I'm trying to run a policy from Jamf Pro Cloud in which the policy will either fire off a unix command and send it to the background and not wait for a response so Jamf can finish executing the rest of the policy.
In all cases Jamf waits for a result and will not finish the policy which means that after a reboot, the policy runs again and again since it never realizes it previously succeeded.
Any insight would be greatly appreciated. Thank you.
Andrew W. Johnson
Sr. Macintosh Systems Administrator
DoIT / Computing Services
Stony Brook University
You could possibly try putting it all in 2 scripts, use the first script to send custom triggers to Jamf to run your policies, and also in the script set it to run your background script, have this as another script, it should be set up locally. Then when you run it and put the & after the line, your policy script will continue as planned and reach a conclusion.
sh /Path/to/secondary/script.sh & /usr/local/bin/jamf policy --trigger Policy1 /usr/local/bin/jamf policy --trigger policy2
This way the policies will run in order, and the secondary script can do its thing.
I use composer to package up some scripts and put them in a temp location, so that I can refer to them and run them locally. If your secondary script is really short, then you can have your main script build it, save it and give it permissions to execute, then it can run it. You can even have it cleaned up by the main script. So long as it is a totally separate script instance, and running locally, the main script is saying run this script, and reports that it has done that. So your main script should reach a successful conclusion regardless of the secondary script.
There are a lot of ways to do things with JAMF. I have been using it for a long time now and I am still learning new things.
Running your command as a line in the script with the & after it still means it is a part of that script, and it can't complete the process until the line completes.
Running it as a secondary script, means the open or the sh command does that and gets a completion of the open or sh command. Your script will complete its process completely. And therefore your policy should complete.
Using the custom triggers is a simple way to launch a sequence of policies in a fixed order.
You can take it a step further and use if statements and then choose policy A or policy B to run. Very helpful when you have apps for M1 macs and a different installer for Intel Macs, like the Adobe ones.
Always lots to think about.