Help

Script to call a couple of policies. How can I check if jamf is currently running a policy?

bpavlov
Honored Contributor

Posted on ‎01-20-2016 10:24 AM

The short of it is that I have to create a custom script outside of Casper that I will be manually launching. I've tried using a script within Casper via a policy to do what I want, but it just doesn't run the script correctly and install the software. I will attempt this at some point in the future, but I figured for now I can create a script that doesn't exist in the JSS to do what I need. The script I've created will call two policies via the command: "jamf policy -event "CustomTriggerName"

This works great so long as there isn't a policy currently running. However, if a policy is running this causes the script to skip that command which causes the rest of the script to fail.

I'm wondering how others have dealt with this. I imagine a loop that checks for the process "jamf" and waits until it goes away except that "jamf" is always running. I could of course force "sudo killall "jamf" but I don't want to kill any policy running in the background either.

I'm open to ideas/suggestions.

0 Kudos
Reply
3 REPLIES 3

davidacland
Honored Contributor II

Posted on ‎01-20-2016 11:22 AM

I would either:

  • Check the exit code and retry in 60-90 seconds if it's the one for "policy already running", or
  • Grep the output and see if it matches the string for "policy already running" and retry in 60-90 seconds if it does
0 Kudos
Reply

mm2270
Legendary Contributor III

Posted on ‎01-20-2016 11:24 AM

As far as I can tell, when the jamf binary is "busy" either running an existing policy, or if its in its random delay mode waiting to run, both conditions that could cause an issue since you can't tell it to run another policy while in either state, it looks something like this on the command line

ps axww | grep [j]amf | grep "/usr/local/jamf/bin/jamf policy"
   640     ??   Ss       0:00:15   /usr/local/jamf/bin/jamf policy -randomDelaySeconds 300

IOW, if you use ps and grep for /usr/local/jamf/bin/jamf policy, it should show up when its running any kind of policy or waiting to run one. You might be able to use that and do a loop and wait until that condition is no longer true to continue.

0 Kudos
Reply

bpavlov
Honored Contributor

Posted on ‎01-20-2016 11:31 AM

I really need to read up on ps a bit more. I'm so used to using 'ps -axc' and it works well for most things I do.

Someone (chalcahuite) on Slack also gave me this to try: https://macadmins.slack.com/archives/jamfnation/p1453316174023870

if [[ $(jamf policy; echo $?) -eq 0 ]];
    echo "jamf not running policies"
    do stuff
else
    echo "jamf is busy. try again later."
fi

Thanks for the brainstorming. I've got a few things I could try now.

0 Kudos
Reply