# Check to see if source file/folder exists
if [ ! -f "$sourcePath/$sourceFile" ] && [ ! -d "$sourcePath/$sourceFile" ]; then
echo "Error: SOURCE does not exist!";
exit 1
fi
# Check if source folder is a file, else it's a directory
if [ -f "$sourcePath/$sourceFile" ]; then
if [ ! -d "$destPath" ]; then
echo "Error: Destination path does not exist!";
exit 1
fi
# Check if file already exists to prevent over-writing.
if [ -f "$destPath/$sourceFile" ]; then
echo "Error: Destination path already contains FILE "$sourceFile"";
exit 1
fi
echo "Copying FILE "$sourceFile" to "$destPath"";
cp "$sourcePath/$sourceFile" "$destPath";
chmod 777 "$destPath/$sourceFile";
else
if [ ! -d "$destPath" ]; then
echo "Error: Destination path does not exist!";
exit 1
fi
# Check if folder already exists to prevent over-writing.
if [ -d "$destPath/$sourceFile" ]; then
echo "Error: Destination path already contains DIRECTORY "$sourceFile"";
exit 1
fi
echo "Copying DIRECTORY "$sourceFile" to "$destPath"";
cp -R "$sourcePath/$sourceFile" "$destPath";
chmod -R 777 "$destPath/$sourceFile";
fi
exit 0
Posted on 08-25-2015 04:03 PM
I want my script, when it fails, to show as a fail in the Logs list AND to send JAMF Error message. I have my Email notifications set to notify me when: Error occurs when policy runs
I put in my script:
echo "error: script failed"
exit 1
The log shows it as a failure, but it doesn't send a JAMF Error Message. Any way to do that?
Posted on 09-29-2016 06:24 AM
Hi ,
JAMF has mentioned in release notes that now policy logs takes the script exit value. I have a script to run after which has if else statement but if I use "exit 1" the policy log still shows as success. the policy should fail based on the exit 1 value in the else statement of the script.
Thanks & Regards,
Karthikeyan
Posted on 01-25-2018 11:35 AM
exit 1
and echo "something something failure"
do not currently make a policy fail on Jamf Pro 10
Posted on 01-25-2018 11:43 AM
Jamf support told me to go to Jamf Nation to find out about how to get their product's policies to recognize Bash exit codes. Anyone able to figure out how to do this in Jamf 10?
Posted on 01-25-2018 02:37 PM
I wonder if having the script kill itself would do it...
Posted on 01-25-2018 02:54 PM
I suppose you could do a kill $$
or pipe to a die
function or something, but that's designing around the problem I think. I could have sworn the JSS could tell at least whether a script within a policy was 0 or 1
Posted on 01-26-2021 02:39 PM
-- (wrong account)
Posted on 01-26-2021 02:41 PM
@krispayne, did you figure out how to make a policy exit early?
Thanks!